Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/GrSsCaDDtlnLDVJrHrKe_A7JQpc.roa
File: GrSsCaDDtlnLDVJrHrKe_A7JQpc.roa (raw, json)
Hash identifier: NlEYXuUgautypu41sK3cgIo4ITtRFV4+42hT7f+1Kwc=
Subject key identifier: 1A:B4:AC:09:A0:C3:B6:59:CB:0D:52:6B:1E:B2:9E:FC:0E:C9:42:97
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E88668FB4C062A446063B69ECA750
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/GrSsCaDDtlnLDVJrHrKe_A7JQpc.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31197
IP address blocks: 83.133.184.0/21 maxlen: 21
81.209.144.0/22 maxlen: 22
83.125.12.0/22 maxlen: 22
81.209.179.0/24 maxlen: 24
81.209.185.0/24 maxlen: 24
82.197.138.0/24 maxlen: 24
81.209.200.0/23 maxlen: 23
82.197.152.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:88:66:8f:b4:c0:62:a4:46:06:3b:69:ec:a7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ab4ac09a0c3b659cb0d526b1eb29efc0ec94297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:90:fb:ed:55:c5:57:03:71:9c:4e:08:25:
3f:24:05:9d:76:a5:ef:ab:9d:07:aa:a0:19:8b:90:
e6:78:20:43:a3:42:d2:40:19:e1:51:0f:43:d7:40:
48:9b:a2:4d:31:a2:fd:d9:a3:7a:15:d9:46:10:ed:
fe:15:83:97:31:28:10:a5:ce:45:c9:dd:46:ba:fc:
9e:b8:f1:c1:50:a8:ff:55:48:a5:3a:46:6d:11:ba:
e1:05:be:e1:8e:ec:77:be:4a:9b:42:00:ea:4f:8e:
a3:59:12:e6:0a:36:82:38:50:cd:9b:da:62:ae:e5:
0b:a3:78:56:72:fe:fb:35:6c:d2:a2:54:5a:51:f3:
d6:5a:7f:05:67:5a:39:80:3d:e5:93:27:9f:ad:1f:
02:4b:45:1a:ad:6a:47:f4:8a:d4:89:f1:4a:a4:cf:
55:50:59:93:12:ae:c7:c6:75:c7:df:69:bf:57:26:
4c:ed:69:d2:42:58:75:9f:c8:65:e0:54:e8:bc:d9:
63:4c:39:cb:dc:21:06:e9:e7:8b:04:91:6d:71:a5:
04:d7:e2:02:d6:22:fb:7e:c2:c5:61:1c:9f:39:3c:
72:5f:d4:8f:93:e7:d5:60:2d:ab:28:33:07:b9:16:
7c:df:15:6d:0d:73:37:85:57:c4:b0:21:69:18:b9:
35:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B4:AC:09:A0:C3:B6:59:CB:0D:52:6B:1E:B2:9E:FC:0E:C9:42:97
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/GrSsCaDDtlnLDVJrHrKe_A7JQpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.209.144.0/22
81.209.179.0/24
81.209.185.0/24
81.209.200.0/23
82.197.138.0/24
82.197.152.0/21
83.125.12.0/22
83.133.184.0/21
Signature Algorithm: sha256WithRSAEncryption
39:d5:f6:a7:ae:ba:8f:bd:5c:73:70:a5:74:c2:91:70:3f:f9:
fb:56:ac:95:cd:4e:4c:ad:10:24:53:1f:7e:92:69:c6:d8:56:
0c:3b:dc:a4:15:9a:49:16:2a:1c:ff:b2:c1:70:7b:11:b9:2d:
39:9f:26:fd:b3:2c:7a:79:53:a7:52:15:bc:d0:5b:d5:d4:48:
ed:09:91:19:24:bb:2d:98:f3:21:37:d9:5f:81:8b:4b:01:52:
bd:a5:9a:2b:33:87:11:52:bc:09:89:5a:ae:97:a9:99:3d:63:
27:7e:32:88:49:cf:c4:e8:08:04:4a:ec:ab:78:81:24:16:7e:
07:1f:64:5c:c6:86:31:91:3e:36:69:0e:de:f7:ed:3a:f7:35:
ae:68:a2:6d:f0:47:ef:06:1b:2c:ce:d5:28:fc:78:22:22:3c:
7f:63:0d:3a:d8:87:58:a7:5d:8f:6d:cc:6e:ef:54:3b:4c:d1:
50:de:0d:52:42:8c:31:e4:cc:c7:31:95:4c:2b:dd:1a:67:7b:
fd:bd:53:14:7e:00:61:bf:b9:3a:d9:6a:79:02:5d:b3:9a:e9:
a8:3f:2e:2b:f8:e3:74:5a:e2:4a:9b:f5:37:d1:95:85:96:59:
fd:7c:60:1c:95:4f:4b:68:9e:cd:09:4d:98:92:02:56:9e:f4:
58:e6:6e:f6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzFbohmj7TAYqRGBjtp7KdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI0YWMwOWEwYzNiNjU5Y2IwZDUyNmIxZWIyOWVmYzBlYzk0Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YCQ++1VxVcDcZxOCCU/JAWddqXv
q50HqqAZi5DmeCBDo0LSQBnhUQ9D10BIm6JNMaL92aN6FdlGEO3+FYOXMSgQpc5F
yd1GuvyeuPHBUKj/VUilOkZtEbrhBb7hjux3vkqbQgDqT46jWRLmCjaCOFDNm9pi
ruULo3hWcv77NWzSolRaUfPWWn8FZ1o5gD3lkyefrR8CS0UarWpH9IrUifFKpM9V
UFmTEq7HxnXH32m/VyZM7WnSQlh1n8hl4FTovNljTDnL3CEG6eeLBJFtcaUE1+IC
1iL7fsLFYRyfOTxyX9SPk+fVYC2rKDMHuRZ83xVtDXM3hVfEsCFpGLk1EQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBq0rAmgw7ZZyw1Sax6ynvwOyUKXMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvR3JTc0NhRER0bG5MRFZKckhyS2VfQTdKUXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCUdGQAwQA
UdGzAwQAUdG5AwQBUdHIAwQAUsWKAwQDUsWYAwQCU30MAwQDU4W4MA0GCSqGSIb3
DQEBCwUAA4IBAQA51fanrrqPvVxzcKV0wpFwP/n7VqyVzU5MrRAkUx9+kmnG2FYM
O9ykFZpJFioc/7LBcHsRuS05nyb9syx6eVOnUhW80FvV1EjtCZEZJLstmPMhN9lf
gYtLAVK9pZorM4cRUrwJiVqul6mZPWMnfjKISc/E6AgESuyreIEkFn4HH2RcxoYx
kT42aQ7e9+069zWuaKJt8EfvBhssztUo/HgiIjx/Yw062IdYp12Pbcxu71Q7TNFQ
3g1SQowx5MzHMZVMK90aZ3v9vVMUfgBhv7k62Wp5Al2zmumoPy4r+ON0WuJKm/U3
0ZWFlln9fGAclU9LaJ7NCU2YkgJWnvRY5m72
-----END CERTIFICATE-----
Generated at Thu May 23 18:01:00 2024 by rpki-client on console-ams.rpki-client.org