Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa
File: GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa (raw, json)
Hash identifier: rqFeFt3X2pMNHHXGYTgFQemqBRvU6CtKe5D41J9g/GQ=
Subject key identifier: 18:71:3F:10:8F:5D:62:67:03:43:94:C1:37:B5:BE:91:61:81:D4:1A
Certificate issuer: /CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Certificate serial: 018D5F4738CCF6D3F98E9D24C39B57B5F11D
Authority key identifier: 0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa
Signing time: Wed 31 Jan 2024 11:28:39 +0000
ROA not before: Wed 31 Jan 2024 11:28:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202921
IP address blocks: 147.161.24.0/22 maxlen: 22
147.161.24.0/24 maxlen: 24
147.161.25.0/24 maxlen: 24
147.161.26.0/24 maxlen: 24
147.161.27.0/24 maxlen: 24
185.148.212.0/22 maxlen: 22
185.148.212.0/24 maxlen: 24
185.148.213.0/24 maxlen: 24
185.148.214.0/24 maxlen: 24
185.148.215.0/24 maxlen: 24
212.69.128.0/22 maxlen: 22
212.69.128.0/24 maxlen: 24
212.69.129.0/24 maxlen: 24
212.69.130.0/24 maxlen: 24
212.69.131.0/24 maxlen: 24
2a0d:f780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:47:38:cc:f6:d3:f9:8e:9d:24:c3:9b:57:b5:f1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Validity
Not Before: Jan 31 11:28:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18713f108f5d6267034394c137b5be916181d41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7b:d2:d2:43:04:31:0b:15:fd:81:38:47:88:
37:7e:6e:82:a2:fe:da:78:79:d3:2c:7f:29:c5:1b:
57:4a:55:25:26:5e:3f:ac:99:81:d5:5d:7e:ef:77:
65:eb:68:e9:39:fd:bd:2e:46:2e:ae:86:17:b2:d7:
bc:45:b3:15:70:df:6f:3e:2d:ac:fd:5a:c6:7c:f3:
0c:76:e3:14:61:ba:ae:16:ef:33:55:ef:1e:09:32:
b2:d1:54:2f:93:52:31:7e:5f:b1:fc:a7:f8:7a:97:
58:75:cf:05:bf:96:99:7d:54:0c:d8:da:b6:d4:bb:
ad:86:36:ec:88:e2:b4:01:e4:78:1f:0e:55:7f:6e:
0a:86:d6:58:7b:17:8a:be:cb:d7:6e:77:f9:cc:6b:
f0:bd:a4:e5:ae:42:67:90:4e:fc:7d:a0:a6:0e:4d:
c1:db:83:a7:c9:46:0b:a3:8a:7a:a5:b7:fb:e8:e1:
c2:4d:46:c2:de:ef:63:26:61:a2:ce:39:90:eb:65:
6c:51:c3:d3:43:9b:d1:8c:0e:54:2c:4b:ae:a6:14:
a0:8d:e0:ec:28:6d:ec:b1:07:03:10:ab:a5:e5:25:
b5:88:74:92:9d:05:aa:36:64:e1:a4:12:11:35:34:
11:25:d5:fd:63:ea:01:c7:e3:95:4e:9b:1c:63:7e:
c2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:71:3F:10:8F:5D:62:67:03:43:94:C1:37:B5:BE:91:61:81:D4:1A
X509v3 Authority Key Identifier:
keyid:0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.24.0/22
185.148.212.0/22
212.69.128.0/22
IPv6:
2a0d:f780::/29
Signature Algorithm: sha256WithRSAEncryption
0c:43:ce:5a:96:3e:05:58:a9:dd:ee:94:e8:1c:7f:ce:d8:51:
21:fc:ae:e1:7b:d5:e0:3c:6c:9a:f2:60:05:cf:9a:11:a7:64:
c1:d1:dd:58:7e:a9:d4:f6:b3:57:b5:3d:4a:38:ad:b6:a6:ec:
c4:d7:4e:67:9d:ca:34:86:63:1d:45:5c:af:ae:62:15:a7:0c:
65:f2:66:76:c9:7c:23:b1:6e:93:87:41:20:3b:5e:9e:f1:d7:
51:ef:d5:21:cb:f8:20:7f:0e:78:c9:4d:09:d4:2b:79:6d:f3:
dd:e2:8b:17:e7:bb:45:20:9d:a3:2a:27:6d:c1:00:6c:f8:6b:
31:10:a6:ea:ba:9e:21:3a:8e:7c:f0:52:4a:58:a0:d4:06:92:
e6:7d:8f:65:9f:7e:16:90:cc:af:14:03:a0:0b:f9:4c:6d:bb:
c6:8f:aa:a5:f4:73:bb:2e:72:b9:53:87:fd:97:93:ab:85:18:
26:4d:e0:46:42:e2:bc:bd:0c:a0:18:56:97:b1:97:1b:f1:ab:
c4:8a:b2:73:ad:cd:56:19:9b:c7:a0:ca:97:67:e7:a0:90:29:
27:7b:76:15:f2:60:98:ce:dc:77:aa:2c:d7:67:a8:30:63:81:
66:cc:9e:a6:be:f6:97:e3:70:02:b5:ec:45:1b:fc:e4:a4:e0:
4c:49:5c:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1fRzjM9tP5jp0kw5tXtfEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMmNlN2ZkMmY1YjFiNzk3NTdjODk3M2FlM2Y3YjBiZTY4
NjM4NWIwHhcNMjQwMTMxMTEyODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODcxM2YxMDhmNWQ2MjY3MDM0Mzk0YzEzN2I1YmU5MTYxODFkNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHvS0kMEMQsV/YE4R4g3fm6Cov7a
eHnTLH8pxRtXSlUlJl4/rJmB1V1+73dl62jpOf29LkYuroYXste8RbMVcN9vPi2s
/VrGfPMMduMUYbquFu8zVe8eCTKy0VQvk1Ixfl+x/Kf4epdYdc8Fv5aZfVQM2Nq2
1LuthjbsiOK0AeR4Hw5Vf24KhtZYexeKvsvXbnf5zGvwvaTlrkJnkE78faCmDk3B
24OnyUYLo4p6pbf76OHCTUbC3u9jJmGizjmQ62VsUcPTQ5vRjA5ULEuuphSgjeDs
KG3ssQcDEKul5SW1iHSSnQWqNmThpBIRNTQRJdX9Y+oBx+OVTpscY37C5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBhxPxCPXWJnA0OUwTe1vpFhgdQaMB8GA1UdIwQY
MBaAFAss5/0vWxt5dXyJc64/ewvmhjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMt
YTY0MTA5MTllODk4LzEvR0hFX0VJOWRZbWNEUTVUQk43Vy1rV0dCMUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMtYTY0MTA5MTllODk4
LzEvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCk6EYAwQC
uZTUAwQC1EWAMA0EAgACMAcDBQMqDfeAMA0GCSqGSIb3DQEBCwUAA4IBAQAMQ85a
lj4FWKnd7pToHH/O2FEh/K7he9XgPGya8mAFz5oRp2TB0d1YfqnU9rNXtT1KOK22
puzE105nnco0hmMdRVyvrmIVpwxl8mZ2yXwjsW6Th0EgO16e8ddR79Uhy/ggfw54
yU0J1Ct5bfPd4osX57tFIJ2jKidtwQBs+GsxEKbqup4hOo588FJKWKDUBpLmfY9l
n34WkMyvFAOgC/lMbbvGj6ql9HO7LnK5U4f9l5OrhRgmTeBGQuK8vQygGFaXsZcb
8avEirJzrc1WGZvHoMqXZ+egkCkne3YV8mCYztx3qizXZ6gwY4FmzJ6mvvaX43AC
texFG/zkpOBMSVyv
-----END CERTIFICATE-----
Generated at Tue May 28 13:48:37 2024 by rpki-client on console-ams.rpki-client.org