Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/GzW0X6Mgnp35ylXkJIeQycZbrmM.roa
File: GzW0X6Mgnp35ylXkJIeQycZbrmM.roa (raw, json)
Hash identifier: Kw44KpFlBgtl2P1b0maZ6kwZ9czxbTnhk0qb6rD/Wbw=
Subject key identifier: 1B:35:B4:5F:A3:20:9E:9D:F9:CA:55:E4:24:87:90:C9:C6:5B:AE:63
Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a
Certificate serial: 018CC56EB6866BE151F038ACE4DE6FB644B6
Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/GzW0X6Mgnp35ylXkJIeQycZbrmM.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49475
IP address blocks: 185.246.156.0/22 maxlen: 22
2a0d:8780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b6:86:6b:e1:51:f0:38:ac:e4:de:6f:b6:44:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b35b45fa3209e9df9ca55e4248790c9c65bae63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:8d:54:bf:ac:33:a9:cf:f9:7e:15:25:73:
b3:48:7e:99:17:60:4d:1d:f9:e1:90:8b:93:b3:aa:
bf:4f:2d:fb:db:7e:ef:0d:a7:b3:ec:ea:9a:05:8f:
64:e1:35:f2:03:48:1d:d4:bb:30:b6:77:87:76:df:
b3:f1:e7:a6:4f:ce:81:54:7b:dc:a6:3b:ff:3f:7c:
7f:61:57:eb:f2:10:71:15:fd:01:0a:9b:29:52:60:
55:05:25:56:eb:f3:c5:1e:e4:6a:b5:5e:8e:0b:ba:
a1:1b:cb:15:1f:a5:87:eb:e3:db:87:15:ab:e8:9a:
59:1f:1c:e7:aa:b3:06:93:10:0d:6a:fc:5d:75:cc:
b1:48:f4:9a:08:96:1b:89:de:98:96:5f:37:09:d8:
18:fb:56:19:77:10:68:7c:ff:19:2d:40:54:cd:c3:
22:95:a9:32:5c:c8:71:5c:f3:b5:f2:29:c1:22:f8:
18:db:2e:4d:ab:c8:6a:a2:45:8f:69:b5:08:bd:66:
20:2e:1a:69:49:e0:45:1f:91:ca:ee:d3:14:84:ee:
ae:56:2d:fd:e7:d6:4d:d4:11:62:63:23:ce:c5:ac:
28:ab:fb:b4:da:91:79:99:ef:87:26:46:35:9e:03:
e2:9f:18:94:63:59:14:16:14:d3:07:35:e9:60:37:
f8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:35:B4:5F:A3:20:9E:9D:F9:CA:55:E4:24:87:90:C9:C6:5B:AE:63
X509v3 Authority Key Identifier:
keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/GzW0X6Mgnp35ylXkJIeQycZbrmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.156.0/22
IPv6:
2a0d:8780::/29
Signature Algorithm: sha256WithRSAEncryption
53:45:0b:e5:70:53:ab:80:b7:71:67:8d:b8:00:74:ff:70:04:
ab:ad:c4:80:17:ac:96:d3:07:64:39:1d:2d:1d:95:41:6c:29:
4f:fd:bd:95:2b:e6:ca:20:0b:c1:86:8f:42:fd:b5:9a:ab:a5:
8c:b5:1a:14:95:3d:45:70:5c:64:ec:50:fd:a0:a3:85:2c:7b:
19:84:9e:27:81:53:a4:0d:df:a5:3f:b2:90:e6:de:0e:95:1a:
04:bb:28:48:be:18:f5:64:fa:fb:e4:06:a6:6e:42:5a:d8:3a:
29:4e:b2:a0:6e:44:82:b1:a0:1c:a7:b8:0b:95:da:06:20:94:
95:26:99:3f:e3:9b:bf:5d:8a:a4:71:2d:d7:6f:61:4e:07:90:
0d:3c:1e:9a:f3:f2:3d:6c:fc:67:ee:a3:5b:52:d6:af:bf:f5:
22:d3:42:1c:8b:b4:7d:5b:f1:7b:38:20:44:45:34:e9:2a:3d:
54:58:a9:10:d9:5d:08:0e:9d:77:fc:24:87:8f:44:ab:4c:82:
26:fd:ed:b0:ae:75:fa:8c:75:51:b6:05:0a:74:65:47:4b:d2:
36:c7:b3:20:d8:3b:ef:66:81:96:0c:c3:9e:12:5a:94:cf:23:
a8:91:d1:41:df:9d:ad:e8:56:a8:00:dc:25:2c:c0:4a:99:9e:
04:cb:86:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbraGa+FR8Dis5N5vtkS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi
NTQxOWEwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM1YjQ1ZmEzMjA5ZTlkZjljYTU1ZTQyNDg3OTBjOWM2NWJhZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqeNVL+sM6nP+X4VJXOzSH6ZF2BN
HfnhkIuTs6q/Ty37237vDaez7OqaBY9k4TXyA0gd1LswtneHdt+z8eemT86BVHvc
pjv/P3x/YVfr8hBxFf0BCpspUmBVBSVW6/PFHuRqtV6OC7qhG8sVH6WH6+PbhxWr
6JpZHxznqrMGkxANavxddcyxSPSaCJYbid6Yll83CdgY+1YZdxBofP8ZLUBUzcMi
lakyXMhxXPO18inBIvgY2y5Nq8hqokWPabUIvWYgLhppSeBFH5HK7tMUhO6uVi39
59ZN1BFiYyPOxawoq/u02pF5me+HJkY1ngPinxiUY1kUFhTTBzXpYDf4xwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBs1tF+jIJ6d+cpV5CSHkMnGW65jMB8GA1UdIwQY
MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct
NzhjYjU5Yjc4YTRmLzEvR3pXMFg2TWducDM1eWxYa0pJZVF5Y1picm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm
LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufacMA0E
AgACMAcDBQMqDYeAMA0GCSqGSIb3DQEBCwUAA4IBAQBTRQvlcFOrgLdxZ424AHT/
cASrrcSAF6yW0wdkOR0tHZVBbClP/b2VK+bKIAvBho9C/bWaq6WMtRoUlT1FcFxk
7FD9oKOFLHsZhJ4ngVOkDd+lP7KQ5t4OlRoEuyhIvhj1ZPr75AambkJa2DopTrKg
bkSCsaAcp7gLldoGIJSVJpk/45u/XYqkcS3Xb2FOB5ANPB6a8/I9bPxn7qNbUtav
v/Ui00Ici7R9W/F7OCBERTTpKj1UWKkQ2V0IDp13/CSHj0SrTIIm/e2wrnX6jHVR
tgUKdGVHS9I2x7Mg2DvvZoGWDMOeElqUzyOokdFB352t6FaoANwlLMBKmZ4Ey4bL
-----END CERTIFICATE-----
Generated at Fri May 24 19:15:50 2024 by rpki-client on console-ams.rpki-client.org