Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/GANldPJ3aKEWR1a72RmmjNjwJmo.roa
File: GANldPJ3aKEWR1a72RmmjNjwJmo.roa (raw, json)
Hash identifier: 20UE32P6tE1Tm1QI9uAOFUgUdCeoIuNpmRCXSgHNkDA=
Subject key identifier: 18:03:65:74:F2:77:68:A1:16:47:56:BB:D9:19:A6:8C:D8:F0:26:6A
Certificate issuer: /CN=c11c58337cd4d74cd9219d8778dee5b29f08a461
Certificate serial: 018D4BBF873B6727EFD1F04458AEB9504A05
Authority key identifier: C1:1C:58:33:7C:D4:D7:4C:D9:21:9D:87:78:DE:E5:B2:9F:08:A4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wRxYM3zU10zZIZ2HeN7lsp8IpGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/GANldPJ3aKEWR1a72RmmjNjwJmo.roa
Signing time: Sat 27 Jan 2024 16:27:39 +0000
ROA not before: Sat 27 Jan 2024 16:27:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50821
IP address blocks: 46.39.96.0/19 maxlen: 19
79.142.240.0/20 maxlen: 20
89.255.224.0/20 maxlen: 20
109.238.128.0/20 maxlen: 20
145.14.96.0/19 maxlen: 19
145.40.16.0/20 maxlen: 20
147.28.64.0/19 maxlen: 19
178.16.208.0/20 maxlen: 20
178.251.128.0/21 maxlen: 21
185.81.108.0/22 maxlen: 22
212.100.96.0/19 maxlen: 19
217.69.144.0/20 maxlen: 20
2001:1ba8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/wRxYM3zU10zZIZ2HeN7lsp8IpGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/wRxYM3zU10zZIZ2HeN7lsp8IpGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wRxYM3zU10zZIZ2HeN7lsp8IpGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4b:bf:87:3b:67:27:ef:d1:f0:44:58:ae:b9:50:4a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c11c58337cd4d74cd9219d8778dee5b29f08a461
Validity
Not Before: Jan 27 16:27:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18036574f27768a1164756bbd919a68cd8f0266a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:12:8f:74:b0:66:a1:dc:e7:96:c6:3f:c5:
d3:b0:0c:d5:24:3e:9e:15:f3:4b:7d:bc:3d:ee:f4:
a7:90:ce:ac:67:18:88:d7:69:77:4e:64:c6:fd:a9:
e5:bd:15:5f:a8:bc:b3:e0:c8:a9:95:4b:f0:ee:3f:
8d:a8:e8:17:b0:da:b0:d4:f2:e7:a9:8b:e3:a7:8f:
7a:ee:72:4b:99:7b:7f:2f:e9:f8:5c:36:65:ad:0f:
5b:22:d9:1a:8a:62:0e:fe:c7:c4:31:9d:63:03:10:
58:69:f5:8d:c7:7e:8d:5d:38:c6:a1:0d:9e:62:61:
8e:64:94:8b:e3:47:d6:48:55:1a:cd:c3:69:94:93:
07:47:27:af:a8:dd:b9:0c:3a:de:04:e5:61:c3:7c:
c1:a5:ab:9d:0e:6e:15:67:bb:ae:50:3c:b3:88:18:
83:8b:6b:bb:d1:f9:6e:c0:9b:5b:06:b9:c3:af:4b:
f1:72:3b:9d:2a:5d:d7:5e:42:b4:56:e3:b1:01:4f:
25:83:fe:34:9e:99:e0:62:ce:e6:92:c3:54:3f:94:
ee:a3:c2:89:9e:58:2d:0a:e3:63:33:aa:82:4c:a3:
30:9d:1a:1f:11:c3:61:3a:83:65:ff:0a:95:e3:e2:
21:69:3b:25:24:09:38:57:90:39:d6:10:9f:b0:a2:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:03:65:74:F2:77:68:A1:16:47:56:BB:D9:19:A6:8C:D8:F0:26:6A
X509v3 Authority Key Identifier:
keyid:C1:1C:58:33:7C:D4:D7:4C:D9:21:9D:87:78:DE:E5:B2:9F:08:A4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRxYM3zU10zZIZ2HeN7lsp8IpGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/GANldPJ3aKEWR1a72RmmjNjwJmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/0bdca3-283a-4942-8592-c394541f770e/1/wRxYM3zU10zZIZ2HeN7lsp8IpGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.39.96.0/19
79.142.240.0/20
89.255.224.0/20
109.238.128.0/20
145.14.96.0/19
145.40.16.0/20
147.28.64.0/19
178.16.208.0/20
178.251.128.0/21
185.81.108.0/22
212.100.96.0/19
217.69.144.0/20
IPv6:
2001:1ba8::/29
Signature Algorithm: sha256WithRSAEncryption
03:c2:e7:f7:ad:9d:85:4a:ea:0b:cd:71:24:d4:5e:c9:7e:91:
ef:dc:1e:b4:6f:ec:5b:92:d6:33:93:06:f0:0b:a6:da:2f:17:
2f:9c:8b:fe:c0:07:54:83:fe:dd:38:08:51:1d:53:2c:e2:53:
09:ff:76:d0:be:3e:77:08:14:b4:06:df:ef:4d:03:3e:22:80:
7f:a3:b6:25:04:6e:49:64:22:31:ab:74:12:eb:a8:8b:75:c0:
bb:32:fc:6c:3b:fa:5f:62:1d:8e:e4:66:59:80:1c:97:ac:58:
33:87:6e:9b:4c:36:7a:f8:c8:b7:ff:9a:50:cf:67:ba:1e:0f:
5c:ff:55:20:af:7a:29:7e:21:b9:cf:a7:fc:24:a8:ef:7b:45:
ee:bb:82:fa:a0:05:72:e4:27:09:8e:99:01:4b:87:24:73:8b:
82:1a:92:7a:80:7b:f8:65:15:fc:db:6f:5c:06:f0:91:aa:0a:
ce:bc:9f:de:5f:2d:59:ff:66:91:21:f4:3c:32:29:9d:ae:ec:
42:75:d5:34:16:dc:c8:87:2a:7a:23:64:90:6e:a4:8a:51:c0:
80:97:81:d8:f1:30:aa:1a:75:cb:04:36:2a:a8:c3:b8:88:08:
9d:69:04:40:35:0b:35:87:3f:d4:b9:a1:82:ae:08:ed:66:8a:
5e:fa:3b:cb
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY1Lv4c7Zyfv0fBEWK65UEoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMWM1ODMzN2NkNGQ3NGNkOTIxOWQ4Nzc4ZGVlNWIyOWYw
OGE0NjEwHhcNMjQwMTI3MTYyNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODAzNjU3NGYyNzc2OGExMTY0NzU2YmJkOTE5YTY4Y2Q4ZjAyNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVkSj3SwZqHc55bGP8XTsAzVJD6e
FfNLfbw97vSnkM6sZxiI12l3TmTG/anlvRVfqLyz4MiplUvw7j+NqOgXsNqw1PLn
qYvjp4967nJLmXt/L+n4XDZlrQ9bItkaimIO/sfEMZ1jAxBYafWNx36NXTjGoQ2e
YmGOZJSL40fWSFUazcNplJMHRyevqN25DDreBOVhw3zBpaudDm4VZ7uuUDyziBiD
i2u70fluwJtbBrnDr0vxcjudKl3XXkK0VuOxAU8lg/40npngYs7mksNUP5Tuo8KJ
nlgtCuNjM6qCTKMwnRofEcNhOoNl/wqV4+IhaTslJAk4V5A51hCfsKLFKwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFBgDZXTyd2ihFkdWu9kZpozY8CZqMB8GA1UdIwQY
MBaAFMEcWDN81NdM2SGdh3je5bKfCKRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1J4WU0zelUxMHpaSVoySGVON2xzcDhJcEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wYmRjYTMtMjgzYS00OTQyLTg1OTIt
YzM5NDU0MWY3NzBlLzEvR0FObGRQSjNhS0VXUjFhNzJSbW1qTmp3Sm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wYmRjYTMtMjgzYS00OTQyLTg1OTItYzM5NDU0MWY3NzBl
LzEvd1J4WU0zelUxMHpaSVoySGVON2xzcDhJcEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQFLidgAwQE
T47wAwQEWf/gAwQEbe6AAwQFkQ5gAwQEkSgQAwQFkxxAAwQEshDQAwQDsvuAAwQC
uVFsAwQF1GRgAwQE2UWQMA0EAgACMAcDBQMgARuoMA0GCSqGSIb3DQEBCwUAA4IB
AQADwuf3rZ2FSuoLzXEk1F7JfpHv3B60b+xbktYzkwbwC6baLxcvnIv+wAdUg/7d
OAhRHVMs4lMJ/3bQvj53CBS0Bt/vTQM+IoB/o7YlBG5JZCIxq3QS66iLdcC7Mvxs
O/pfYh2O5GZZgByXrFgzh26bTDZ6+Mi3/5pQz2e6Hg9c/1Ugr3opfiG5z6f8JKjv
e0Xuu4L6oAVy5CcJjpkBS4ckc4uCGpJ6gHv4ZRX8229cBvCRqgrOvJ/eXy1Z/2aR
IfQ8MimdruxCddU0FtzIhyp6I2SQbqSKUcCAl4HY8TCqGnXLBDYqqMO4iAidaQRA
NQs1hz/UuaGCrgjtZope+jvL
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:11:48 2024 by rpki-client on console-ams.rpki-client.org