Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/gs3zzjTHC8nmMxC3j9qzfeEFTSw.roa
File: gs3zzjTHC8nmMxC3j9qzfeEFTSw.roa (raw, json)
Hash identifier: 7zGlAzMi8QDeXYRbCk1TcxKLsh2LbZSy0v7DZI5tlPo=
Subject key identifier: 82:CD:F3:CE:34:C7:0B:C9:E6:33:10:B7:8F:DA:B3:7D:E1:05:4D:2C
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018CC56E4E113297B6D459B80EFEEBED0294
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/gs3zzjTHC8nmMxC3j9qzfeEFTSw.roa
Signing time: Mon 01 Jan 2024 14:29:49 +0000
ROA not before: Mon 01 Jan 2024 14:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 176.118.34.0/24 maxlen: 24
46.226.125.0/24 maxlen: 24
185.21.131.0/24 maxlen: 24
185.248.135.0/24 maxlen: 24
185.25.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4e:11:32:97:b6:d4:59:b8:0e:fe:eb:ed:02:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 1 14:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82cdf3ce34c70bc9e63310b78fdab37de1054d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:a3:06:e9:a3:15:ee:b0:1e:a8:8b:3b:9f:
49:24:7c:90:4f:17:05:c2:4d:3e:de:72:10:6f:61:
15:79:30:cb:52:c8:f4:b6:42:14:d3:43:0b:c8:5d:
a4:c4:b9:e6:39:ca:25:87:b5:d8:d3:35:fd:72:7e:
41:4d:5c:15:38:0c:de:0d:85:a7:52:09:d0:8d:71:
d2:6c:e4:8f:c8:ec:f3:45:28:9c:61:fe:fa:dd:7c:
ef:77:2e:af:4b:03:51:7f:1b:c7:d1:1c:25:c3:a5:
a6:5c:90:bc:ae:29:44:3e:81:5c:f0:a0:c5:50:c6:
2a:f1:d2:31:28:77:db:e1:f1:df:f9:51:28:e3:79:
3f:70:ae:1d:d7:90:e5:4f:5a:0b:b3:cd:46:6f:f7:
e2:b8:48:9a:4f:73:d7:2b:68:f6:e8:73:fd:e3:6a:
aa:29:1d:c2:12:18:17:6d:3c:a6:dd:6f:89:de:4a:
c7:cf:de:1d:5f:f1:dd:b4:da:22:b6:6d:88:fd:be:
23:25:ea:f6:97:fc:c2:f4:c0:97:e9:c4:6e:24:14:
57:18:af:6b:4f:bb:44:bc:4b:75:3b:6f:e7:3f:12:
9b:43:84:34:7b:87:aa:c3:fb:bf:dc:40:6b:64:4c:
5d:0e:ca:86:4f:a4:cb:b3:d5:ea:ca:e3:f8:d6:f8:
3d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CD:F3:CE:34:C7:0B:C9:E6:33:10:B7:8F:DA:B3:7D:E1:05:4D:2C
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/gs3zzjTHC8nmMxC3j9qzfeEFTSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.125.0/24
176.118.34.0/24
185.21.131.0/24
185.25.104.0/24
185.248.135.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d0:1b:72:20:4d:b4:19:e2:7d:3b:c7:25:20:5f:95:76:22:
68:a5:00:9f:e4:61:75:cd:c1:d5:ce:0d:c0:97:ea:61:3c:3b:
8c:ca:64:e1:14:cb:94:97:91:2d:48:c7:02:d5:e8:32:53:30:
55:72:31:98:6b:58:66:77:9e:70:c1:f9:c1:dc:1e:db:97:da:
e7:45:2c:9d:57:6b:26:dc:03:f9:9b:38:3a:39:84:06:a7:20:
ff:2f:af:4d:b4:f2:c6:53:3f:b6:f9:79:b8:8c:a7:a8:5b:b3:
35:16:fa:af:c0:b9:ec:81:e3:64:45:22:04:1c:a9:78:50:66:
3e:5f:a5:1e:30:6c:3e:bf:92:b4:08:66:19:7f:a6:7d:f4:b5:
1e:9e:83:63:f0:e8:ad:0d:5e:07:9a:bc:6b:1a:eb:d3:e0:73:
3b:38:5c:e5:69:13:10:c6:df:7c:fd:3f:91:06:00:2f:c2:62:
05:d8:05:ba:f2:09:02:59:a2:07:00:e3:0e:f3:f5:79:91:71:
d9:b2:38:eb:1f:67:89:99:c6:4e:25:f7:79:56:47:c7:95:92:
6a:b9:dd:e5:51:e3:88:33:d2:af:91:24:8d:41:6f:c3:fc:67:
2b:f2:a8:da:d0:5f:f8:5b:b4:af:59:28:8a:92:14:d0:94:21:
b9:dc:97:2b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFbk4RMpe21Fm4Dv7r7QKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNkZjNjZTM0YzcwYmM5ZTYzMzEwYjc4ZmRhYjM3ZGUxMDU0ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloajBumjFe6wHqiLO59JJHyQTxcF
wk0+3nIQb2EVeTDLUsj0tkIU00MLyF2kxLnmOcolh7XY0zX9cn5BTVwVOAzeDYWn
UgnQjXHSbOSPyOzzRSicYf763Xzvdy6vSwNRfxvH0Rwlw6WmXJC8rilEPoFc8KDF
UMYq8dIxKHfb4fHf+VEo43k/cK4d15DlT1oLs81Gb/fiuEiaT3PXK2j26HP942qq
KR3CEhgXbTym3W+J3krHz94dX/HdtNoitm2I/b4jJer2l/zC9MCX6cRuJBRXGK9r
T7tEvEt1O2/nPxKbQ4Q0e4eqw/u/3EBrZExdDsqGT6TLs9XqyuP41vg9dwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFILN8840xwvJ5jMQt4/as33hBU0sMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvZ3MzenpqVEhDOG5tTXhDM2o5cXpmZUVGVFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALuJ9AwQA
sHYiAwQAuRWDAwQAuRloAwQAufiHMA0GCSqGSIb3DQEBCwUAA4IBAQBZ0BtyIE20
GeJ9O8clIF+VdiJopQCf5GF1zcHVzg3Al+phPDuMymThFMuUl5EtSMcC1egyUzBV
cjGYa1hmd55wwfnB3B7bl9rnRSydV2sm3AP5mzg6OYQGpyD/L69NtPLGUz+2+Xm4
jKeoW7M1FvqvwLnsgeNkRSIEHKl4UGY+X6UeMGw+v5K0CGYZf6Z99LUenoNj8Oit
DV4HmrxrGuvT4HM7OFzlaRMQxt98/T+RBgAvwmIF2AW68gkCWaIHAOMO8/V5kXHZ
sjjrH2eJmcZOJfd5VkfHlZJqud3lUeOIM9KvkSSNQW/D/Gcr8qja0F/4W7SvWSiK
khTQlCG53Jcr
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:52:17 2024 by rpki-client on console-fra.rpki-client.org