Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa
File: gs4feMZ9E4Rz4nIce5j-7BitzUw.roa (raw, json)
Hash identifier: Xc13OwnbEuaVUfNXOuuXYW+CPtJq68kzo82nVXURoZ0=
Subject key identifier: 82:CE:1F:78:C6:7D:13:84:73:E2:72:1C:7B:98:FE:EC:18:AD:CD:4C
Certificate issuer: /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial: 018DCB6DC268ED261DF1E79442EAC0588F3E
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa
Signing time: Wed 21 Feb 2024 11:29:44 +0000
ROA not before: Wed 21 Feb 2024 11:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 37.77.160.0/21 maxlen: 24
45.156.60.0/23 maxlen: 23
45.156.62.0/23 maxlen: 23
46.31.104.0/21 maxlen: 24
81.29.176.0/22 maxlen: 23
185.37.116.0/22 maxlen: 23
185.47.138.0/24 maxlen: 24
185.59.20.0/22 maxlen: 23
185.186.12.0/22 maxlen: 23
185.246.95.0/24 maxlen: 24
2a02:2420::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:6d:c2:68:ed:26:1d:f1:e7:94:42:ea:c0:58:8f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Validity
Not Before: Feb 21 11:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82ce1f78c67d138473e2721c7b98feec18adcd4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:b8:21:7c:13:12:c9:e1:0c:09:a5:1c:32:
fc:51:1b:d6:e4:87:dc:3a:02:03:f4:a4:5e:6c:f1:
20:7c:92:78:d6:8b:a4:d0:99:f5:64:72:90:5b:93:
a5:ed:95:da:66:68:64:0c:84:21:21:77:aa:39:9d:
bb:9e:60:0b:cd:2a:5f:98:d5:02:dc:70:b4:3f:36:
15:64:5f:38:3f:66:8c:2c:ba:ed:f4:41:20:35:83:
20:5f:1c:72:54:0e:28:21:cd:c7:f4:42:63:a7:6b:
ff:27:5f:72:45:fb:42:69:c3:02:5c:ec:5e:b5:97:
b4:1f:6a:ee:cd:18:dc:81:2b:95:14:b1:a5:d7:68:
91:8e:d3:06:21:e9:ad:0f:44:84:30:1a:7c:d1:a1:
c7:b4:6f:1c:d4:11:18:ca:d5:a5:6c:52:6e:a6:06:
50:8f:fe:99:7f:61:b2:f7:a2:a6:a0:8c:b3:7c:34:
1b:d6:f0:d3:de:5a:29:8b:e2:96:d1:13:8b:d1:c5:
44:48:6f:e2:01:6e:3b:be:e9:b4:02:35:f6:03:cb:
df:e2:dc:e7:ce:12:e4:e0:3b:05:5f:7d:c6:1c:6d:
74:7d:d9:35:de:b5:ea:ee:36:e8:98:fd:5d:25:22:
41:6e:cb:47:c0:b8:c1:d2:a8:4b:36:1e:e4:c1:1b:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CE:1F:78:C6:7D:13:84:73:E2:72:1C:7B:98:FE:EC:18:AD:CD:4C
X509v3 Authority Key Identifier:
keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.160.0/21
45.156.60.0/22
46.31.104.0/21
81.29.176.0/22
185.37.116.0/22
185.47.138.0/24
185.59.20.0/22
185.186.12.0/22
185.246.95.0/24
IPv6:
2a02:2420::/32
Signature Algorithm: sha256WithRSAEncryption
64:19:40:39:15:c9:1f:f6:56:e9:f3:73:69:a9:b5:eb:f7:ee:
bf:0f:80:fc:26:65:6d:08:e3:29:ef:2d:6d:16:32:02:6c:c6:
1c:9e:1f:26:39:07:4f:41:b0:7e:0a:08:97:05:06:d0:fb:43:
b3:99:09:a3:30:00:ee:86:ef:71:b7:96:dd:c6:98:30:7a:1a:
9e:0d:45:02:ea:0f:e5:88:66:63:2a:a6:8c:c3:64:aa:83:e4:
d5:6b:32:59:18:69:39:06:ee:3f:86:0b:05:fc:85:6b:91:9a:
fe:b4:d5:28:6f:fe:ea:83:2a:22:1f:cd:3b:7c:53:c2:2d:09:
83:fd:03:58:98:2d:88:e8:da:b5:3f:f8:e4:f5:9c:11:2a:58:
34:7f:72:44:1c:7e:5b:e7:b9:85:4d:7b:14:7b:14:3f:92:2d:
d5:80:62:c8:ea:76:d4:10:5f:26:50:2e:71:31:6d:d4:50:56:
54:4c:65:5e:3f:46:bb:1b:65:c6:5c:22:b1:75:1c:53:10:df:
d9:05:00:5d:ea:51:3e:b2:d8:f0:8e:9d:98:86:31:8d:94:10:
02:8a:b5:9e:15:b9:df:e8:33:5f:13:69:70:c0:eb:23:9c:19:
39:1b:b7:c3:d3:1d:e6:cc:14:2a:79:19:65:4c:1b:07:98:15:
ce:6d:bc:1c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY3LbcJo7SYd8eeUQurAWI8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmFhMGQyZjVkZWMwMjAxZjU1ZTQwOTc5YzE5MDliNmRi
NzdjM2IwHhcNMjQwMjIxMTEyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNlMWY3OGM2N2QxMzg0NzNlMjcyMWM3Yjk4ZmVlYzE4YWRjZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1G4IXwTEsnhDAmlHDL8URvW5Ifc
OgID9KRebPEgfJJ41ouk0Jn1ZHKQW5Ol7ZXaZmhkDIQhIXeqOZ27nmALzSpfmNUC
3HC0PzYVZF84P2aMLLrt9EEgNYMgXxxyVA4oIc3H9EJjp2v/J19yRftCacMCXOxe
tZe0H2ruzRjcgSuVFLGl12iRjtMGIemtD0SEMBp80aHHtG8c1BEYytWlbFJupgZQ
j/6Zf2Gy96KmoIyzfDQb1vDT3lopi+KW0ROL0cVESG/iAW47vum0AjX2A8vf4tzn
zhLk4DsFX33GHG10fdk13rXq7jbomP1dJSJBbstHwLjB0qhLNh7kwRvaJQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFILOH3jGfROEc+JyHHuY/uwYrc1MMB8GA1UdIwQY
MBaAFOb6oNL13sAgH1XkCXnBkJttt3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmIt
OGM4ZDEwZThlYWJjLzEvZ3M0ZmVNWjlFNFJ6NG5JY2U1ai03Qml0elV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmItOGM4ZDEwZThlYWJj
LzEvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJU2gAwQC
LZw8AwQDLh9oAwQCUR2wAwQCuSV0AwQAuS+KAwQCuTsUAwQCuboMAwQAufZfMA0E
AgACMAcDBQAqAiQgMA0GCSqGSIb3DQEBCwUAA4IBAQBkGUA5Fckf9lbp83NpqbXr
9+6/D4D8JmVtCOMp7y1tFjICbMYcnh8mOQdPQbB+CgiXBQbQ+0OzmQmjMADuhu9x
t5bdxpgwehqeDUUC6g/liGZjKqaMw2Sqg+TVazJZGGk5Bu4/hgsF/IVrkZr+tNUo
b/7qgyoiH807fFPCLQmD/QNYmC2I6Nq1P/jk9ZwRKlg0f3JEHH5b57mFTXsUexQ/
ki3VgGLI6nbUEF8mUC5xMW3UUFZUTGVeP0a7G2XGXCKxdRxTEN/ZBQBd6lE+stjw
jp2YhjGNlBACirWeFbnf6DNfE2lwwOsjnBk5G7fD0x3mzBQqeRllTBsHmBXObbwc
-----END CERTIFICATE-----
Generated at Fri May 17 18:46:50 2024 by rpki-client on console-ams.rpki-client.org