Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/GpAGKtQM8A-g0jiwGTeSX6PrXbk.roa
File: GpAGKtQM8A-g0jiwGTeSX6PrXbk.roa (raw, json)
Hash identifier: /UgNSD+8au6sxivj3/YqUBUBYfca6MZ7Su0Y5yag6oI=
Subject key identifier: 1A:90:06:2A:D4:0C:F0:0F:A0:D2:38:B0:19:37:92:5F:A3:EB:5D:B9
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 018CC8DFAF752189287123E21E7F8183D7A6
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/GpAGKtQM8A-g0jiwGTeSX6PrXbk.roa
Signing time: Tue 02 Jan 2024 06:32:31 +0000
ROA not before: Tue 02 Jan 2024 06:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6661
IP address blocks: 213.166.32.0/19 maxlen: 24
107.183.0.0/17 maxlen: 24
213.135.224.0/19 maxlen: 24
88.207.128.0/17 maxlen: 24
146.0.216.0/21 maxlen: 24
78.141.128.0/18 maxlen: 24
185.32.236.0/22 maxlen: 24
37.157.152.0/21 maxlen: 24
194.154.192.0/19 maxlen: 24
87.240.192.0/18 maxlen: 24
178.254.64.0/18 maxlen: 24
146.0.212.0/22 maxlen: 24
188.115.0.0/18 maxlen: 24
83.99.0.0/17 maxlen: 24
146.0.128.0/18 maxlen: 24
195.46.224.0/19 maxlen: 24
2a00:ca60::/32 maxlen: 48
2001:7e8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 06:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:af:75:21:89:28:71:23:e2:1e:7f:81:83:d7:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Jan 2 06:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a90062ad40cf00fa0d238b01937925fa3eb5db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:20:e0:f9:5a:18:42:de:2e:2f:1a:81:fb:1e:
1f:58:65:40:ea:ae:8c:46:e1:03:29:e7:56:29:67:
fb:cd:71:04:b6:29:23:aa:b8:83:fb:bc:34:38:ee:
ed:e2:89:d4:2e:d6:b9:0d:bb:24:9d:33:61:19:67:
d2:69:82:b3:28:9f:f0:c4:c1:1e:87:c8:48:72:74:
09:0d:d6:6e:cb:2f:44:4f:d7:18:3f:5f:e6:08:08:
18:0c:62:91:a6:e0:19:56:b4:09:c5:82:0e:2b:91:
37:6b:8c:1b:58:c8:5b:57:bf:02:b1:60:16:44:7e:
70:91:c8:5a:ff:b9:a8:87:c0:1b:a2:c5:e2:1c:f3:
e3:dc:04:0d:77:93:22:c5:1b:2e:99:9f:ab:10:4e:
ee:f8:5d:b1:55:bf:d8:58:c9:4a:cd:5f:18:52:32:
ac:3b:fe:6d:9f:29:1a:c7:91:b5:dc:27:61:fc:6c:
d8:9a:1a:68:e9:b5:f5:4c:d3:92:79:b3:66:79:74:
54:94:01:78:ff:03:fe:aa:95:b8:74:50:39:5d:80:
df:29:f3:25:8d:42:f3:b8:e5:9c:66:33:0c:35:28:
ff:57:93:e2:f3:ea:96:a9:3b:9f:39:d8:9f:db:34:
40:e8:1b:7f:fd:f7:9d:85:47:ee:91:99:2c:87:7e:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:90:06:2A:D4:0C:F0:0F:A0:D2:38:B0:19:37:92:5F:A3:EB:5D:B9
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/GpAGKtQM8A-g0jiwGTeSX6PrXbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.152.0/21
78.141.128.0/18
83.99.0.0/17
87.240.192.0/18
88.207.128.0/17
107.183.0.0/17
146.0.128.0/18
146.0.212.0-146.0.223.255
178.254.64.0/18
185.32.236.0/22
188.115.0.0/18
194.154.192.0/19
195.46.224.0/19
213.135.224.0/19
213.166.32.0/19
IPv6:
2001:7e8::/32
2a00:ca60::/32
Signature Algorithm: sha256WithRSAEncryption
69:78:0e:1b:3b:b7:4e:33:80:31:99:77:23:bb:27:a3:a8:1e:
7d:37:4e:20:f5:70:73:f0:86:7f:4f:12:7c:50:86:91:f1:be:
61:54:c8:a1:cf:23:1b:fc:14:8d:62:9e:ef:69:71:8a:b0:e4:
b3:49:d8:2a:58:d1:af:56:e6:5d:35:5e:85:c9:f4:d5:61:26:
75:6b:2a:23:2e:7e:13:88:6d:fa:ea:c5:7b:59:83:4b:ee:a1:
8b:ac:7e:6c:f2:97:42:f0:80:06:1f:95:a5:66:fe:7d:98:ce:
ce:f1:5c:28:5f:1b:66:b9:dd:7e:29:48:61:ad:64:f1:8d:7f:
ea:1a:ee:2f:b2:9a:fe:4e:cb:b7:2a:b1:40:81:6c:33:30:0c:
97:39:6a:d3:dc:b0:66:a3:d4:35:b5:8e:c9:cc:e1:e7:3b:c3:
10:95:a6:c6:b0:a7:1e:38:c0:aa:52:ea:cd:34:8d:49:eb:02:
de:4a:47:3b:fe:e1:c8:fd:66:23:9e:f9:9d:3a:d0:6e:60:05:
99:ab:d7:25:59:02:1e:68:68:35:4e:14:04:48:cc:6d:74:06:
4c:c0:60:75:22:a1:55:1c:16:6d:16:16:ed:77:b6:0c:dc:24:
44:d8:e3:69:e2:37:4b:49:27:07:f6:38:1d:da:94:54:81:2e:
24:4b:50:88
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzI3691IYkocSPiHn+Bg9emMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjNkYTZlYjNiN2EwN2ZkYzQ1MjU4ODMwMDQ5NzBkNjQw
YjAzNmIwHhcNMjQwMTAyMDYzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkwMDYyYWQ0MGNmMDBmYTBkMjM4YjAxOTM3OTI1ZmEzZWI1ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSDg+VoYQt4uLxqB+x4fWGVA6q6M
RuEDKedWKWf7zXEEtikjqriD+7w0OO7t4onULta5DbsknTNhGWfSaYKzKJ/wxMEe
h8hIcnQJDdZuyy9ET9cYP1/mCAgYDGKRpuAZVrQJxYIOK5E3a4wbWMhbV78CsWAW
RH5wkcha/7moh8AbosXiHPPj3AQNd5MixRsumZ+rEE7u+F2xVb/YWMlKzV8YUjKs
O/5tnykax5G13Cdh/GzYmhpo6bX1TNOSebNmeXRUlAF4/wP+qpW4dFA5XYDfKfMl
jULzuOWcZjMMNSj/V5Pi8+qWqTufOdif2zRA6Bt//fedhUfukZksh37PIQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFBqQBirUDPAPoNI4sBk3kl+j6125MB8GA1UdIwQY
MBaAFPVj2m6zt6B/3EUliDAElw1kCwNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUt
ZTU1MjBhYTdiYTM3LzEvR3BBR0t0UU04QS1nMGppd0dUZVNYNlByWGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUtZTU1MjBhYTdiYTM3
LzEvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQDJZ2Y
AwQGTo2AAwQHU2MAAwQGV/DAAwQHWM+AAwQHa7cAAwQGkgCAMAwDBAKSANQDBAWS
AMADBAay/kADBAK5IOwDBAa8cwADBAXCmsADBAXDLuADBAXVh+ADBAXVpiAwFAQC
AAIwDgMFACABB+gDBQAqAMpgMA0GCSqGSIb3DQEBCwUAA4IBAQBpeA4bO7dOM4Ax
mXcjuyejqB59N04g9XBz8IZ/TxJ8UIaR8b5hVMihzyMb/BSNYp7vaXGKsOSzSdgq
WNGvVuZdNV6FyfTVYSZ1ayojLn4TiG366sV7WYNL7qGLrH5s8pdC8IAGH5WlZv59
mM7O8VwoXxtmud1+KUhhrWTxjX/qGu4vspr+Tsu3KrFAgWwzMAyXOWrT3LBmo9Q1
tY7JzOHnO8MQlabGsKceOMCqUurNNI1J6wLeSkc7/uHI/WYjnvmdOtBuYAWZq9cl
WQIeaGg1ThQESMxtdAZMwGB1IqFVHBZtFhbtd7YM3CRE2ONp4jdLSScH9jgd2pRU
gS4kS1CI
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:48:42 2024 by rpki-client on console-ams.rpki-client.org