Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFg5I3RMh92hrqpiw0daRs_fR18.roa
File: GFg5I3RMh92hrqpiw0daRs_fR18.roa (raw, json)
Hash identifier: cgWE7sbDOeXv9+3I2sN2EUBnWbBO67Vq10uQYgwoQz8=
Subject key identifier: 18:58:39:23:74:4C:87:DD:A1:AE:AA:62:C3:47:5A:46:CF:DF:47:5F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0190030FF0887BD185EB64CEDB71AD0A7EA6
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFg5I3RMh92hrqpiw0daRs_fR18.roa
Signing time: Mon 10 Jun 2024 16:51:34 +0000
ROA not before: Mon 10 Jun 2024 16:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.8.195.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
193.168.208.0/24 maxlen: 24
193.168.209.0/24 maxlen: 24
193.168.210.0/24 maxlen: 24
193.168.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:0f:f0:88:7b:d1:85:eb:64:ce:db:71:ad:0a:7e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 10 16:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18583923744c87dda1aeaa62c3475a46cfdf475f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:de:fd:71:9d:2e:f3:14:1c:de:b0:85:58:
59:c8:ae:cc:48:48:5b:c5:32:0f:ec:6b:dd:38:dd:
f7:7c:3a:76:53:88:ae:48:c8:ad:91:62:94:ea:81:
0e:15:ea:e1:63:46:df:04:01:7f:83:36:83:66:11:
80:2b:da:12:0f:46:5b:0e:73:5e:38:a8:a6:60:b8:
74:48:d8:08:e9:71:0a:7d:65:2b:de:f5:92:e4:0e:
e1:0f:5d:d0:cb:93:64:31:32:e3:ee:53:01:21:ca:
e8:15:82:3c:01:7b:65:0f:21:6d:32:84:95:be:57:
b0:46:6d:47:06:b5:1d:a9:70:e8:5a:70:73:8c:6c:
39:d1:44:44:4f:ee:51:05:5e:3e:b5:ce:cb:c1:a9:
32:0b:00:9b:3a:60:9b:a0:d4:23:23:26:40:fa:d0:
42:03:07:45:ff:a8:39:c5:1a:b6:ad:88:0b:38:13:
b2:3a:16:6b:9a:98:39:6b:73:38:2b:da:0e:35:ff:
9d:cf:91:9b:59:18:6e:7a:a5:14:79:51:4a:d6:5f:
67:b5:bb:54:f1:19:58:db:43:5a:5f:f3:42:4d:6d:
90:c1:6a:34:2a:cb:79:3c:d8:08:d9:7e:00:b2:70:
20:de:0d:eb:78:6c:2f:23:61:b8:b0:23:a0:cc:1a:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:58:39:23:74:4C:87:DD:A1:AE:AA:62:C3:47:5A:46:CF:DF:47:5F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFg5I3RMh92hrqpiw0daRs_fR18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.195.0/24
45.8.197.0-45.8.198.255
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:3f:e3:c8:c1:29:80:a3:3d:1e:16:d1:eb:31:b9:7b:ab:d8:
bc:02:5b:dd:d7:a9:72:ed:b8:88:e3:32:4b:c0:ca:3f:d4:eb:
26:7e:b5:da:f4:43:cb:d0:2b:64:7f:63:e4:dc:c7:2e:d4:3d:
78:8e:c7:59:57:aa:37:92:18:45:ac:b9:bd:82:f1:ac:6d:45:
ba:0d:ff:f1:7f:28:c4:bc:be:ba:e1:83:f8:97:94:4a:ac:c9:
a1:67:29:11:e1:f2:8e:27:a5:85:7b:43:8a:fa:c6:7b:95:f8:
82:ae:74:d2:89:cb:a4:4c:c2:aa:77:e0:18:2e:eb:86:e0:00:
ce:2f:8a:dd:f6:f6:f7:de:af:04:80:43:6f:be:c5:ec:c8:eb:
91:f8:56:5d:1a:54:82:92:c9:bd:34:58:5a:3a:a5:a5:98:b9:
bd:4a:51:85:fb:e9:30:bc:b3:26:f2:4d:aa:a3:8f:8e:70:0a:
bc:c0:d7:c4:e0:05:be:35:4d:37:6f:5e:a0:bd:37:38:3b:1d:
ba:28:53:d3:be:6e:5c:70:97:62:b9:e9:68:cf:3c:68:ac:53:
5b:10:ae:25:09:90:61:aa:b9:34:58:b3:e9:de:40:61:f6:92:
cf:bd:30:d8:f2:85:9d:9d:27:18:0b:b4:d2:36:a2:33:ee:a5:
35:ff:1f:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZADD/CIe9GF62TO23GtCn6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwNjEwMTY1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODU4MzkyMzc0NGM4N2RkYTFhZWFhNjJjMzQ3NWE0NmNmZGY0NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLve/XGdLvMUHN6whVhZyK7MSEhb
xTIP7GvdON33fDp2U4iuSMitkWKU6oEOFerhY0bfBAF/gzaDZhGAK9oSD0ZbDnNe
OKimYLh0SNgI6XEKfWUr3vWS5A7hD13Qy5NkMTLj7lMBIcroFYI8AXtlDyFtMoSV
vlewRm1HBrUdqXDoWnBzjGw50URET+5RBV4+tc7LwakyCwCbOmCboNQjIyZA+tBC
AwdF/6g5xRq2rYgLOBOyOhZrmpg5a3M4K9oONf+dz5GbWRhueqUUeVFK1l9ntbtU
8RlY20NaX/NCTW2QwWo0Kst5PNgI2X4AsnAg3g3reGwvI2G4sCOgzBo2sQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBhYOSN0TIfdoa6qYsNHWkbP30dfMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvR0ZnNUkzUk1oOTJocnFwaXcwZGFSc19mUjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALQjDMAwD
BAAtCMUDBAAtCMYDBALBqNAwDQYJKoZIhvcNAQELBQADggEBAKs/48jBKYCjPR4W
0esxuXur2LwCW93XqXLtuIjjMkvAyj/U6yZ+tdr0Q8vQK2R/Y+Tcxy7UPXiOx1lX
qjeSGEWsub2C8axtRboN//F/KMS8vrrhg/iXlEqsyaFnKRHh8o4npYV7Q4r6xnuV
+IKudNKJy6RMwqp34Bgu64bgAM4vit329vferwSAQ2++xezI65H4Vl0aVIKSyb00
WFo6paWYub1KUYX76TC8sybyTaqjj45wCrzA18TgBb41TTdvXqC9Nzg7HbooU9O+
blxwl2K56WjPPGisU1sQriUJkGGquTRYs+neQGH2ks+9MNjyhZ2dJxgLtNI2ojPu
pTX/H2c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:37 2024 by rpki-client on console-fra.rpki-client.org