Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/G2FZNAqy9aOmHMw0MtH8PHAxq94.roa
File: G2FZNAqy9aOmHMw0MtH8PHAxq94.roa (raw, json)
Hash identifier: IWEG7Dxw+vEwGFJvMEld7xjiKpO5D5hDsEcu7s4jxnI=
Subject key identifier: 1B:61:59:34:0A:B2:F5:A3:A6:1C:CC:34:32:D1:FC:3C:70:31:AB:DE
Certificate issuer: /CN=770aed77999de7d67e9df33f55591dedeeb626a5
Certificate serial: 018CC64A8202F44FA66A99078CB21B40A145
Authority key identifier: 77:0A:ED:77:99:9D:E7:D6:7E:9D:F3:3F:55:59:1D:ED:EE:B6:26:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dwrtd5md59Z-nfM_VVkd7e62JqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/G2FZNAqy9aOmHMw0MtH8PHAxq94.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202123
IP address blocks: 185.51.68.0/22 maxlen: 22
193.135.172.0/24 maxlen: 24
193.246.125.0/24 maxlen: 24
193.246.124.0/24 maxlen: 24
193.246.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/dwrtd5md59Z-nfM_VVkd7e62JqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/dwrtd5md59Z-nfM_VVkd7e62JqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dwrtd5md59Z-nfM_VVkd7e62JqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:82:02:f4:4f:a6:6a:99:07:8c:b2:1b:40:a1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=770aed77999de7d67e9df33f55591dedeeb626a5
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b6159340ab2f5a3a61ccc3432d1fc3c7031abde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6e:65:08:80:75:bf:b6:ac:ef:a7:27:f5:71:
2a:19:1d:1d:77:7d:1e:77:16:e2:9c:d2:ee:bd:17:
e7:69:7a:c2:17:e3:55:10:01:30:c9:da:6a:8a:da:
37:9b:6b:e0:c1:62:9f:a0:fa:73:0a:4e:dc:cf:07:
fc:44:50:66:cb:7c:23:b5:65:7c:7b:c4:9a:63:4b:
58:18:bd:d9:1b:3f:4f:9d:b7:59:31:92:3d:9d:88:
01:ef:f4:5d:98:58:07:6f:dc:25:bb:8e:4f:86:41:
15:a2:13:ba:85:89:07:e9:f5:88:d5:c1:48:1c:9f:
11:83:55:9a:7f:01:0c:15:05:dc:60:35:a1:f2:2c:
96:cb:5d:7c:47:c0:47:b5:8c:dc:00:5c:4a:98:9a:
a6:a6:aa:3b:37:62:81:c6:7d:87:a8:1e:f0:7a:2f:
f0:ad:c4:46:0d:84:7a:9d:ee:af:2e:c9:e1:ab:da:
63:1d:6f:ec:24:b8:7e:46:25:4d:d6:21:46:cb:2a:
e0:b0:04:77:78:d6:6e:b8:c9:17:e4:77:4b:2f:6a:
34:dd:3d:ae:61:5a:37:26:60:ea:cd:7e:41:d2:7d:
21:d8:20:41:dc:d0:af:d6:e1:77:09:92:4d:74:27:
ee:b1:01:d6:cd:3a:13:41:19:a8:6d:18:93:ce:03:
7e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:61:59:34:0A:B2:F5:A3:A6:1C:CC:34:32:D1:FC:3C:70:31:AB:DE
X509v3 Authority Key Identifier:
keyid:77:0A:ED:77:99:9D:E7:D6:7E:9D:F3:3F:55:59:1D:ED:EE:B6:26:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwrtd5md59Z-nfM_VVkd7e62JqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/G2FZNAqy9aOmHMw0MtH8PHAxq94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/dwrtd5md59Z-nfM_VVkd7e62JqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.68.0/22
193.135.172.0/24
193.246.124.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:44:9d:e1:59:f0:6b:5b:45:57:b6:f0:4c:1e:ce:7e:28:12:
91:8d:b0:1a:8a:72:8e:65:3b:fb:9b:60:b2:b2:3a:d6:1c:94:
7d:14:22:0c:53:f8:96:8e:90:bb:2c:7b:78:4d:34:5b:5f:9b:
25:26:ca:7b:b3:87:8e:d0:25:c0:37:e7:15:44:b0:a8:ef:5f:
b0:01:33:d1:d3:2e:f7:e9:45:a7:df:d2:ef:a7:c1:22:8a:a2:
f5:79:5f:4c:bb:83:2d:fe:7d:66:9f:10:c1:f6:6c:3a:67:b7:
59:c1:57:b6:35:f0:82:e3:26:1b:f0:a4:fa:5e:87:11:73:c0:
5a:d4:f8:c0:eb:e5:95:ec:f0:6d:09:e9:2a:a2:50:02:48:a6:
ce:1a:74:07:2b:cf:7f:52:5b:3f:16:78:3a:d0:77:59:e0:af:
a4:60:bf:b3:ba:6f:f2:d9:cd:30:22:66:4d:f1:a6:c0:3b:bd:
29:cc:ab:f9:d2:05:8f:0b:e4:5d:12:bb:6f:38:60:ca:27:e0:
c7:6d:df:4d:fd:61:fa:aa:b1:f9:01:01:c9:9e:50:2d:ed:5c:
b2:c9:82:4c:dd:60:62:3e:0a:5d:95:68:b1:0e:ed:c9:72:1f:
45:89:39:2d:f3:7f:c3:c1:9a:69:2c:b5:d3:78:37:86:4a:ce:
8e:37:af:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSoIC9E+mapkHjLIbQKFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MGFlZDc3OTk5ZGU3ZDY3ZTlkZjMzZjU1NTkxZGVkZWVi
NjI2YTUwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYxNTkzNDBhYjJmNWEzYTYxY2NjMzQzMmQxZmMzYzcwMzFhYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw25lCIB1v7as76cn9XEqGR0dd30e
dxbinNLuvRfnaXrCF+NVEAEwydpqito3m2vgwWKfoPpzCk7czwf8RFBmy3wjtWV8
e8SaY0tYGL3ZGz9PnbdZMZI9nYgB7/RdmFgHb9wlu45PhkEVohO6hYkH6fWI1cFI
HJ8Rg1WafwEMFQXcYDWh8iyWy118R8BHtYzcAFxKmJqmpqo7N2KBxn2HqB7wei/w
rcRGDYR6ne6vLsnhq9pjHW/sJLh+RiVN1iFGyyrgsAR3eNZuuMkX5HdLL2o03T2u
YVo3JmDqzX5B0n0h2CBB3NCv1uF3CZJNdCfusQHWzToTQRmobRiTzgN+9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBthWTQKsvWjphzMNDLR/DxwMaveMB8GA1UdIwQY
MBaAFHcK7XeZnefWfp3zP1VZHe3utialMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdydGQ1bWQ1OVotbmZNX1ZWa2Q3ZTYySnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMGQ5MjctZWQxYi00YjE5LWFkNmIt
ODQyOWJhNzkzMTlmLzEvRzJGWk5BcXk5YU9tSE13ME10SDhQSEF4cTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wMGQ5MjctZWQxYi00YjE5LWFkNmItODQyOWJhNzkzMTlm
LzEvZHdydGQ1bWQ1OVotbmZNX1ZWa2Q3ZTYySnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuTNEAwQA
wYesAwQBwfZ8MA0GCSqGSIb3DQEBCwUAA4IBAQB/RJ3hWfBrW0VXtvBMHs5+KBKR
jbAainKOZTv7m2CysjrWHJR9FCIMU/iWjpC7LHt4TTRbX5slJsp7s4eO0CXAN+cV
RLCo71+wATPR0y736UWn39Lvp8EiiqL1eV9Mu4Mt/n1mnxDB9mw6Z7dZwVe2NfCC
4yYb8KT6XocRc8Ba1PjA6+WV7PBtCekqolACSKbOGnQHK89/Uls/Fng60HdZ4K+k
YL+zum/y2c0wImZN8abAO70pzKv50gWPC+RdErtvOGDKJ+DHbd9N/WH6qrH5AQHJ
nlAt7VyyyYJM3WBiPgpdlWixDu3Jch9FiTkt83/DwZppLLXTeDeGSs6ON6/y
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:48:10 2024 by rpki-client on console-ams.rpki-client.org