Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/GCmAU6W-snSutWJx0kDTpQmKCO0.roa
File: GCmAU6W-snSutWJx0kDTpQmKCO0.roa (raw, json)
Hash identifier: GThQ1HImznkQikhDDg8JRJG1KoLbwdLRHBv6UKS8bbk=
Subject key identifier: 18:29:80:53:A5:BE:B2:74:AE:B5:62:71:D2:40:D3:A5:09:8A:08:ED
Certificate issuer: /CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Certificate serial: 018FCEC06C38F7B1A325CBB090AB76198173
Authority key identifier: 7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/GCmAU6W-snSutWJx0kDTpQmKCO0.roa
Signing time: Fri 31 May 2024 13:04:28 +0000
ROA not before: Fri 31 May 2024 13:04:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213260
IP address blocks: 46.232.144.0/21 maxlen: 21
80.67.112.0/20 maxlen: 20
80.249.32.0/20 maxlen: 20
87.238.0.0/19 maxlen: 22
89.249.176.0/21 maxlen: 21
2a07:f500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:c0:6c:38:f7:b1:a3:25:cb:b0:90:ab:76:19:81:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Validity
Not Before: May 31 13:04:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18298053a5beb274aeb56271d240d3a5098a08ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:7e:9b:1a:60:6d:d2:ef:9d:a5:dc:93:6b:
59:74:f0:55:cd:cb:81:0f:88:9b:99:f5:1c:87:12:
5f:29:6f:d6:30:59:cb:a7:54:81:c8:05:58:ba:99:
c0:63:f8:6e:d4:d3:6a:56:1d:17:80:f6:d9:8a:a2:
4c:dd:0d:ec:0e:ff:c6:81:7b:2e:3e:69:c6:36:55:
22:42:78:b1:ea:97:7f:75:8c:22:4e:67:4b:60:b4:
86:4e:de:08:a8:f7:9d:d7:41:6f:f8:1a:72:00:a9:
4a:6e:cb:98:14:47:9d:9a:3d:cb:fe:8e:f6:2a:23:
76:69:e4:87:4d:b2:cf:ac:99:d6:16:a7:b7:31:5a:
5d:c6:8b:8e:65:f2:e3:a2:2f:ee:4b:73:86:9d:20:
ef:d5:c6:3d:3f:14:5d:8f:59:fb:de:e1:ce:33:47:
64:c5:e4:98:fe:f3:d3:4a:3c:54:10:96:93:42:c5:
1c:aa:bb:6f:71:17:65:47:20:2a:60:e6:95:e3:70:
b7:61:9d:1a:c0:ef:65:84:a2:91:ea:05:59:79:89:
3b:46:d3:fd:fd:1e:01:f7:54:f1:a2:a9:70:7e:f5:
98:09:ab:90:c4:2f:a3:06:13:c1:ea:c8:10:9e:e3:
f3:4f:bd:f2:f9:d2:54:71:d0:82:13:ed:a8:b2:c1:
bd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:29:80:53:A5:BE:B2:74:AE:B5:62:71:D2:40:D3:A5:09:8A:08:ED
X509v3 Authority Key Identifier:
keyid:7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/GCmAU6W-snSutWJx0kDTpQmKCO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.144.0/21
80.67.112.0/20
80.249.32.0/20
87.238.0.0/19
89.249.176.0/21
IPv6:
2a07:f500::/29
Signature Algorithm: sha256WithRSAEncryption
63:08:64:02:06:92:31:a0:00:95:94:57:ba:40:d2:37:3b:a9:
be:4e:cd:66:3a:a2:3b:c7:50:81:55:3b:f9:06:9b:7b:75:c4:
cb:67:56:26:78:1a:de:7b:c3:55:90:0b:46:d0:fe:4b:a7:05:
ab:d1:dc:c1:1d:4e:c1:27:62:27:19:eb:3d:c9:cd:f3:ac:35:
83:69:85:c0:b6:b4:57:1f:1f:92:dc:3a:56:62:3e:c7:60:98:
2e:8d:7f:3d:f0:b2:f4:ed:c2:42:60:be:d1:d3:e4:69:c1:93:
98:90:57:ee:48:18:19:7d:8e:5a:07:f2:4a:27:39:b6:cc:2f:
32:08:cd:96:0e:da:4c:3f:1f:d9:8e:75:69:c6:14:5a:20:0d:
8c:6b:23:09:1d:1a:ec:d3:55:38:06:df:50:2f:85:7d:1a:3b:
eb:17:42:86:d9:f0:87:8b:cb:6a:2a:fb:c9:46:a6:44:66:ab:
18:67:5d:32:62:a5:af:da:58:9c:ca:7e:ed:12:2b:39:30:c5:
f5:57:bd:fb:f3:78:3a:b3:f2:dd:d2:c4:7c:db:de:bc:78:f9:
6e:d8:38:d6:bb:b7:c8:f5:20:5c:94:e1:92:0a:37:2a:60:c2:
08:b4:48:93:9a:72:32:cf:7f:94:3f:f9:eb:28:5f:40:98:dc:
b9:fe:a5:60
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY/OwGw497GjJcuwkKt2GYFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMWZmNzAyNzI2ZTc1YjNhNjhmMTE4MmU0N2ZmYmNkY2Fl
NTE1ZTUwHhcNMjQwNTMxMTMwNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI5ODA1M2E1YmViMjc0YWViNTYyNzFkMjQwZDNhNTA5OGEwOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8l+mxpgbdLvnaXck2tZdPBVzcuB
D4ibmfUchxJfKW/WMFnLp1SByAVYupnAY/hu1NNqVh0XgPbZiqJM3Q3sDv/GgXsu
PmnGNlUiQnix6pd/dYwiTmdLYLSGTt4IqPed10Fv+BpyAKlKbsuYFEedmj3L/o72
KiN2aeSHTbLPrJnWFqe3MVpdxouOZfLjoi/uS3OGnSDv1cY9PxRdj1n73uHOM0dk
xeSY/vPTSjxUEJaTQsUcqrtvcRdlRyAqYOaV43C3YZ0awO9lhKKR6gVZeYk7RtP9
/R4B91TxoqlwfvWYCauQxC+jBhPB6sgQnuPzT73y+dJUcdCCE+2ossG97wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBgpgFOlvrJ0rrVicdJA06UJigjtMB8GA1UdIwQY
MBaAFHof9wJybnWzpo8RguR/+83K5RXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhfM0FuSnVkYk9tanhHQzVIXzd6Y3JsRmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZmVmMDMtMDY3MC00MWFiLWE2Yzkt
NDNhZGI2MDVmNjhhLzEvR0NtQVU2Vy1zblN1dFdKeDBrRFRwUW1LQ08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZmVmMDMtMDY3MC00MWFiLWE2YzktNDNhZGI2MDVmNjhh
LzEvZWhfM0FuSnVkYk9tanhHQzVIXzd6Y3JsRmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLuiQAwQE
UENwAwQEUPkgAwQFV+4AAwQDWfmwMA0EAgACMAcDBQMqB/UAMA0GCSqGSIb3DQEB
CwUAA4IBAQBjCGQCBpIxoACVlFe6QNI3O6m+Ts1mOqI7x1CBVTv5Bpt7dcTLZ1Ym
eBree8NVkAtG0P5LpwWr0dzBHU7BJ2InGes9yc3zrDWDaYXAtrRXHx+S3DpWYj7H
YJgujX898LL07cJCYL7R0+RpwZOYkFfuSBgZfY5aB/JKJzm2zC8yCM2WDtpMPx/Z
jnVpxhRaIA2MayMJHRrs01U4Bt9QL4V9GjvrF0KG2fCHi8tqKvvJRqZEZqsYZ10y
YqWv2licyn7tEis5MMX1V73783g6s/Ld0sR82968ePlu2DjWu7fI9SBclOGSCjcq
YMIItEiTmnIyz3+UP/nrKF9AmNy5/qVg
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:56 2024 by rpki-client on console-fra.rpki-client.org