Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/GWot3od0uNOJoc4Wlxhdb5oOVj4.roa
File: GWot3od0uNOJoc4Wlxhdb5oOVj4.roa (raw, json)
Hash identifier: /7R0Yx9S+b2aeUAvnl4vWcTsoI3M1TP22KHwlW4BilI=
Subject key identifier: 19:6A:2D:DE:87:74:B8:D3:89:A1:CE:16:97:18:5D:6F:9A:0E:56:3E
Certificate issuer: /CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac
Certificate serial: 018CC348F352919A46EA23FDB9C32868FE6D
Authority key identifier: C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/GWot3od0uNOJoc4Wlxhdb5oOVj4.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41670
IP address blocks: 185.110.204.0/22 maxlen: 22
89.248.240.0/20 maxlen: 20
2a01:168::/29 maxlen: 29
2a01:168::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f3:52:91:9a:46:ea:23:fd:b9:c3:28:68:fe:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=196a2dde8774b8d389a1ce1697185d6f9a0e563e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0e:9b:dd:60:bd:05:dc:0d:03:ad:37:ab:58:
00:21:d0:43:ef:04:28:7e:cd:94:cd:89:ca:a7:6d:
fa:92:a7:d0:d7:c6:4e:46:bc:7d:b8:56:ea:6a:c6:
c1:db:ab:c3:16:04:24:f4:c0:42:6b:10:9e:9e:22:
5a:aa:fa:1c:1c:c0:2b:43:2f:d5:69:5a:be:e5:50:
07:b9:99:54:43:2c:2d:01:74:f1:c9:6c:2b:c8:09:
57:2b:42:47:89:a2:64:c2:30:31:74:13:19:e7:5b:
2c:1d:b2:6c:77:ae:2a:c3:f0:64:39:73:91:f7:7c:
93:0f:13:7e:bb:09:ac:68:2a:03:62:18:90:01:9f:
5c:f1:06:d8:d8:ca:d3:74:09:66:d8:b3:33:1d:aa:
f6:b7:bd:a0:bb:7a:1a:4c:cf:a3:fa:90:07:16:15:
30:dc:fa:2f:d0:eb:cf:f6:79:b4:79:f2:8f:f8:8e:
ab:df:ab:df:c3:14:60:30:2d:75:72:42:ff:40:a0:
8c:8f:5d:32:b7:58:66:24:20:a2:42:e3:7f:d4:4c:
26:7b:57:65:eb:f0:3e:35:ac:32:80:53:12:2d:75:
6c:29:c1:fc:66:06:95:e5:41:18:49:de:00:ce:bc:
85:49:28:a5:3b:cb:f6:f8:70:cf:1d:a4:ab:59:6b:
63:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6A:2D:DE:87:74:B8:D3:89:A1:CE:16:97:18:5D:6F:9A:0E:56:3E
X509v3 Authority Key Identifier:
keyid:C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/GWot3od0uNOJoc4Wlxhdb5oOVj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.240.0/20
185.110.204.0/22
IPv6:
2a01:168::/29
Signature Algorithm: sha256WithRSAEncryption
9a:e6:b3:49:e5:fb:72:70:ae:43:d7:78:e5:1a:51:69:1e:c7:
5c:91:fe:cd:8e:25:4a:b8:c4:f5:29:03:19:2b:98:56:60:74:
fa:3b:62:a1:db:cd:fc:2c:30:26:a5:6c:30:2d:c5:19:4d:46:
6f:fb:e5:88:e5:70:0d:91:c2:bb:99:77:b8:76:ec:c6:fd:6a:
93:99:77:4c:0b:8e:0a:5a:ba:08:e8:c3:58:66:c0:dc:5e:72:
49:75:48:48:e6:85:30:7a:bc:1b:0f:24:aa:5e:4e:c4:5b:5f:
00:fe:73:b5:4e:7b:82:73:67:e4:2e:69:72:05:86:f7:54:b2:
c0:ba:d8:78:31:07:27:e0:6e:09:5e:ee:ad:14:52:a4:c4:1d:
ed:19:ed:25:88:0c:71:76:e4:1f:bc:59:ae:14:8c:01:47:ca:
91:5b:a9:c9:6e:fb:19:1b:ce:90:10:94:b8:a5:84:5c:a7:8c:
76:e0:ac:7f:42:19:c3:75:93:df:54:7c:a4:4d:63:45:76:7a:
38:6a:a7:1a:54:22:17:de:ee:8a:5f:20:41:3e:84:42:84:d1:
65:6d:04:8f:81:9e:1f:28:d8:09:ee:24:ea:2c:17:ad:7a:73:
75:59:9c:63:46:28:4d:97:32:9a:3a:88:0b:63:8b:a1:5f:0e:
02:90:23:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSPNSkZpG6iP9ucMoaP5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmE1ZjJiNDY4ZGIzNWViNTYyYmQzN2UxZjM2ZWNlYTgx
M2NjYWMwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZhMmRkZTg3NzRiOGQzODlhMWNlMTY5NzE4NWQ2ZjlhMGU1NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA6b3WC9BdwNA603q1gAIdBD7wQo
fs2UzYnKp236kqfQ18ZORrx9uFbqasbB26vDFgQk9MBCaxCeniJaqvocHMArQy/V
aVq+5VAHuZlUQywtAXTxyWwryAlXK0JHiaJkwjAxdBMZ51ssHbJsd64qw/BkOXOR
93yTDxN+uwmsaCoDYhiQAZ9c8QbY2MrTdAlm2LMzHar2t72gu3oaTM+j+pAHFhUw
3Pov0OvP9nm0efKP+I6r36vfwxRgMC11ckL/QKCMj10yt1hmJCCiQuN/1Ewme1dl
6/A+NawygFMSLXVsKcH8ZgaV5UEYSd4AzryFSSilO8v2+HDPHaSrWWtjtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBlqLd6HdLjTiaHOFpcYXW+aDlY+MB8GA1UdIwQY
MBaAFMZqXytGjbNetWK9N+Hzbs6oE8ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4Nzgt
MzFmNGNjMTJkNjIwLzEvR1dvdDNvZDB1Tk9Kb2M0V2x4aGRiNW9PVmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4NzgtMzFmNGNjMTJkNjIw
LzEveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEWfjwAwQC
uW7MMA0EAgACMAcDBQMqAQFoMA0GCSqGSIb3DQEBCwUAA4IBAQCa5rNJ5ftycK5D
13jlGlFpHsdckf7NjiVKuMT1KQMZK5hWYHT6O2Kh2838LDAmpWwwLcUZTUZv++WI
5XANkcK7mXe4duzG/WqTmXdMC44KWroI6MNYZsDcXnJJdUhI5oUwerwbDySqXk7E
W18A/nO1TnuCc2fkLmlyBYb3VLLAuth4MQcn4G4JXu6tFFKkxB3tGe0liAxxduQf
vFmuFIwBR8qRW6nJbvsZG86QEJS4pYRcp4x24Kx/QhnDdZPfVHykTWNFdno4aqca
VCIX3u6KXyBBPoRChNFlbQSPgZ4fKNgJ7iTqLBetenN1WZxjRihNlzKaOogLY4uh
Xw4CkCPg
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:36:14 2024 by rpki-client on console-fra.rpki-client.org