Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/G_vG9sUL5r5C3ywfRUB-yDhOBtU.roa
File: G_vG9sUL5r5C3ywfRUB-yDhOBtU.roa (raw, json)
Hash identifier: GO3cM88CNEy1ehmF/uPJvPgFnBUY2LErdJ4pTlQm2uk=
Subject key identifier: 1B:FB:C6:F6:C5:0B:E6:BE:42:DF:2C:1F:45:40:7E:C8:38:4E:06:D5
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 019081FCAD0D89E843AA4DDCF6F0C9B73154
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/G_vG9sUL5r5C3ywfRUB-yDhOBtU.roa
Signing time: Fri 05 Jul 2024 08:22:18 +0000
ROA not before: Fri 05 Jul 2024 08:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210850
IP address blocks: 91.223.53.0/24 maxlen: 32
185.229.108.0/22 maxlen: 32
185.229.111.0/24 maxlen: 32
213.108.134.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:fc:ad:0d:89:e8:43:aa:4d:dc:f6:f0:c9:b7:31:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jul 5 08:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bfbc6f6c50be6be42df2c1f45407ec8384e06d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9e:95:21:a9:31:6a:15:74:2a:02:3c:c4:23:
db:e2:d2:2d:c3:c3:e2:3c:c1:f3:15:54:32:3d:7e:
d1:14:4f:41:47:78:25:d8:2a:d9:de:c5:25:c9:2c:
81:4a:cb:2b:46:6a:b2:64:16:60:10:7c:5c:8c:98:
47:86:fc:07:c5:b9:46:9c:48:24:03:0c:cb:90:66:
a4:3c:10:c6:06:5f:be:8d:f4:86:a7:9c:87:80:60:
97:84:ec:51:e5:b7:b6:4b:1f:8d:ea:cc:87:d6:ad:
78:ff:c6:d2:56:1e:5d:80:39:4f:c0:1e:94:f2:7f:
e7:b7:df:e0:00:d5:1b:25:91:bd:7c:21:15:9e:d6:
5d:2d:c3:bf:ed:0e:7c:51:f3:43:66:7d:ee:f5:e3:
6b:bc:56:47:11:0e:0f:ec:0f:4e:27:0d:3e:90:fc:
72:dc:b1:0c:6f:7d:02:aa:79:23:1d:d5:6b:68:c2:
6d:ce:26:b1:7e:18:22:37:f9:09:be:b0:5d:cd:32:
62:59:e3:15:c0:52:d6:a2:ed:0b:ba:18:de:fb:e9:
cb:d8:4c:9e:8f:3c:64:a3:7c:fe:c1:37:34:97:39:
b5:24:9a:99:a9:d8:03:89:e4:10:29:00:ee:24:f4:
a4:df:25:a7:03:60:81:bc:76:4a:b6:e3:c8:04:34:
f8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FB:C6:F6:C5:0B:E6:BE:42:DF:2C:1F:45:40:7E:C8:38:4E:06:D5
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/G_vG9sUL5r5C3ywfRUB-yDhOBtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.53.0/24
185.229.108.0/22
213.108.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:d8:ed:fe:b0:2d:dc:97:8a:bf:a5:c0:51:70:18:fd:2e:37:
2f:71:ea:3a:df:39:fb:28:3f:a4:72:0f:0c:ad:83:94:07:6b:
ca:81:d3:1c:e4:46:a7:26:97:59:3a:1d:03:90:b6:07:d1:2b:
18:5d:d1:f8:83:cc:99:db:b0:7c:c3:7c:35:87:9a:8b:e6:51:
14:f1:5b:06:60:b7:91:f4:d2:27:e7:25:40:d7:d3:84:60:f2:
92:3d:19:d4:3d:d1:ee:65:d1:4f:3c:96:0a:db:d5:79:83:03:
51:37:7e:ad:27:bf:e9:f4:b9:0f:da:40:d8:7b:8e:e6:b5:d6:
72:17:ff:8d:96:2b:f8:b5:1c:80:3e:ba:0d:df:9e:4c:4f:23:
79:a7:66:8e:cc:c1:a3:55:03:90:71:9b:80:a7:03:a5:47:0f:
42:d1:ab:e7:cc:15:a3:ac:5f:43:52:02:93:5e:bc:7b:68:aa:
9b:4d:a8:2f:3d:1a:d2:3b:c4:28:65:2c:4d:34:03:00:b0:0e:
1a:1d:fc:52:4b:4a:08:b6:d2:d5:b1:22:b0:b8:f4:db:80:88:
47:6c:c0:f9:00:78:04:14:8a:b3:a4:81:10:05:f1:a0:87:38:
35:4a:61:d3:a0:50:30:2b:2b:ea:dc:c1:12:fb:df:85:2b:ba:
40:97:55:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCB/K0NiehDqk3c9vDJtzFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjQwNzA1MDgyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZiYzZmNmM1MGJlNmJlNDJkZjJjMWY0NTQwN2VjODM4NGUwNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p6VIakxahV0KgI8xCPb4tItw8Pi
PMHzFVQyPX7RFE9BR3gl2CrZ3sUlySyBSssrRmqyZBZgEHxcjJhHhvwHxblGnEgk
AwzLkGakPBDGBl++jfSGp5yHgGCXhOxR5be2Sx+N6syH1q14/8bSVh5dgDlPwB6U
8n/nt9/gANUbJZG9fCEVntZdLcO/7Q58UfNDZn3u9eNrvFZHEQ4P7A9OJw0+kPxy
3LEMb30CqnkjHdVraMJtziaxfhgiN/kJvrBdzTJiWeMVwFLWou0Luhje++nL2Eye
jzxko3z+wTc0lzm1JJqZqdgDieQQKQDuJPSk3yWnA2CBvHZKtuPIBDT4KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBv7xvbFC+a+Qt8sH0VAfsg4TgbVMB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvR192RzlzVUw1cjVDM3l3ZlJVQi15RGhPQnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW981AwQC
ueVsAwQA1WyGMA0GCSqGSIb3DQEBCwUAA4IBAQCl2O3+sC3cl4q/pcBRcBj9Ljcv
ceo63zn7KD+kcg8MrYOUB2vKgdMc5EanJpdZOh0DkLYH0SsYXdH4g8yZ27B8w3w1
h5qL5lEU8VsGYLeR9NIn5yVA19OEYPKSPRnUPdHuZdFPPJYK29V5gwNRN36tJ7/p
9LkP2kDYe47mtdZyF/+Nliv4tRyAProN355MTyN5p2aOzMGjVQOQcZuApwOlRw9C
0avnzBWjrF9DUgKTXrx7aKqbTagvPRrSO8QoZSxNNAMAsA4aHfxSS0oIttLVsSKw
uPTbgIhHbMD5AHgEFIqzpIEQBfGghzg1SmHToFAwKyvq3MES+9+FK7pAl1Us
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:17:59 2024 by rpki-client on console-fra.rpki-client.org