Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/gBKHStUXBVtuIkrxNE2okDw9FlE.roa
File: gBKHStUXBVtuIkrxNE2okDw9FlE.roa (raw, json)
Hash identifier: DdNDrSFMvjgs52B8s+5SVog5GXI4u/sneclIy8sHT8M=
Subject key identifier: 80:12:87:4A:D5:17:05:5B:6E:22:4A:F1:34:4D:A8:90:3C:3D:16:51
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018EEC4E1DD30F04329563694DCBE3EEF6BA
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/gBKHStUXBVtuIkrxNE2okDw9FlE.roa
Signing time: Wed 17 Apr 2024 13:45:26 +0000
ROA not before: Wed 17 Apr 2024 13:45:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14670
IP address blocks: 65.181.111.0/24 maxlen: 24
190.92.168.0/22 maxlen: 24
190.92.172.0/24 maxlen: 24
190.92.173.0/24 maxlen: 24
192.243.110.0/24 maxlen: 24
192.250.225.0/24 maxlen: 24
192.250.231.0/24 maxlen: 24
193.30.117.0/24 maxlen: 24
199.103.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:4e:1d:d3:0f:04:32:95:63:69:4d:cb:e3:ee:f6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Apr 17 13:45:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8012874ad517055b6e224af1344da8903c3d1651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d8:34:b8:d1:ef:23:4a:5f:ea:47:6c:10:5e:
e1:c3:85:48:d9:96:85:85:b4:88:f8:4e:e6:c8:f0:
92:21:0f:60:f6:a6:82:e4:b6:cf:29:f4:2b:fa:5a:
44:0d:36:63:06:80:0e:85:a7:03:e9:8d:05:5b:d9:
55:03:45:ad:a4:87:31:d4:f7:e0:6a:ab:99:49:9b:
72:6e:d8:9c:ca:6a:77:5f:22:b1:e2:7c:53:25:71:
c8:c6:db:dc:b0:e7:c0:a3:d7:da:c0:91:21:38:ff:
a1:e0:79:68:94:34:f6:46:69:14:1a:4a:1b:78:da:
7b:b3:df:58:ac:11:b1:df:57:6b:2a:19:10:55:49:
f9:89:37:45:4e:e0:24:b3:43:7a:99:a3:ce:35:0e:
35:c0:5d:99:6a:63:7b:78:b0:25:09:53:80:1c:95:
eb:25:fd:95:0c:f4:4a:b6:5a:b4:58:e3:44:be:e0:
0e:1b:d1:8a:43:3b:4c:5b:0d:8a:56:d6:6d:61:ea:
9f:20:b8:3d:40:fb:6e:6b:c3:9e:10:66:19:03:64:
d1:d6:b5:81:7d:73:df:90:b6:7b:ee:97:63:85:51:
fd:b0:fe:d4:f7:8a:bc:8e:fb:97:b5:3f:00:6f:f1:
d2:bd:79:24:89:08:ea:23:67:8f:e8:af:78:f5:f3:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:12:87:4A:D5:17:05:5B:6E:22:4A:F1:34:4D:A8:90:3C:3D:16:51
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/gBKHStUXBVtuIkrxNE2okDw9FlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.111.0/24
190.92.168.0-190.92.173.255
192.243.110.0/24
192.250.225.0/24
192.250.231.0/24
193.30.117.0/24
199.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:76:7a:f0:8c:d0:21:9b:6e:df:2a:ba:8f:ad:45:d5:03:c3:
56:d7:d7:6a:5c:ae:14:34:ea:d1:1e:4c:3b:07:c7:ae:7f:9e:
aa:d3:6e:33:d4:25:85:ba:b9:71:00:c1:06:7a:bf:08:d4:17:
72:55:d1:c1:83:75:13:aa:17:d6:8e:aa:3f:ac:e6:4e:06:84:
94:83:a6:d8:f8:ed:7d:1a:43:82:d8:e5:d9:62:6f:66:f7:be:
45:3a:0b:36:2b:fb:6c:3c:0b:26:74:9f:c8:0f:c3:5b:b4:7e:
63:92:c0:d7:9f:60:6a:29:48:5c:5d:e4:74:32:69:78:90:a2:
0d:33:f1:3a:41:49:4d:b3:a2:ea:12:cb:80:d2:40:da:9a:6b:
74:7c:27:8e:53:15:ad:6d:c6:4a:a6:d3:13:7a:ab:95:46:32:
06:ae:2a:0c:93:77:e1:f2:c4:bf:f5:67:f5:bc:ce:5e:8e:1a:
a4:7a:1b:f4:5d:7c:2d:c5:61:c7:c7:b7:bf:b6:97:9d:a4:7b:
fb:90:6e:10:fb:f7:ca:1b:2e:74:b4:ab:eb:68:60:df:95:f4:
69:97:79:80:24:90:54:dd:fa:3c:cd:e0:7f:61:c2:fd:3b:cf:
87:6f:25:6a:61:fd:51:b7:01:da:84:d3:94:96:7e:b2:05:40:
ea:28:3e:9f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY7sTh3TDwQylWNpTcvj7va6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwNDE3MTM0NTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDEyODc0YWQ1MTcwNTViNmUyMjRhZjEzNDRkYTg5MDNjM2QxNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtg0uNHvI0pf6kdsEF7hw4VI2ZaF
hbSI+E7myPCSIQ9g9qaC5LbPKfQr+lpEDTZjBoAOhacD6Y0FW9lVA0WtpIcx1Pfg
aquZSZtybticymp3XyKx4nxTJXHIxtvcsOfAo9fawJEhOP+h4HlolDT2RmkUGkob
eNp7s99YrBGx31drKhkQVUn5iTdFTuAks0N6maPONQ41wF2ZamN7eLAlCVOAHJXr
Jf2VDPRKtlq0WONEvuAOG9GKQztMWw2KVtZtYeqfILg9QPtua8OeEGYZA2TR1rWB
fXPfkLZ77pdjhVH9sP7U94q8jvuXtT8Ab/HSvXkkiQjqI2eP6K949fOpAQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIASh0rVFwVbbiJK8TRNqJA8PRZRMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvZ0JLSFN0VVhCVnR1SWtyeE5FMm9rRHc5RmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAQbVvMAwD
BAO+XKgDBAG+XKwDBADA824DBADA+uEDBADA+ucDBADBHnUDBADHZzowDQYJKoZI
hvcNAQELBQADggEBAH92evCM0CGbbt8quo+tRdUDw1bX12pcrhQ06tEeTDsHx65/
nqrTbjPUJYW6uXEAwQZ6vwjUF3JV0cGDdROqF9aOqj+s5k4GhJSDptj47X0aQ4LY
5dlib2b3vkU6CzYr+2w8CyZ0n8gPw1u0fmOSwNefYGopSFxd5HQyaXiQog0z8TpB
SU2zouoSy4DSQNqaa3R8J45TFa1txkqm0xN6q5VGMgauKgyTd+HyxL/1Z/W8zl6O
GqR6G/RdfC3FYcfHt7+2l52ke/uQbhD798obLnS0q+toYN+V9GmXeYAkkFTd+jzN
4H9hwv07z4dvJWph/VG3AdqE05SWfrIFQOooPp8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:28:56 2024 by rpki-client on console-fra.rpki-client.org