Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/G3vt7vZ2hGa_zEnowAwyVUpVWeU.roa
File: G3vt7vZ2hGa_zEnowAwyVUpVWeU.roa (raw, json)
Hash identifier: pTgWsW4z5yVH8AEDXAGgSywO7DjeKCj9szyRJaA6XfU=
Subject key identifier: 1B:7B:ED:EE:F6:76:84:66:BF:CC:49:E8:C0:0C:32:55:4A:55:59:E5
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 018CC4924E83D445418F14DE5B95AEC26165
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/G3vt7vZ2hGa_zEnowAwyVUpVWeU.roa
Signing time: Mon 01 Jan 2024 10:29:31 +0000
ROA not before: Mon 01 Jan 2024 10:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44247
IP address blocks: 95.158.160.0/22 maxlen: 24
46.35.176.0/22 maxlen: 24
95.158.176.0/21 maxlen: 24
212.21.128.0/24 maxlen: 24
212.21.136.0/23 maxlen: 24
212.21.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:4e:83:d4:45:41:8f:14:de:5b:95:ae:c2:61:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 10:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b7bedeef6768466bfcc49e8c00c32554a5559e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:97:cc:8a:c5:8c:f4:d3:0a:65:49:9d:6a:
28:00:f6:a8:2d:16:1e:b2:18:6a:05:cc:44:95:17:
38:41:75:ae:31:e8:f4:6f:80:d0:34:31:7a:9d:a3:
b3:6c:4e:28:44:55:c2:23:6b:06:51:d6:e5:e7:04:
5e:5d:88:0e:e9:cc:bd:d4:af:d9:1b:8e:14:27:fc:
ec:7f:6b:43:5f:f5:ca:b4:dc:ff:88:37:be:c4:f2:
ca:9f:9e:4f:7f:ce:3e:89:04:cc:56:35:c1:3e:63:
d8:97:3f:2e:de:3c:54:4b:42:f5:6e:d4:16:59:7b:
fd:f8:8a:a9:2c:00:c6:06:1d:ce:86:52:65:c6:cb:
9c:e1:94:9e:e5:54:06:7b:8f:8d:b8:1d:69:6e:f0:
f1:4d:0d:42:3b:90:a4:8d:1c:c1:84:52:ab:23:74:
88:04:c2:0a:6f:a2:0f:9a:e1:96:6a:0c:eb:c0:40:
30:b1:48:bd:c1:2b:23:d0:9e:37:52:bc:bb:bf:b6:
3b:b6:66:2a:1d:14:ae:2f:98:e8:75:6d:d2:36:e9:
a5:e4:88:d9:58:8c:23:80:13:cc:7b:be:a7:d7:29:
bb:44:11:79:19:b8:9f:15:23:c8:4b:dd:64:03:8e:
c8:80:8c:b9:07:3a:75:21:b2:21:8a:09:2a:3c:ea:
67:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7B:ED:EE:F6:76:84:66:BF:CC:49:E8:C0:0C:32:55:4A:55:59:E5
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/G3vt7vZ2hGa_zEnowAwyVUpVWeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.176.0/22
95.158.160.0/22
95.158.176.0/21
212.21.128.0/24
212.21.136.0-212.21.138.255
Signature Algorithm: sha256WithRSAEncryption
00:5c:d2:d7:7c:18:17:44:4f:a5:33:cc:79:73:57:7d:2b:65:
34:ec:aa:8d:36:94:7e:aa:b7:8a:10:17:fb:3e:91:b8:ae:e8:
a4:dc:23:ea:36:93:87:81:97:c6:42:83:78:79:12:c4:8a:c7:
5b:b2:07:cf:5c:dd:c9:6c:71:83:49:b4:e0:25:b8:e3:3a:7a:
d3:a3:e2:06:10:ac:ec:3f:d7:29:77:6e:20:af:14:15:2b:b7:
40:d1:8f:08:15:59:27:2a:fe:6f:78:af:1e:cf:7c:99:8a:5f:
6d:02:f6:2d:83:91:42:53:02:7b:d1:d4:e4:94:4d:5d:48:f8:
11:1b:68:49:44:21:1e:cf:09:38:22:07:f7:9a:a4:80:3e:72:
00:3d:60:1f:71:40:b4:cd:05:ac:37:61:99:a6:6e:93:28:b3:
ea:a0:5b:33:2f:c5:fa:f0:94:a8:83:7d:2a:02:9b:9b:f0:bb:
83:32:48:7f:c4:37:a4:5c:34:09:e9:61:54:6e:da:8b:48:39:
22:f1:2f:93:54:7e:2e:00:06:f2:4d:6e:bf:41:f0:bb:34:98:
f2:2b:94:e7:2a:a5:29:38:27:86:dc:15:40:27:d2:d5:96:a8:
f4:da:06:c9:1d:30:3a:03:5f:05:24:f4:a3:cd:cd:ce:94:90:
b3:12:c1:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzEkk6D1EVBjxTeW5WuwmFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjQwMTAxMTAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdiZWRlZWY2NzY4NDY2YmZjYzQ5ZThjMDBjMzI1NTRhNTU1OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMOXzIrFjPTTCmVJnWooAPaoLRYe
shhqBcxElRc4QXWuMej0b4DQNDF6naOzbE4oRFXCI2sGUdbl5wReXYgO6cy91K/Z
G44UJ/zsf2tDX/XKtNz/iDe+xPLKn55Pf84+iQTMVjXBPmPYlz8u3jxUS0L1btQW
WXv9+IqpLADGBh3OhlJlxsuc4ZSe5VQGe4+NuB1pbvDxTQ1CO5CkjRzBhFKrI3SI
BMIKb6IPmuGWagzrwEAwsUi9wSsj0J43Ury7v7Y7tmYqHRSuL5jodW3SNuml5IjZ
WIwjgBPMe76n1ym7RBF5GbifFSPIS91kA47IgIy5Bzp1IbIhigkqPOpndwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBt77e72doRmv8xJ6MAMMlVKVVnlMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvRzN2dDd2WjJoR2FfekVub3dBd3lWVXBWV2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLiOwAwQC
X56gAwQDX56wAwQA1BWAMAwDBAPUFYgDBADUFYowDQYJKoZIhvcNAQELBQADggEB
AABc0td8GBdET6UzzHlzV30rZTTsqo02lH6qt4oQF/s+kbiu6KTcI+o2k4eBl8ZC
g3h5EsSKx1uyB89c3clscYNJtOAluOM6etOj4gYQrOw/1yl3biCvFBUrt0DRjwgV
WScq/m94rx7PfJmKX20C9i2DkUJTAnvR1OSUTV1I+BEbaElEIR7PCTgiB/eapIA+
cgA9YB9xQLTNBaw3YZmmbpMos+qgWzMvxfrwlKiDfSoCm5vwu4MySH/EN6RcNAnp
YVRu2otIOSLxL5NUfi4ABvJNbr9B8Ls0mPIrlOcqpSk4J4bcFUAn0tWWqPTaBskd
MDoDXwUk9KPNzc6UkLMSwT0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:12:56 2024 by rpki-client on console-ams.rpki-client.org