Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/Gihp90BLdDhNQ-VH7ubeLoxjE0o.roa
File: Gihp90BLdDhNQ-VH7ubeLoxjE0o.roa (raw, json)
Hash identifier: dQzr+bTY9jmYVYrTSdHQX/FMtFSUQ6rHZacpUtko1ls=
Subject key identifier: 1A:28:69:F7:40:4B:74:38:4D:43:E5:47:EE:E6:DE:2E:8C:63:13:4A
Certificate issuer: /CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Certificate serial: 018E86DC8E149C8EB5EC3530B9524F769233
Authority key identifier: 0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/Gihp90BLdDhNQ-VH7ubeLoxjE0o.roa
Signing time: Thu 28 Mar 2024 20:59:44 +0000
ROA not before: Thu 28 Mar 2024 20:59:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206236
IP address blocks: 45.14.232.0/22 maxlen: 22
195.245.66.0/24 maxlen: 24
2a0e:1580::/29 maxlen: 29
2a10:1a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:dc:8e:14:9c:8e:b5:ec:35:30:b9:52:4f:76:92:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Validity
Not Before: Mar 28 20:59:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a2869f7404b74384d43e547eee6de2e8c63134a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:df:5b:d5:c0:8a:c5:07:37:bc:4b:82:7c:b0:
25:fd:59:c7:09:d4:1a:58:85:df:bd:f5:f0:13:22:
94:4c:8a:0e:8b:59:05:b7:0a:e3:16:2f:b8:6d:e0:
a2:96:f8:44:eb:d9:4a:be:15:4b:ad:ab:d8:44:d5:
19:5f:8a:03:7f:c0:94:ba:d6:37:38:6b:3c:5d:75:
1c:0b:b8:28:99:af:79:ef:69:af:09:c8:5e:80:ce:
7b:2b:36:8c:0e:50:a7:a4:0b:df:7a:3e:10:85:a8:
0c:32:cb:ed:ca:3a:3b:96:f6:12:b8:31:15:2a:85:
e8:44:21:36:85:9b:90:b3:fe:bf:8e:b5:e9:68:98:
dc:39:20:3b:96:89:20:52:58:c7:7e:08:8d:36:e3:
34:e1:ee:ea:b9:c9:38:92:99:b3:91:8c:d6:65:e2:
72:64:0e:bc:9b:91:8a:fe:e8:82:4d:80:8e:29:be:
c3:21:99:e1:a3:5f:86:f4:59:fc:40:98:f0:d8:66:
03:8d:95:cc:9d:8e:07:d3:4c:7e:39:dc:fd:fe:70:
75:35:2d:1d:72:5e:10:de:ca:9f:63:23:da:96:52:
0f:16:02:4f:50:f3:6d:b3:ab:68:be:ab:36:dd:23:
36:4a:9e:ab:b7:4c:81:e9:ac:3a:79:7d:d9:6e:47:
29:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:28:69:F7:40:4B:74:38:4D:43:E5:47:EE:E6:DE:2E:8C:63:13:4A
X509v3 Authority Key Identifier:
keyid:0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/Gihp90BLdDhNQ-VH7ubeLoxjE0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.232.0/22
195.245.66.0/24
IPv6:
2a0e:1580::/29
2a10:1a40::/29
Signature Algorithm: sha256WithRSAEncryption
87:61:84:a7:99:dd:a2:b6:30:c6:f8:a3:96:1d:12:fa:ae:fe:
4c:41:57:43:ad:3a:5d:20:ee:38:43:f0:b8:d6:2b:80:35:19:
cb:cc:3a:3a:d2:c4:2a:03:a0:3c:02:bd:5c:cd:50:ed:00:16:
0f:db:c5:db:e2:10:a5:ff:b0:c6:44:39:4f:5e:18:ee:63:13:
8f:72:54:54:d6:51:d9:e1:4b:6f:21:47:d6:b0:09:a4:27:85:
d0:25:e1:f8:a2:e7:e0:e1:80:9f:da:22:ea:99:3a:55:ec:54:
f6:d8:c2:6c:b0:49:32:ac:a2:2d:4c:3d:2b:82:a0:12:e2:60:
c1:1f:5b:8b:a6:a6:42:b7:ae:b4:50:71:45:49:62:9d:cb:5e:
80:08:a9:f2:9d:67:de:f0:d0:26:70:fc:52:a6:2a:7f:91:ef:
6d:5d:70:71:69:b2:87:fe:9b:75:43:e5:fb:41:68:f7:af:d6:
23:b4:01:9b:67:41:d1:3c:a7:de:c4:1d:b8:b9:92:39:d3:c9:
6c:d2:0f:64:e4:78:df:75:88:df:c3:b3:ab:cd:71:84:86:d5:
53:af:11:e9:e2:6d:92:79:c0:27:9e:91:c9:f4:4d:c5:cb:70:
b2:36:1c:d9:08:8b:e0:1e:ff:d2:08:03:02:7d:72:22:e3:4d:
3c:15:24:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY6G3I4UnI617DUwuVJPdpIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWJjZWU0ZDIzMzc5YWVkODFhZWNmZmM3YTc0MmIzNWFj
ZGRkYjMwHhcNMjQwMzI4MjA1OTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI4NjlmNzQwNGI3NDM4NGQ0M2U1NDdlZWU2ZGUyZThjNjMxMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm99b1cCKxQc3vEuCfLAl/VnHCdQa
WIXfvfXwEyKUTIoOi1kFtwrjFi+4beCilvhE69lKvhVLravYRNUZX4oDf8CUutY3
OGs8XXUcC7goma9572mvCchegM57KzaMDlCnpAvfej4QhagMMsvtyjo7lvYSuDEV
KoXoRCE2hZuQs/6/jrXpaJjcOSA7lokgUljHfgiNNuM04e7quck4kpmzkYzWZeJy
ZA68m5GK/uiCTYCOKb7DIZnho1+G9Fn8QJjw2GYDjZXMnY4H00x+Odz9/nB1NS0d
cl4Q3sqfYyPallIPFgJPUPNts6tovqs23SM2Sp6rt0yB6aw6eX3ZbkcpywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBooafdAS3Q4TUPlR+7m3i6MYxNKMB8GA1UdIwQY
MBaAFAvrzuTSM3mu2Brs/8enQrNazd2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUt
OTlhMTFmNjM4NWFiLzEvR2locDkwQkxkRGhOUS1WSDd1YmVMb3hqRTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUtOTlhMTFmNjM4NWFi
LzEvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLQ7oAwQA
w/VCMBQEAgACMA4DBQMqDhWAAwUDKhAaQDANBgkqhkiG9w0BAQsFAAOCAQEAh2GE
p5ndorYwxvijlh0S+q7+TEFXQ606XSDuOEPwuNYrgDUZy8w6OtLEKgOgPAK9XM1Q
7QAWD9vF2+IQpf+wxkQ5T14Y7mMTj3JUVNZR2eFLbyFH1rAJpCeF0CXh+KLn4OGA
n9oi6pk6VexU9tjCbLBJMqyiLUw9K4KgEuJgwR9bi6amQreutFBxRUlinctegAip
8p1n3vDQJnD8UqYqf5HvbV1wcWmyh/6bdUPl+0Fo96/WI7QBm2dB0Tyn3sQduLmS
OdPJbNIPZOR433WI38Ozq81xhIbVU68R6eJtknnAJ56RyfRNxctwsjYc2QiL4B7/
0ggDAn1yIuNNPBUkKg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:55 2024 by rpki-client on console-fra.rpki-client.org