Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/GWUZFgH74UKKu2Ye0EL0hsegi0Q.roa
File: GWUZFgH74UKKu2Ye0EL0hsegi0Q.roa (raw, json)
Hash identifier: UInaPvqWX9DQxwNywo2nIal2gj7G/DIUp/czUbQW5mY=
Subject key identifier: 19:65:19:16:01:FB:E1:42:8A:BB:66:1E:D0:42:F4:86:C7:A0:8B:44
Certificate issuer: /CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Certificate serial: 018D82A0D74330D4DE9D5473E83566ED5C06
Authority key identifier: 54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/GWUZFgH74UKKu2Ye0EL0hsegi0Q.roa
Signing time: Wed 07 Feb 2024 08:13:15 +0000
ROA not before: Wed 07 Feb 2024 08:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43872
IP address blocks: 5.253.252.0/22 maxlen: 22
45.136.108.0/24 maxlen: 24
92.118.111.0/24 maxlen: 24
176.101.169.0/24 maxlen: 24
185.183.20.0/22 maxlen: 22
185.187.61.0/24 maxlen: 24
185.253.176.0/22 maxlen: 22
193.105.189.0/24 maxlen: 24
193.247.94.0/24 maxlen: 24
193.247.101.0/24 maxlen: 24
193.247.103.0/24 maxlen: 24
193.247.165.0/24 maxlen: 24
195.234.28.0/24 maxlen: 24
2a0b:180::/29 maxlen: 29
2a10:c9c0::/29 maxlen: 29
2a10:cac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:a0:d7:43:30:d4:de:9d:54:73:e8:35:66:ed:5c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Validity
Not Before: Feb 7 08:13:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1965191601fbe1428abb661ed042f486c7a08b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:76:00:e1:f5:36:c6:39:42:53:d2:b8:e3:
b5:a0:a8:21:16:a4:bd:a6:8e:3b:e6:d0:4a:2b:70:
b8:67:41:c2:38:fc:08:44:2f:11:3b:55:30:fc:9b:
6d:f0:c8:df:3c:63:70:e7:1d:63:a3:2b:47:a4:d3:
43:f8:e7:79:25:c6:17:2a:9d:cf:34:fa:5f:a8:98:
43:0e:61:64:4b:21:00:8b:f9:0e:5f:af:b9:c4:15:
f6:9c:3d:33:39:d5:a1:67:e1:71:85:3c:b8:69:61:
3c:6a:e4:0d:e7:47:49:40:e4:30:c7:65:bc:25:a1:
14:01:98:63:f5:54:23:30:34:4f:4a:c9:c6:f5:7a:
61:f9:3c:16:83:f2:09:a5:3e:36:2a:0d:21:b5:89:
8e:c5:3b:f0:53:cb:b1:ea:dd:9d:39:bb:48:42:14:
c3:63:af:30:06:ee:2d:c5:71:42:1e:d0:9c:e5:65:
31:e1:0c:c7:8b:59:4d:15:2d:e0:94:a0:dd:74:04:
5b:c7:36:84:10:0b:58:50:e6:92:86:62:58:22:29:
dd:23:40:84:00:e5:56:b2:a3:61:58:f3:22:c1:2c:
86:c6:e0:a1:8c:99:9a:f9:42:76:e7:72:e6:75:2f:
37:c9:f0:89:f7:51:97:e9:c4:7b:c2:86:71:a8:20:
dc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:65:19:16:01:FB:E1:42:8A:BB:66:1E:D0:42:F4:86:C7:A0:8B:44
X509v3 Authority Key Identifier:
keyid:54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/GWUZFgH74UKKu2Ye0EL0hsegi0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.252.0/22
45.136.108.0/24
92.118.111.0/24
176.101.169.0/24
185.183.20.0/22
185.187.61.0/24
185.253.176.0/22
193.105.189.0/24
193.247.94.0/24
193.247.101.0/24
193.247.103.0/24
193.247.165.0/24
195.234.28.0/24
IPv6:
2a0b:180::/29
2a10:c9c0::/29
2a10:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
55:93:06:b9:6f:17:4a:06:ba:a8:97:aa:8b:2c:e2:a2:93:a8:
c3:12:b7:b0:7f:f8:8c:59:80:2e:70:c7:4f:7f:3b:90:6a:fd:
60:e2:7b:1e:a3:aa:e2:91:0c:a2:b9:13:15:da:5d:17:00:a4:
7e:b2:ed:f5:5e:ac:eb:02:56:85:9e:88:bf:20:11:61:d8:82:
e1:03:4e:00:b7:5d:5c:97:f4:40:51:5f:6e:8d:fa:dd:3e:cf:
ed:3b:ba:70:cc:ec:51:8e:c8:70:6d:66:8a:c1:85:0b:69:a9:
c1:e4:96:95:95:c1:8a:83:81:5e:62:d9:39:62:a5:9e:47:78:
32:ac:9b:5d:4b:be:62:4d:19:8a:dd:14:13:7d:ad:aa:e9:af:
fb:82:56:f9:57:b9:13:65:ff:7e:9f:2e:87:23:3c:d6:16:79:
9d:5c:ff:1e:1e:4f:ef:c7:2f:e0:7b:2f:fa:4e:58:64:84:45:
1b:28:a9:00:95:d3:3f:d2:4d:8b:5c:76:75:7f:5f:59:3b:24:
ad:18:66:38:a5:bc:f1:ae:c3:62:fc:5f:70:36:42:67:75:10:
b2:e1:2b:4e:8d:c2:b9:da:a4:f3:8c:f8:f4:01:1b:50:f6:ae:
91:fa:46:c2:c9:82:f9:f6:40:cc:45:e2:48:dd:f4:7f:4c:cc:
13:07:54:76
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAY2CoNdDMNTenVRz6DVm7VwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2UyMGJmNWYyNTJiMWJkYmQyMWRjOTlkOTRjZDk3ZWE3
ZjBmZTYwHhcNMjQwMjA3MDgxMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTY1MTkxNjAxZmJlMTQyOGFiYjY2MWVkMDQyZjQ4NmM3YTA4YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPp2AOH1NsY5QlPSuOO1oKghFqS9
po475tBKK3C4Z0HCOPwIRC8RO1Uw/Jtt8MjfPGNw5x1joytHpNND+Od5JcYXKp3P
NPpfqJhDDmFkSyEAi/kOX6+5xBX2nD0zOdWhZ+FxhTy4aWE8auQN50dJQOQwx2W8
JaEUAZhj9VQjMDRPSsnG9Xph+TwWg/IJpT42Kg0htYmOxTvwU8ux6t2dObtIQhTD
Y68wBu4txXFCHtCc5WUx4QzHi1lNFS3glKDddARbxzaEEAtYUOaShmJYIindI0CE
AOVWsqNhWPMiwSyGxuChjJma+UJ253LmdS83yfCJ91GX6cR7woZxqCDcDwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFBllGRYB++FCirtmHtBC9IbHoItEMB8GA1UdIwQY
MBaAFFQ+IL9fJSsb29IdyZ2UzZfqfw/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUt
ZDVhZDk5NmExYWM4LzEvR1dVWkZnSDc0VUtLdTJZZTBFTDBoc2VnaTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUtZDVhZDk5NmExYWM4
LzEvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAgX9/AME
AC2IbAMEAFx2bwMEALBlqQMEArm3FAMEALm7PQMEArn9sAMEAMFpvQMEAMH3XgME
AMH3ZQMEAMH3ZwMEAMH3pQMEAMPqHDAbBAIAAjAVAwUDKgsBgAMFAyoQycADBQMq
EMrAMA0GCSqGSIb3DQEBCwUAA4IBAQBVkwa5bxdKBrqol6qLLOKik6jDErewf/iM
WYAucMdPfzuQav1g4nseo6rikQyiuRMV2l0XAKR+su31XqzrAlaFnoi/IBFh2ILh
A04At11cl/RAUV9ujfrdPs/tO7pwzOxRjshwbWaKwYULaanB5JaVlcGKg4FeYtk5
YqWeR3gyrJtdS75iTRmK3RQTfa2q6a/7glb5V7kTZf9+ny6HIzzWFnmdXP8eHk/v
xy/gey/6TlhkhEUbKKkAldM/0k2LXHZ1f19ZOyStGGY4pbzxrsNi/F9wNkJndRCy
4StOjcK52qTzjPj0ARtQ9q6R+kbCyYL59kDMReJI3fR/TMwTB1R2
-----END CERTIFICATE-----
Generated at Tue Jul 2 14:24:20 2024 by rpki-client on console-fra.rpki-client.org