Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/GNU_ba_z_Kyebc2CqFSoHlJmEJs.roa
File: GNU_ba_z_Kyebc2CqFSoHlJmEJs.roa (raw, json)
Hash identifier: 1n+xKPjn3Y4zrzBWJKYRieNe0XF+Ug3+pad/ICSTBI4=
Subject key identifier: 18:D5:3F:6D:AF:F3:FC:AC:9E:6D:CD:82:A8:54:A8:1E:52:66:10:9B
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 018CCA297AE28547D019DBC545C2AB544A60
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/GNU_ba_z_Kyebc2CqFSoHlJmEJs.roa
Signing time: Tue 02 Jan 2024 12:32:45 +0000
ROA not before: Tue 02 Jan 2024 12:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208909
IP address blocks: 162.213.67.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.136.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.132.90.0/24 maxlen: 24
162.213.64.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
2a0e:3c80::/29 maxlen: 29
2a01:57a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:7a:e2:85:47:d0:19:db:c5:45:c2:ab:54:4a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 2 12:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d53f6daff3fcac9e6dcd82a854a81e5266109b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:53:da:66:44:73:b4:f7:2e:cc:4b:f9:9f:
13:2f:da:a3:03:b5:db:a8:1a:1b:11:54:32:c7:41:
cf:2a:77:2a:87:94:d2:67:60:64:b7:8f:b7:7a:60:
ba:14:c2:1a:a8:89:4d:c5:d8:7a:45:65:b2:c1:e7:
e2:ad:d2:72:f4:ca:ce:dd:7e:73:f2:1b:ed:05:c5:
6f:a2:25:f8:a5:d7:c7:20:3d:73:92:a1:0c:b6:59:
ce:0f:e5:3a:1d:c1:c3:cf:c8:d7:f2:d0:ae:64:aa:
b8:b8:d6:47:b3:ea:6b:c0:95:97:75:30:73:43:7d:
99:41:87:32:f3:8c:d7:b1:bd:ae:1b:21:4c:13:89:
c9:32:e0:ab:5e:7b:ad:69:4f:23:81:53:c6:48:20:
d4:7e:11:74:c0:43:91:18:6e:e5:b4:7a:ff:23:20:
a9:53:9f:7a:eb:bd:41:04:a8:4e:bc:47:15:64:5a:
64:27:98:bd:c8:61:a5:d2:a2:21:85:f1:87:aa:ad:
7a:25:af:ab:e1:7e:34:a1:85:ef:ed:4c:f3:f3:44:
5f:eb:a0:85:90:7f:24:58:e7:8f:c2:b8:41:27:2f:
42:e6:78:48:ad:7d:21:a7:45:36:d2:a0:98:bc:26:
69:48:0f:79:ae:ff:6c:ba:db:55:cb:1c:18:25:57:
57:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D5:3F:6D:AF:F3:FC:AC:9E:6D:CD:82:A8:54:A8:1E:52:66:10:9B
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/GNU_ba_z_Kyebc2CqFSoHlJmEJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.41.96.0/22
185.132.90.0/24
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
8d:4a:fd:f5:ec:a6:02:f0:69:f2:b5:8d:96:ac:b7:a6:2e:f5:
be:89:da:3c:1f:95:e6:c9:6e:b3:e9:26:1a:e1:74:41:44:57:
6a:f5:9c:02:4a:b9:ce:03:62:24:32:8b:61:67:99:95:7f:f3:
9b:a3:8c:44:36:a7:18:16:2f:dc:b7:38:24:0f:33:8e:7e:35:
95:f9:0b:15:64:cd:a0:74:eb:01:41:ad:7c:48:fd:d3:8a:ab:
58:72:32:17:2f:f1:f8:51:b7:05:08:39:3d:8d:d5:78:47:3d:
05:44:84:36:d1:fe:7a:0b:b5:17:4c:88:fe:ab:c6:e2:49:ec:
7f:0c:21:b7:cb:34:30:6a:e0:41:3f:75:06:5e:80:89:f3:cd:
e4:8d:cc:fc:92:00:9e:1f:37:fd:0c:42:48:e6:4b:49:3e:02:
28:0c:54:56:23:43:b2:02:7b:51:2a:b4:83:6d:36:d4:a4:c0:
27:1b:02:83:36:aa:a8:b4:79:e6:9d:bc:02:3e:ff:3c:33:6f:
b2:bf:4a:ff:d7:ff:85:ae:fb:be:30:32:80:d7:95:b2:05:19:
15:4b:3a:89:f7:04:56:f0:f3:0c:69:84:3b:b6:25:07:79:50:
90:34:e2:90:bb:8d:f3:29:b0:7f:5b:fa:32:ab:30:1d:94:7c:
35:7e:73:02
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzKKXrihUfQGdvFRcKrVEpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjQwMTAyMTIzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ1M2Y2ZGFmZjNmY2FjOWU2ZGNkODJhODU0YTgxZTUyNjYxMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh1T2mZEc7T3LsxL+Z8TL9qjA7Xb
qBobEVQyx0HPKncqh5TSZ2Bkt4+3emC6FMIaqIlNxdh6RWWywefirdJy9MrO3X5z
8hvtBcVvoiX4pdfHID1zkqEMtlnOD+U6HcHDz8jX8tCuZKq4uNZHs+prwJWXdTBz
Q32ZQYcy84zXsb2uGyFME4nJMuCrXnutaU8jgVPGSCDUfhF0wEORGG7ltHr/IyCp
U596671BBKhOvEcVZFpkJ5i9yGGl0qIhhfGHqq16Ja+r4X40oYXv7Uzz80Rf66CF
kH8kWOePwrhBJy9C5nhIrX0hp0U20qCYvCZpSA95rv9suttVyxwYJVdXSwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBjVP22v8/ysnm3NgqhUqB5SZhCbMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvR05VX2JhX3pfS3llYmMyQ3FGU29IbEptRUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQ+IAwQC
W8x8AwQCotVAAwQCuSlgAwQAuYRaMBQEAgACMA4DBQAqAVegAwUDKg48gDANBgkq
hkiG9w0BAQsFAAOCAQEAjUr99eymAvBp8rWNlqy3pi71vonaPB+V5slus+kmGuF0
QURXavWcAkq5zgNiJDKLYWeZlX/zm6OMRDanGBYv3Lc4JA8zjn41lfkLFWTNoHTr
AUGtfEj904qrWHIyFy/x+FG3BQg5PY3VeEc9BUSENtH+egu1F0yI/qvG4knsfwwh
t8s0MGrgQT91Bl6AifPN5I3M/JIAnh83/QxCSOZLST4CKAxUViNDsgJ7USq0g202
1KTAJxsCgzaqqLR55p28Aj7/PDNvsr9K/9f/ha77vjAygNeVsgUZFUs6ifcEVvDz
DGmEO7YlB3lQkDTikLuN8ymwf1v6MqswHZR8NX5zAg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:23 2024 by rpki-client on console-ams.rpki-client.org