Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/GQtHTnpw4yLx98Wbp_yacxlDomg.roa
File: GQtHTnpw4yLx98Wbp_yacxlDomg.roa (raw, json)
Hash identifier: 4d6hDZGJePpwbrKIBkdMInu6W1M9WJI56p+A/hKG1zs=
Subject key identifier: 19:0B:47:4E:7A:70:E3:22:F1:F7:C5:9B:A7:FC:9A:73:19:43:A2:68
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 01925180CE350A5686C68195A4735BA13DB9
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/GQtHTnpw4yLx98Wbp_yacxlDomg.roa
Signing time: Thu 03 Oct 2024 08:30:48 +0000
ROA not before: Thu 03 Oct 2024 08:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 62.102.144.0/22 maxlen: 22
62.109.32.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
65.99.128.0/18 maxlen: 18
82.99.0.0/18 maxlen: 18
83.145.0.0/18 maxlen: 18
85.112.160.0/19 maxlen: 19
85.112.184.0/22 maxlen: 22
94.246.64.0/18 maxlen: 18
146.185.8.0/21 maxlen: 21
178.248.24.0/22 maxlen: 22
185.178.140.0/22 maxlen: 22
185.178.143.0/24 maxlen: 24
185.181.216.0/22 maxlen: 22
185.183.152.0/22 maxlen: 22
185.190.144.0/22 maxlen: 22
185.199.168.0/22 maxlen: 22
185.205.224.0/22 maxlen: 22
185.205.226.0/24 maxlen: 24
212.16.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
213.80.0.0/18 maxlen: 18
213.80.64.0/19 maxlen: 19
213.132.96.0/19 maxlen: 19
213.212.0.0/18 maxlen: 18
217.140.112.0/20 maxlen: 20
2a01:2b0::/29 maxlen: 29
2a0a:6380::/29 maxlen: 29
2a0a:a040::/29 maxlen: 29
2a0a:a040::/32 maxlen: 32
2a0a:a041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:80:ce:35:0a:56:86:c6:81:95:a4:73:5b:a1:3d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Oct 3 08:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=190b474e7a70e322f1f7c59ba7fc9a731943a268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ec:26:7a:e4:63:9e:20:dd:ba:3f:f0:23:67:
1d:a8:ef:f4:7e:04:48:ad:79:83:7d:77:82:b2:3d:
b0:d4:7b:bd:ae:fb:a2:71:29:cd:1e:40:15:9f:0a:
7d:96:8a:24:58:a6:d9:7f:a9:b2:03:58:19:83:51:
01:5d:aa:35:d1:34:f3:38:83:3d:8a:68:41:14:73:
ab:fb:bf:9b:1f:bd:fb:17:6c:20:d9:49:72:da:54:
61:fc:37:03:ef:13:97:d1:94:7f:9b:01:1c:0a:5f:
35:64:3e:d0:be:bd:63:d6:7f:ca:3a:15:88:60:74:
7f:eb:c9:28:c6:8d:b0:7d:8b:11:0a:8e:56:1a:a7:
6f:16:70:d9:e3:3c:97:dd:b6:5a:30:b8:e5:71:7d:
e3:63:b4:89:a4:5d:17:9c:9c:36:f3:fd:8f:f3:39:
bb:59:e9:cd:45:4c:54:8b:d2:65:f8:12:0a:0f:5b:
39:77:49:41:ff:ee:bf:dc:4c:4c:bf:03:a4:df:55:
b9:7c:3e:6b:52:93:65:84:61:9e:2b:6d:f9:17:a5:
a5:8b:4e:99:d3:ef:fd:40:9d:63:48:23:8e:bc:74:
d8:2b:7f:eb:1f:17:ab:c0:b7:94:ee:8f:01:56:eb:
9d:55:25:fe:05:39:5d:32:96:e5:99:bc:32:20:c3:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0B:47:4E:7A:70:E3:22:F1:F7:C5:9B:A7:FC:9A:73:19:43:A2:68
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/GQtHTnpw4yLx98Wbp_yacxlDomg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.144.0/22
62.109.32.0/19
62.209.160.0/19
65.99.128.0/18
82.99.0.0/18
83.145.0.0/18
85.112.160.0/19
94.246.64.0/18
146.185.8.0/21
178.248.24.0/22
185.178.140.0/22
185.181.216.0/22
185.183.152.0/22
185.190.144.0/22
185.199.168.0/22
185.205.224.0/22
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
217.140.112.0/20
IPv6:
2a01:2b0::/29
2a0a:6380::/29
2a0a:a040::/29
Signature Algorithm: sha256WithRSAEncryption
4c:5f:61:3c:1c:ab:90:d5:0f:12:04:a5:d4:07:cb:98:f2:44:
96:4d:51:79:4d:22:6a:c5:09:e3:29:3c:99:92:07:c5:71:9e:
fc:43:72:ea:a3:30:a6:72:38:ef:34:64:83:82:70:0a:c1:92:
3a:80:a2:a9:96:45:cf:b5:83:1c:60:3a:f6:12:dc:d0:fb:7e:
36:ab:e4:5a:2f:92:69:62:f0:4e:01:27:24:a5:7a:ca:41:52:
4e:28:0d:35:05:95:f7:fa:20:bf:68:99:73:99:03:a3:d8:89:
fc:e0:94:73:e4:f4:46:fb:6b:d5:2f:29:59:25:11:c2:89:d5:
c1:a3:12:80:ec:10:18:ef:d4:8d:33:dd:26:5d:3e:b3:c6:5d:
55:ea:55:ee:b2:af:2f:75:c2:8e:a2:6d:45:dc:34:ba:22:10:
e4:1a:f4:4e:25:7c:55:df:24:0f:62:55:df:4d:89:67:57:ea:
e7:00:cb:68:39:49:23:a4:66:be:51:38:bf:49:e8:e7:35:46:
9c:cb:ed:34:1b:d0:24:bf:ab:8d:e5:c2:a7:47:66:10:27:b8:
30:4c:52:27:0d:05:ab:b5:be:dc:0d:fc:36:3a:20:55:59:c6:
91:08:aa:62:ee:a4:c0:52:c0:78:bb:76:3f:4f:be:a7:6b:fd:
cf:c1:11:48
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZJRgM41ClaGxoGVpHNboT25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjQxMDAzMDgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBiNDc0ZTdhNzBlMzIyZjFmN2M1OWJhN2ZjOWE3MzE5NDNhMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uwmeuRjniDduj/wI2cdqO/0fgRI
rXmDfXeCsj2w1Hu9rvuicSnNHkAVnwp9lookWKbZf6myA1gZg1EBXao10TTzOIM9
imhBFHOr+7+bH737F2wg2Uly2lRh/DcD7xOX0ZR/mwEcCl81ZD7Qvr1j1n/KOhWI
YHR/68koxo2wfYsRCo5WGqdvFnDZ4zyX3bZaMLjlcX3jY7SJpF0XnJw28/2P8zm7
WenNRUxUi9Jl+BIKD1s5d0lB/+6/3ExMvwOk31W5fD5rUpNlhGGeK235F6Wli06Z
0+/9QJ1jSCOOvHTYK3/rHxerwLeU7o8BVuudVSX+BTldMpblmbwyIMNF+wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFBkLR056cOMi8ffFm6f8mnMZQ6JoMB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEvR1F0SFRucHc0eUx4OThXYnBfeWFjeGxEb21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBmAQCAAEwgZEDBAI+
ZpADBAU+bSADBAU+0aADBAZBY4ADBAZSYwADBAZTkQADBAVVcKADBAZe9kADBAOS
uQgDBAKy+BgDBAK5sowDBAK5tdgDBAK5t5gDBAK5vpADBAK5x6gDBAK5zeADBAXU
EKADBAXUJQADBAXUcKAwCwMDBNVQAwQF1VBAAwQF1YRgAwQG1dQAAwQE2YxwMBsE
AgACMBUDBQMqAQKwAwUDKgpjgAMFAyoKoEAwDQYJKoZIhvcNAQELBQADggEBAExf
YTwcq5DVDxIEpdQHy5jyRJZNUXlNImrFCeMpPJmSB8VxnvxDcuqjMKZyOO80ZIOC
cArBkjqAoqmWRc+1gxxgOvYS3ND7fjar5Fovkmli8E4BJySlespBUk4oDTUFlff6
IL9omXOZA6PYifzglHPk9Eb7a9UvKVklEcKJ1cGjEoDsEBjv1I0z3SZdPrPGXVXq
Ve6yry91wo6ibUXcNLoiEOQa9E4lfFXfJA9iVd9NiWdX6ucAy2g5SSOkZr5ROL9J
6Oc1RpzL7TQb0CS/q43lwqdHZhAnuDBMUicNBau1vtwN/DY6IFVZxpEIqmLupMBS
wHi7dj9Pvqdr/c/BEUg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:15:52 2024 by rpki-client on console-fra.rpki-client.org