Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/gh7vYTUG1hOvMTKmmRGw-tGeYFg.roa
File: gh7vYTUG1hOvMTKmmRGw-tGeYFg.roa (raw, json)
Hash identifier: sR6uyKixJoZpYifkcIdbmxtDNCxj0cgVxTr7fQC6rZQ=
Subject key identifier: 82:1E:EF:61:35:06:D6:13:AF:31:32:A6:99:11:B0:FA:D1:9E:60:58
Certificate issuer: /CN=e07e008d6ed2388ad31b7422423152a92a54de71
Certificate serial: 018CC64B3B365520DC509D85E20B331287B5
Authority key identifier: E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/gh7vYTUG1hOvMTKmmRGw-tGeYFg.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197227
IP address blocks: 145.14.240.0/21 maxlen: 24
46.243.156.0/22 maxlen: 24
185.131.160.0/22 maxlen: 22
213.5.208.0/21 maxlen: 24
185.81.56.0/22 maxlen: 24
46.175.40.0/21 maxlen: 24
85.234.248.0/21 maxlen: 24
37.247.56.0/21 maxlen: 24
5.133.248.0/21 maxlen: 24
195.80.128.0/21 maxlen: 24
188.211.16.0/21 maxlen: 24
2a03:1280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/4H4AjW7SOIrTG3QiQjFSqSpU3nE.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/4H4AjW7SOIrTG3QiQjFSqSpU3nE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3b:36:55:20:dc:50:9d:85:e2:0b:33:12:87:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e07e008d6ed2388ad31b7422423152a92a54de71
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=821eef613506d613af3132a69911b0fad19e6058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:05:11:04:2e:ab:f2:59:10:48:31:4b:f8:
e9:1b:59:cc:e3:b7:c3:c4:c0:23:58:a1:f4:3c:b0:
15:48:9a:10:cb:d4:98:d9:1a:51:20:c7:24:53:fb:
ed:e2:54:fb:d9:68:23:69:fb:e1:f1:c2:fc:f6:e5:
e3:e7:6c:4f:2c:90:74:9f:e0:fc:91:d9:68:c0:27:
45:78:74:21:9e:67:b2:16:01:ce:a0:88:44:e1:4b:
c7:73:e4:b0:39:32:d1:6c:37:91:06:b2:61:7a:40:
1c:03:1f:86:89:e2:1c:a6:39:c6:1e:7b:b3:9f:4e:
bc:e2:2e:08:4f:3d:32:3a:32:72:a4:5f:c1:c4:38:
c5:d6:0d:e8:6a:0c:1a:71:f9:15:d6:56:1a:8f:43:
7b:74:fa:bf:3d:b3:7b:47:28:31:69:92:ba:dc:ad:
a1:7e:3a:04:26:45:41:bd:ad:01:5e:cc:9e:a1:ac:
79:34:e1:bd:f6:b1:36:04:c3:01:28:ee:a0:ae:9e:
81:20:40:da:64:34:66:8d:51:d8:bc:8b:92:47:e7:
d6:51:07:81:08:50:c2:0a:f2:99:21:f6:0e:5f:e7:
0d:40:46:7d:1a:26:16:5b:ca:e7:59:d1:7c:dc:20:
90:32:fa:b5:02:f9:44:6f:f7:89:aa:a4:fc:d7:a2:
9f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1E:EF:61:35:06:D6:13:AF:31:32:A6:99:11:B0:FA:D1:9E:60:58
X509v3 Authority Key Identifier:
keyid:E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/gh7vYTUG1hOvMTKmmRGw-tGeYFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/4H4AjW7SOIrTG3QiQjFSqSpU3nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.248.0/21
37.247.56.0/21
46.175.40.0/21
46.243.156.0/22
85.234.248.0/21
145.14.240.0/21
185.81.56.0/22
185.131.160.0/22
188.211.16.0/21
195.80.128.0/21
213.5.208.0/21
IPv6:
2a03:1280::/32
Signature Algorithm: sha256WithRSAEncryption
5b:85:5b:01:eb:0d:b1:53:9d:b2:e2:43:69:ae:03:64:16:44:
f1:e8:bf:86:5d:8e:5f:98:0b:34:bd:f7:71:21:4a:a7:c9:0b:
93:aa:bb:12:69:fa:45:03:b9:76:71:b3:5b:17:a5:86:f2:2a:
ed:d2:58:61:de:89:c1:01:7f:77:9d:bc:6b:5c:56:fa:5b:b4:
a1:d5:e1:01:99:d3:cb:98:90:ef:88:8c:09:6e:f5:0b:24:0b:
b9:64:04:d0:d2:8e:e7:c0:85:a7:85:52:cd:d5:2e:75:17:69:
7d:86:7b:b6:d8:4c:07:05:c4:d9:ef:ef:67:45:0a:0b:50:5a:
f9:45:54:0b:ba:cd:9b:e9:40:7e:81:1a:65:42:72:31:d9:e2:
ff:e7:c3:fe:00:c7:de:a9:a2:2e:2b:e8:fc:22:27:07:de:78:
13:bc:68:fc:ce:c3:64:f3:25:09:6e:94:6f:e4:9d:9f:2b:fc:
55:1c:a7:ec:43:a4:4a:ab:28:d0:32:5d:4f:f9:97:01:48:bb:
1a:cd:fb:18:f1:c3:d2:02:14:ff:49:48:05:34:e9:71:84:fb:
5b:f6:fe:05:6e:b0:e5:07:90:7a:a0:c5:e7:4b:e0:28:99:0b:
5b:9b:e7:c9:e9:2a:1e:cc:04:bc:f4:d3:fb:ea:87:6f:09:5e:
5c:00:e7:29
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzGSzs2VSDcUJ2F4gszEoe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwN2UwMDhkNmVkMjM4OGFkMzFiNzQyMjQyMzE1MmE5MmE1
NGRlNzEwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFlZWY2MTM1MDZkNjEzYWYzMTMyYTY5OTExYjBmYWQxOWU2MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj4FEQQuq/JZEEgxS/jpG1nM47fD
xMAjWKH0PLAVSJoQy9SY2RpRIMckU/vt4lT72Wgjafvh8cL89uXj52xPLJB0n+D8
kdlowCdFeHQhnmeyFgHOoIhE4UvHc+SwOTLRbDeRBrJhekAcAx+GieIcpjnGHnuz
n0684i4ITz0yOjJypF/BxDjF1g3oagwacfkV1lYaj0N7dPq/PbN7RygxaZK63K2h
fjoEJkVBva0BXsyeoax5NOG99rE2BMMBKO6grp6BIEDaZDRmjVHYvIuSR+fWUQeB
CFDCCvKZIfYOX+cNQEZ9GiYWW8rnWdF83CCQMvq1AvlEb/eJqqT816Kf0QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFIIe72E1BtYTrzEyppkRsPrRnmBYMB8GA1UdIwQY
MBaAFOB+AI1u0jiK0xt0IkIxUqkqVN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEg0QWpXN1NPSXJURzNRaVFqRlNxU3BVM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kNDc5Y2MtYTcxMi00YmMzLTgzMmQt
MjcyNzI0N2FmMjEwLzEvZ2g3dllUVUcxaE92TVRLbW1SR3ctdEdlWUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kNDc5Y2MtYTcxMi00YmMzLTgzMmQtMjcyNzI0N2FmMjEw
LzEvNEg0QWpXN1NPSXJURzNRaVFqRlNxU3BVM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBYX4AwQD
Jfc4AwQDLq8oAwQCLvOcAwQDVer4AwQDkQ7wAwQCuVE4AwQCuYOgAwQDvNMQAwQD
w1CAAwQD1QXQMA0EAgACMAcDBQAqAxKAMA0GCSqGSIb3DQEBCwUAA4IBAQBbhVsB
6w2xU52y4kNprgNkFkTx6L+GXY5fmAs0vfdxIUqnyQuTqrsSafpFA7l2cbNbF6WG
8irt0lhh3onBAX93nbxrXFb6W7Sh1eEBmdPLmJDviIwJbvULJAu5ZATQ0o7nwIWn
hVLN1S51F2l9hnu22EwHBcTZ7+9nRQoLUFr5RVQLus2b6UB+gRplQnIx2eL/58P+
AMfeqaIuK+j8IicH3ngTvGj8zsNk8yUJbpRv5J2fK/xVHKfsQ6RKqyjQMl1P+ZcB
SLsazfsY8cPSAhT/SUgFNOlxhPtb9v4FbrDlB5B6oMXnS+AomQtbm+fJ6SoezAS8
9NP76odvCV5cAOcp
-----END CERTIFICATE-----
Generated at Thu May 16 06:00:46 2024 by rpki-client on console-ams.rpki-client.org