Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/gkl3WLb7ljLuV2WdV7FivWhKNSU.roa
File: gkl3WLb7ljLuV2WdV7FivWhKNSU.roa (raw, json)
Hash identifier: zCn9wsLqALnlIF22/IxtEQOOoNyYzc/Q2AzvxIUNcKI=
Subject key identifier: 82:49:77:58:B6:FB:96:32:EE:57:65:9D:57:B1:62:BD:68:4A:35:25
Certificate issuer: /CN=612423536e51f94fabfc50acf944d798aacf403f
Certificate serial: 018CC26D01BD69BE667B591A6326065884B9
Authority key identifier: 61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/gkl3WLb7ljLuV2WdV7FivWhKNSU.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41766
IP address blocks: 193.37.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:bd:69:be:66:7b:59:1a:63:26:06:58:84:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612423536e51f94fabfc50acf944d798aacf403f
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82497758b6fb9632ee57659d57b162bd684a3525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:3c:65:bd:9c:87:9e:4e:cd:77:45:8b:9c:
6d:ff:cb:e6:e3:ed:11:47:1f:86:91:da:ab:19:54:
81:1c:57:ee:d5:ac:80:a0:ce:ea:cf:fe:cb:85:df:
e4:fd:d0:8a:2b:6e:78:2a:14:87:24:8a:1b:b7:a3:
d2:6f:7d:5d:17:89:7e:53:26:9c:2d:3c:20:4d:88:
7e:9f:92:f2:35:65:05:51:2f:2a:e9:b3:37:46:1e:
a3:0b:49:75:ea:83:85:cf:98:19:57:82:c6:ab:a5:
eb:4b:7c:6e:fa:f4:eb:a4:24:46:f1:5a:69:d0:ee:
ff:81:cc:d5:65:7d:b3:06:53:a0:11:8c:5f:61:5a:
2d:ed:ac:c0:ab:b7:fe:9a:6d:75:dd:68:45:2d:5d:
da:36:3e:19:cd:b2:7d:f7:ed:6a:07:38:17:e5:85:
b0:60:71:b2:61:3d:79:c0:1a:e9:10:b1:56:5f:dd:
10:27:63:fd:92:c1:9c:1e:8f:66:c5:d8:70:50:b3:
df:39:6a:a8:2d:7e:3b:38:8b:cf:89:1c:ea:4b:9b:
31:13:5c:50:b6:77:c0:17:74:7e:9f:1a:57:e0:22:
bd:49:3e:b2:4f:8f:3c:0e:92:4b:3d:0b:68:5f:ac:
60:d4:02:50:37:27:24:80:b8:66:08:3a:48:5e:1c:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:77:58:B6:FB:96:32:EE:57:65:9D:57:B1:62:BD:68:4A:35:25
X509v3 Authority Key Identifier:
keyid:61:24:23:53:6E:51:F9:4F:AB:FC:50:AC:F9:44:D7:98:AA:CF:40:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSQjU25R-U-r_FCs-UTXmKrPQD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/gkl3WLb7ljLuV2WdV7FivWhKNSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7b0ec7-9848-4163-ac1b-7b04d3597378/1/YSQjU25R-U-r_FCs-UTXmKrPQD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.147.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:69:24:b3:39:51:05:43:a2:7b:e9:37:e5:fd:4f:ba:44:8e:
f5:bb:35:56:a9:c4:7b:1f:1b:0e:cc:75:04:a4:b4:af:d2:63:
b8:ef:27:86:0a:2a:8b:b3:5b:28:e5:8f:b1:7d:5f:52:77:18:
ec:58:76:2d:79:b1:da:ed:c5:30:8a:ff:be:96:c4:a6:61:35:
74:06:1d:a0:bb:55:fe:49:9c:c1:2d:f3:33:69:6a:24:83:13:
01:0c:06:17:35:07:d6:36:8d:e3:67:ff:40:af:3a:4c:61:1a:
d3:47:f0:94:48:fc:20:e6:15:d3:97:8e:2d:da:05:9f:5f:41:
c3:f2:a5:67:bb:88:52:7a:e5:20:9d:ec:2e:c1:eb:83:0f:69:
f4:3e:e7:43:9c:4c:0a:af:94:78:a1:14:6c:84:bb:66:8b:18:
f2:26:07:f2:89:13:ac:8b:70:42:ed:7a:d1:e8:76:fe:8c:4c:
8d:62:03:0c:8d:88:df:bc:ea:3d:e1:13:88:aa:c2:ff:f3:07:
e4:7d:82:0a:d3:c5:a5:f5:e7:14:c1:90:19:d3:70:35:6d:c6:
9a:d1:b9:2e:dc:78:17:ac:aa:59:ef:54:4e:c3:d0:4c:68:25:
67:c1:d3:2a:db:8d:54:ed:9b:e8:49:c6:dc:52:54:c2:db:c8:
11:71:ab:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQG9ab5me1kaYyYGWIS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMjQyMzUzNmU1MWY5NGZhYmZjNTBhY2Y5NDRkNzk4YWFj
ZjQwM2YwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ5Nzc1OGI2ZmI5NjMyZWU1NzY1OWQ1N2IxNjJiZDY4NGEzNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia08Zb2ch55OzXdFi5xt/8vm4+0R
Rx+GkdqrGVSBHFfu1ayAoM7qz/7Lhd/k/dCKK254KhSHJIobt6PSb31dF4l+Uyac
LTwgTYh+n5LyNWUFUS8q6bM3Rh6jC0l16oOFz5gZV4LGq6XrS3xu+vTrpCRG8Vpp
0O7/gczVZX2zBlOgEYxfYVot7azAq7f+mm113WhFLV3aNj4ZzbJ99+1qBzgX5YWw
YHGyYT15wBrpELFWX90QJ2P9ksGcHo9mxdhwULPfOWqoLX47OIvPiRzqS5sxE1xQ
tnfAF3R+nxpX4CK9ST6yT488DpJLPQtoX6xg1AJQNyckgLhmCDpIXhzbQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJJd1i2+5Yy7ldlnVexYr1oSjUlMB8GA1UdIwQY
MBaAFGEkI1NuUflPq/xQrPlE15iqz0A/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWIt
N2IwNGQzNTk3Mzc4LzEvZ2tsM1dMYjdsakx1VjJXZFY3Rml2V2hLTlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YjBlYzctOTg0OC00MTYzLWFjMWItN2IwNGQzNTk3Mzc4
LzEvWVNRalUyNVItVS1yX0ZDcy1VVFhtS3JQUUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSWTMA0G
CSqGSIb3DQEBCwUAA4IBAQAeaSSzOVEFQ6J76Tfl/U+6RI71uzVWqcR7HxsOzHUE
pLSv0mO47yeGCiqLs1so5Y+xfV9SdxjsWHYtebHa7cUwiv++lsSmYTV0Bh2gu1X+
SZzBLfMzaWokgxMBDAYXNQfWNo3jZ/9ArzpMYRrTR/CUSPwg5hXTl44t2gWfX0HD
8qVnu4hSeuUgnewuweuDD2n0PudDnEwKr5R4oRRshLtmixjyJgfyiROsi3BC7XrR
6Hb+jEyNYgMMjYjfvOo94ROIqsL/8wfkfYIK08Wl9ecUwZAZ03A1bcaa0bku3HgX
rKpZ71ROw9BMaCVnwdMq241U7ZvoScbcUlTC28gRcauK
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:38:30 2024 by rpki-client on console-fra.rpki-client.org