Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/G4JuyZYJOVb95ggFIVVB3kgdbTU.roa
File: G4JuyZYJOVb95ggFIVVB3kgdbTU.roa (raw, json)
Hash identifier: x5mO0hFUJtRGz7QekKmzPAdWrCKr4MOHO5idroZj6eA=
Subject key identifier: 1B:82:6E:C9:96:09:39:56:FD:E6:08:05:21:55:41:DE:48:1D:6D:35
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 018CC94CC37204CB32AD1D3C200D0ED45D8A
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/G4JuyZYJOVb95ggFIVVB3kgdbTU.roa
Signing time: Tue 02 Jan 2024 08:31:40 +0000
ROA not before: Tue 02 Jan 2024 08:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203476
IP address blocks: 46.226.104.0/22 maxlen: 22
95.142.160.0/20 maxlen: 20
217.70.188.0/22 maxlen: 22
92.243.0.0/19 maxlen: 20
2001:4b98:dc6::/48 maxlen: 48
2001:4b98:dc4::/48 maxlen: 48
2001:4b98:dc5::/48 maxlen: 48
2001:4b99:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c3:72:04:cb:32:ad:1d:3c:20:0d:0e:d4:5d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 2 08:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b826ec996093956fde60805215541de481d6d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:3f:70:48:3c:60:fb:74:c6:56:4a:d2:8d:
dc:f5:e2:4e:63:c7:20:5f:22:08:6b:43:fa:be:f2:
8f:8b:bd:6b:58:05:45:76:1d:54:a2:c7:59:6b:c4:
c2:fb:3f:a3:e7:7b:d2:93:bc:64:97:d8:6f:0f:10:
b0:eb:cb:1b:06:2b:86:61:cb:0b:42:90:79:24:39:
0a:ac:c1:8e:3b:ed:2e:f7:5f:f9:a1:8c:32:94:89:
e7:84:12:d6:a7:84:09:c4:70:7e:e7:13:cf:77:d6:
ff:56:cc:e3:0e:73:f9:21:15:52:4a:bf:d5:55:8b:
62:aa:38:8a:e6:b4:02:45:91:94:da:e7:01:c3:10:
ec:96:b7:d8:56:c7:f6:a1:22:49:8a:2d:08:6a:c8:
68:9e:59:04:d2:c0:f0:d1:91:c4:71:5a:e1:f7:5d:
ff:d6:6b:93:57:66:10:c8:99:05:4b:88:16:b5:0a:
ca:d9:4b:a4:a5:13:09:e4:1d:ab:a5:89:d7:2c:87:
71:d1:c4:a3:e5:2d:01:d6:af:52:b0:1e:76:43:48:
73:7a:74:8b:dc:c5:78:c4:29:73:10:cf:84:cd:77:
1a:33:bd:b2:20:ef:f6:03:63:38:4a:b8:bc:6d:c8:
49:46:e2:17:6d:7e:2b:ac:ce:57:4c:23:8c:2e:31:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:82:6E:C9:96:09:39:56:FD:E6:08:05:21:55:41:DE:48:1D:6D:35
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/G4JuyZYJOVb95ggFIVVB3kgdbTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.104.0/22
92.243.0.0/19
95.142.160.0/20
217.70.188.0/22
IPv6:
2001:4b98:dc4::-2001:4b98:dc6:ffff:ffff:ffff:ffff:ffff
2001:4b99:1::/48
Signature Algorithm: sha256WithRSAEncryption
8f:2d:22:06:cc:35:c7:57:c4:d7:bb:5c:54:d8:36:a5:50:47:
03:8b:1c:ad:f8:a2:0b:94:d0:0b:3e:cf:fc:48:67:ab:b7:1e:
c4:8a:52:5d:a9:69:69:f4:c4:07:84:0c:33:9e:cd:28:87:f5:
e5:a1:aa:ce:40:36:a1:fe:5d:0c:5e:bc:28:59:af:94:70:24:
c2:23:b4:7a:4e:18:13:2f:d2:e8:9d:7f:01:df:7b:01:4b:82:
16:15:95:ca:c0:63:06:bd:d3:d2:ed:b6:18:4b:d9:be:dd:15:
15:00:ec:1f:c0:e7:1f:aa:40:26:99:e0:5e:f1:c9:65:14:45:
0d:ba:94:34:7d:30:ce:06:2a:17:a7:e7:19:79:a8:ac:a2:cf:
f3:8c:a7:0e:ce:db:4d:c3:b9:14:31:95:d7:b4:0c:2e:86:10:
e0:ae:48:41:05:57:1f:87:b2:fe:1f:cf:40:dd:5c:4b:1a:94:
97:78:30:7f:fd:5a:19:77:8e:a5:e8:eb:fe:f5:83:8e:8b:9d:
2e:02:66:36:53:55:55:1b:88:39:b0:a4:a2:bc:e7:37:b6:33:
2c:6f:d1:c5:e6:0a:6c:2b:2a:63:18:a2:33:cc:30:c7:a3:d6:
4c:75:4d:2c:74:17:5d:28:a8:b0:02:39:df:f8:6c:05:45:da:
31:62:fd:88
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzJTMNyBMsyrR08IA0O1F2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYTBlYzU5NTY0MzI0MjM3NDIwZDUwNmI5YjQ5OGQ3NTJl
ZTIxNjgwHhcNMjQwMTAyMDgzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjgyNmVjOTk2MDkzOTU2ZmRlNjA4MDUyMTU1NDFkZTQ4MWQ2ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaU/cEg8YPt0xlZK0o3c9eJOY8cg
XyIIa0P6vvKPi71rWAVFdh1UosdZa8TC+z+j53vSk7xkl9hvDxCw68sbBiuGYcsL
QpB5JDkKrMGOO+0u91/5oYwylInnhBLWp4QJxHB+5xPPd9b/VszjDnP5IRVSSr/V
VYtiqjiK5rQCRZGU2ucBwxDslrfYVsf2oSJJii0IashonlkE0sDw0ZHEcVrh913/
1muTV2YQyJkFS4gWtQrK2UukpRMJ5B2rpYnXLIdx0cSj5S0B1q9SsB52Q0hzenSL
3MV4xClzEM+EzXcaM72yIO/2A2M4Sri8bchJRuIXbX4rrM5XTCOMLjHuPwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFBuCbsmWCTlW/eYIBSFVQd5IHW01MB8GA1UdIwQY
MBaAFLyg7FlWQyQjdCDVBrm0mNdS7iFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMt
N2M1NDlmMWVkMTZjLzEvRzRKdXlaWUpPVmI5NWdnRklWVkIza2dkYlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMtN2M1NDlmMWVkMTZj
LzEvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAeBAIAATAYAwQCLuJoAwQF
XPMAAwQEX46gAwQC2Ua8MCMEAgACMB0wEgMHAiABS5gNxAMHACABS5gNxgMHACAB
S5kAATANBgkqhkiG9w0BAQsFAAOCAQEAjy0iBsw1x1fE17tcVNg2pVBHA4scrfii
C5TQCz7P/Ehnq7cexIpSXalpafTEB4QMM57NKIf15aGqzkA2of5dDF68KFmvlHAk
wiO0ek4YEy/S6J1/Ad97AUuCFhWVysBjBr3T0u22GEvZvt0VFQDsH8DnH6pAJpng
XvHJZRRFDbqUNH0wzgYqF6fnGXmorKLP84ynDs7bTcO5FDGV17QMLoYQ4K5IQQVX
H4ey/h/PQN1cSxqUl3gwf/1aGXeOpejr/vWDjoudLgJmNlNVVRuIObCkorznN7Yz
LG/RxeYKbCsqYxiiM8wwx6PWTHVNLHQXXSiosAI53/hsBUXaMWL9iA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:39 2024 by rpki-client on console-ams.rpki-client.org