Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/r1GZlAegZAgToeR-44_StZLXl9I.roa
File: r1GZlAegZAgToeR-44_StZLXl9I.roa (raw, json)
Hash identifier: pwRE8JBUHUu4hr9kDC/U9yUa9iAwxGLDa+QtegDMk3Y=
Subject key identifier: AF:51:99:94:07:A0:64:08:13:A1:E4:7E:E3:8F:D2:B5:92:D7:97:D2
Certificate issuer: /CN=2a264605245af2019c293c3728f6a5e255d89f25
Certificate serial: 018CCA2843F919A7B5B0BE55264CC6234716
Authority key identifier: 2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/r1GZlAegZAgToeR-44_StZLXl9I.roa
Signing time: Tue 02 Jan 2024 12:31:25 +0000
ROA not before: Tue 02 Jan 2024 12:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61205
IP address blocks: 185.213.176.0/22 maxlen: 24
185.120.112.0/22 maxlen: 24
94.198.200.0/21 maxlen: 24
188.213.56.0/21 maxlen: 21
188.213.56.0/22 maxlen: 22
185.117.56.0/22 maxlen: 24
2a03:c2c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:43:f9:19:a7:b5:b0:be:55:26:4c:c6:23:47:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a264605245af2019c293c3728f6a5e255d89f25
Validity
Not Before: Jan 2 12:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af51999407a0640813a1e47ee38fd2b592d797d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:69:aa:c9:45:a2:34:33:73:0f:ee:27:30:4f:
05:52:ea:f0:f4:8b:a5:60:ce:6b:10:80:6f:66:ba:
8b:54:ac:84:68:7e:1d:75:a4:2f:31:b2:31:83:00:
94:e7:4b:2e:e3:ee:7d:63:3c:5c:d3:17:72:b3:f3:
3e:12:72:9e:27:e3:06:10:67:a0:0a:a5:65:ee:2c:
9e:ee:e4:5e:a6:80:6c:26:16:1d:d3:d0:28:99:ad:
23:fd:7a:81:fc:c7:1d:d3:3e:0c:ff:a3:9a:33:40:
97:79:77:a5:28:55:38:36:39:22:c1:14:53:f4:54:
8a:ab:47:ee:81:c4:3d:88:f7:9e:d1:e3:f7:15:2c:
b2:b4:64:eb:b0:55:d9:21:83:08:11:cd:7f:67:51:
24:5b:5b:c8:15:b9:6d:a0:25:9a:fc:62:71:65:30:
34:6f:28:3a:15:95:67:cd:4b:d7:da:1c:4d:01:98:
71:d3:f6:35:05:57:9a:10:af:4b:d2:56:6a:f7:f7:
6d:e6:08:49:6f:9d:ef:47:74:20:62:ee:08:6c:35:
58:20:7c:80:17:1a:16:eb:85:0e:b7:5b:e1:3d:fc:
b9:1c:52:69:79:ec:51:26:89:05:82:fc:f5:99:8a:
c8:f2:54:e7:91:c6:34:7f:5a:67:98:c5:53:94:06:
52:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:51:99:94:07:A0:64:08:13:A1:E4:7E:E3:8F:D2:B5:92:D7:97:D2
X509v3 Authority Key Identifier:
keyid:2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/r1GZlAegZAgToeR-44_StZLXl9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.200.0/21
185.117.56.0/22
185.120.112.0/22
185.213.176.0/22
188.213.56.0/21
IPv6:
2a03:c2c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:3d:2f:af:c6:97:78:68:cc:3c:4e:64:3f:a5:3a:9f:cb:08:
2e:9a:b0:cc:45:21:e5:c7:7d:5b:7e:01:31:2d:7d:01:50:6f:
75:cc:a0:4e:ef:38:95:4a:5b:67:0b:86:87:60:7e:01:7d:d7:
d1:a4:fc:c3:32:1d:d8:9e:0b:e0:83:a5:0f:b4:40:bd:73:ad:
81:be:7a:8a:31:b5:f0:92:57:f2:45:4c:25:34:c5:c7:d5:3a:
3e:3d:27:56:1e:d7:ab:eb:96:c6:a4:e0:7c:d9:a0:fb:4d:2f:
86:93:30:78:21:b1:03:c6:bf:e9:67:5a:0c:5c:b6:84:10:05:
4d:1d:59:f8:97:52:7a:16:44:fb:45:84:6e:c7:03:c4:b1:93:
91:b9:c0:41:55:84:2b:52:9c:f8:63:86:54:b2:88:d3:63:8e:
ce:80:8a:71:5b:fe:2e:c5:21:c6:d4:7f:74:18:40:1c:be:b8:
27:6b:4e:76:e7:f2:be:0d:15:66:e1:83:60:81:e1:a9:ac:bb:
2e:ab:d6:a4:ee:87:d4:a6:af:0e:bb:d9:a1:d1:6a:45:30:ae:
9c:32:45:43:22:d7:df:c7:99:0a:22:25:a6:37:22:e4:18:c3:
43:e1:3e:3c:3b:7e:3c:4f:e7:03:05:b6:d1:a9:50:f9:97:b8:
47:5e:d3:27
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKEP5Gae1sL5VJkzGI0cWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjY0NjA1MjQ1YWYyMDE5YzI5M2MzNzI4ZjZhNWUyNTVk
ODlmMjUwHhcNMjQwMTAyMTIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUxOTk5NDA3YTA2NDA4MTNhMWU0N2VlMzhmZDJiNTkyZDc5N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2mqyUWiNDNzD+4nME8FUurw9Iul
YM5rEIBvZrqLVKyEaH4ddaQvMbIxgwCU50su4+59Yzxc0xdys/M+EnKeJ+MGEGeg
CqVl7iye7uRepoBsJhYd09Aoma0j/XqB/Mcd0z4M/6OaM0CXeXelKFU4NjkiwRRT
9FSKq0fugcQ9iPee0eP3FSyytGTrsFXZIYMIEc1/Z1EkW1vIFbltoCWa/GJxZTA0
byg6FZVnzUvX2hxNAZhx0/Y1BVeaEK9L0lZq9/dt5ghJb53vR3QgYu4IbDVYIHyA
FxoW64UOt1vhPfy5HFJpeexRJokFgvz1mYrI8lTnkcY0f1pnmMVTlAZSZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK9RmZQHoGQIE6HkfuOP0rWS15fSMB8GA1UdIwQY
MBaAFComRgUkWvIBnCk8Nyj2peJV2J8lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGIt
MzU5YjY0ZDcwOWI5LzEvcjFHWmxBZWdaQWdUb2VSLTQ0X1N0WkxYbDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGItMzU5YjY0ZDcwOWI5
LzEvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDXsbIAwQC
uXU4AwQCuXhwAwQCudWwAwQDvNU4MA0EAgACMAcDBQAqA8LAMA0GCSqGSIb3DQEB
CwUAA4IBAQAIPS+vxpd4aMw8TmQ/pTqfywgumrDMRSHlx31bfgExLX0BUG91zKBO
7ziVSltnC4aHYH4BfdfRpPzDMh3Yngvgg6UPtEC9c62BvnqKMbXwklfyRUwlNMXH
1To+PSdWHter65bGpOB82aD7TS+GkzB4IbEDxr/pZ1oMXLaEEAVNHVn4l1J6FkT7
RYRuxwPEsZORucBBVYQrUpz4Y4ZUsojTY47OgIpxW/4uxSHG1H90GEAcvrgna052
5/K+DRVm4YNggeGprLsuq9ak7ofUpq8Ou9mh0WpFMK6cMkVDItffx5kKIiWmNyLk
GMND4T48O348T+cDBbbRqVD5l7hHXtMn
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:18 2024 by rpki-client on console-fra.rpki-client.org