Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/GR00k5QmmfS0cOUClVnK6RS66s8.roa
File: GR00k5QmmfS0cOUClVnK6RS66s8.roa (raw, json)
Hash identifier: wElYhpa1RlJTgvoyDSQXxyiexohiV/1r6XO0SK8c8es=
Subject key identifier: 19:1D:34:93:94:26:99:F4:B4:70:E5:02:95:59:CA:E9:14:BA:EA:CF
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 018CC8DD0F8D8A53DBB70658B06E5F184788
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/GR00k5QmmfS0cOUClVnK6RS66s8.roa
Signing time: Tue 02 Jan 2024 06:29:39 +0000
ROA not before: Tue 02 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 78.103.0.0/16 maxlen: 16
80.111.128.0/17 maxlen: 17
195.34.134.0/23 maxlen: 23
92.235.0.0/18 maxlen: 18
92.235.0.0/19 maxlen: 19
94.171.0.0/16 maxlen: 16
92.235.32.0/19 maxlen: 19
84.116.0.0/16 maxlen: 16
80.111.0.0/17 maxlen: 17
213.47.222.0/23 maxlen: 23
213.47.220.0/22 maxlen: 22
213.47.220.0/23 maxlen: 23
80.111.0.0/16 maxlen: 16
94.170.0.0/16 maxlen: 16
94.170.0.0/15 maxlen: 15
195.34.130.0/24 maxlen: 24
195.34.132.0/22 maxlen: 22
195.34.132.0/23 maxlen: 23
62.179.0.0/17 maxlen: 17
94.169.0.0/16 maxlen: 16
2001:730::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0f:8d:8a:53:db:b7:06:58:b0:6e:5f:18:47:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 2 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191d3493942699f4b470e5029559cae914baeacf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a6:da:ea:d6:04:88:c4:26:ad:9b:02:e5:b4:
cb:5b:65:1a:81:2b:7e:34:f7:4c:63:b3:d4:2a:19:
5b:4f:7b:2f:fe:e4:f0:cc:4a:f9:52:cb:f8:c6:6c:
a1:98:d7:5c:93:8e:b2:71:15:de:3e:21:9e:3b:5a:
73:ac:db:40:8d:15:6e:d4:ba:22:ea:16:52:8f:4f:
a4:d1:99:6b:b3:63:4f:cc:50:ea:2e:4c:32:4b:15:
9f:10:82:a3:c7:7d:42:09:d4:67:66:e1:b3:5c:64:
40:29:51:75:0b:57:d7:e8:81:31:44:8a:d2:2c:da:
d9:e0:2b:67:7c:af:2f:da:7d:6d:43:d6:8b:1c:1d:
a4:e9:32:88:a0:01:72:23:8b:96:07:57:e6:1e:aa:
62:78:cb:c3:ec:f9:76:b5:94:81:e3:c8:0a:36:4e:
d4:01:6e:dc:58:e3:66:06:e6:94:ba:0e:d7:ac:f5:
d9:54:0c:86:7c:09:60:dd:dd:f2:f0:07:64:b6:02:
54:e4:32:8f:5e:34:7a:d5:5d:3d:13:de:13:ea:90:
61:f9:0a:70:aa:19:cf:ee:b4:5c:45:02:cb:47:ae:
59:1d:f2:7d:a8:c2:e2:ae:88:ff:67:44:b8:f3:2f:
d3:8b:a8:82:8b:c0:ef:40:15:75:e1:33:51:72:ad:
ec:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1D:34:93:94:26:99:F4:B4:70:E5:02:95:59:CA:E9:14:BA:EA:CF
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/GR00k5QmmfS0cOUClVnK6RS66s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.179.0.0/17
78.103.0.0/16
80.111.0.0/16
84.116.0.0/16
92.235.0.0/18
94.169.0.0-94.171.255.255
195.34.130.0/24
195.34.132.0/22
213.47.220.0/22
IPv6:
2001:730::/29
Signature Algorithm: sha256WithRSAEncryption
31:ab:8a:06:81:72:26:68:c0:a2:55:2e:a3:1b:97:45:5a:9d:
c6:8d:e0:87:ec:4a:3b:54:10:00:bd:ec:fa:0d:94:82:fe:3b:
18:c4:7e:67:b4:2a:6d:9d:8d:d6:05:27:f8:ee:21:78:98:b6:
a1:10:f5:9e:fd:0a:0e:49:3a:21:96:c8:e5:3d:99:19:f3:b9:
5d:28:ea:8b:e5:f4:6e:4c:43:d4:23:fa:e9:5b:9a:8f:12:74:
85:fe:f3:f8:0a:c3:5d:fb:f4:6a:ec:a1:3c:02:6c:73:b7:83:
72:f5:68:21:85:90:f4:fe:d6:5b:85:b5:23:51:03:4b:d2:b8:
9f:cc:9a:98:e7:97:d0:8b:ef:f6:57:0e:a5:3d:46:a9:58:59:
2b:f9:34:54:d4:5b:8a:8b:01:27:89:1f:3e:cb:2c:65:34:a5:
cd:b9:ad:02:bd:6b:e2:f3:e1:52:3d:47:84:a8:7a:55:94:56:
44:0a:18:55:69:55:89:3b:4a:d7:45:a5:08:75:98:88:f2:1d:
30:5c:16:12:21:28:20:cd:32:cd:c5:94:b3:e3:2a:7d:dd:ef:
a5:c6:be:57:55:3e:ea:7a:e3:ec:82:95:a1:ce:e8:f3:3f:19:
e5:86:ed:9d:61:f7:6b:b6:1f:53:00:d4:89:b5:f5:d6:71:24:
c6:a0:bb:fc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzI3Q+NilPbtwZYsG5fGEeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI1ZTZhNjg5M2Y0NjZkMjY5NWU5MDY3MGMwNDc0NDM2
NDM3MDEwHhcNMjQwMTAyMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFkMzQ5Mzk0MjY5OWY0YjQ3MGU1MDI5NTU5Y2FlOTE0YmFlYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKba6tYEiMQmrZsC5bTLW2UagSt+
NPdMY7PUKhlbT3sv/uTwzEr5Usv4xmyhmNdck46ycRXePiGeO1pzrNtAjRVu1Loi
6hZSj0+k0Zlrs2NPzFDqLkwySxWfEIKjx31CCdRnZuGzXGRAKVF1C1fX6IExRIrS
LNrZ4CtnfK8v2n1tQ9aLHB2k6TKIoAFyI4uWB1fmHqpieMvD7Pl2tZSB48gKNk7U
AW7cWONmBuaUug7XrPXZVAyGfAlg3d3y8AdktgJU5DKPXjR61V09E94T6pBh+Qpw
qhnP7rRcRQLLR65ZHfJ9qMLiroj/Z0S48y/Ti6iCi8DvQBV14TNRcq3s6wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBkdNJOUJpn0tHDlApVZyukUuurPMB8GA1UdIwQY
MBaAFJDyXmpok/Rm0mlekGcMBHRDZDcBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEt
M2IwYjRiOGEyOTgzLzEvR1IwMGs1UW1tZlMwY09VQ2xWbks2UlM2NnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEtM2IwYjRiOGEyOTgz
LzEva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwQHPrMAAwMA
TmcDAwBQbwMDAFR0AwQGXOsAMAoDAwBeqQMDAl6oAwQAwyKCAwQCwyKEAwQC1S/c
MA0EAgACMAcDBQMgAQcwMA0GCSqGSIb3DQEBCwUAA4IBAQAxq4oGgXImaMCiVS6j
G5dFWp3GjeCH7Eo7VBAAvez6DZSC/jsYxH5ntCptnY3WBSf47iF4mLahEPWe/QoO
STohlsjlPZkZ87ldKOqL5fRuTEPUI/rpW5qPEnSF/vP4CsNd+/Rq7KE8Amxzt4Ny
9WghhZD0/tZbhbUjUQNL0rifzJqY55fQi+/2Vw6lPUapWFkr+TRU1FuKiwEniR8+
yyxlNKXNua0CvWvi8+FSPUeEqHpVlFZEChhVaVWJO0rXRaUIdZiI8h0wXBYSISgg
zTLNxZSz4yp93e+lxr5XVT7qeuPsgpWhzujzPxnlhu2dYfdrth9TANSJtfXWcSTG
oLv8
-----END CERTIFICATE-----
Generated at Sat May 18 02:48:46 2024 by rpki-client on console-ams.rpki-client.org