Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/gC_5XUuNRod3lfqPZtgR-S4h2M0.roa
File: gC_5XUuNRod3lfqPZtgR-S4h2M0.roa (raw, json)
Hash identifier: eWljZoIdkCqU9Z0vDO5B3QY+Xbx6jU88/vu2GRHxoO0=
Subject key identifier: 80:2F:F9:5D:4B:8D:46:87:77:95:FA:8F:66:D8:11:F9:2E:21:D8:CD
Certificate issuer: /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial: 018CC8DF0E0478D38EBA7F7EAF054D1C7EE9
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/gC_5XUuNRod3lfqPZtgR-S4h2M0.roa
Signing time: Tue 02 Jan 2024 06:31:50 +0000
ROA not before: Tue 02 Jan 2024 06:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41678
IP address blocks: 89.185.129.0/24 maxlen: 24
89.185.128.0/21 maxlen: 21
194.46.152.0/22 maxlen: 22
89.185.136.0/21 maxlen: 21
89.185.144.0/20 maxlen: 20
89.185.143.0/24 maxlen: 24
194.46.161.0/24 maxlen: 24
194.46.160.0/24 maxlen: 24
194.46.164.0/22 maxlen: 22
89.185.154.0/24 maxlen: 24
89.185.157.0/24 maxlen: 24
212.108.64.0/20 maxlen: 20
212.108.77.0/24 maxlen: 24
194.46.0.0/19 maxlen: 19
212.108.94.0/24 maxlen: 24
212.108.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:0e:04:78:d3:8e:ba:7f:7e:af:05:4d:1c:7e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Validity
Not Before: Jan 2 06:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=802ff95d4b8d46877795fa8f66d811f92e21d8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ec:ec:c8:27:55:b1:69:19:6a:84:44:ca:8e:
0e:ed:a7:ad:97:6b:b9:9f:87:25:36:ae:b6:f7:7c:
52:92:54:89:81:9d:7c:24:35:d7:cf:23:2f:35:37:
18:11:4b:a7:ec:c5:e0:63:5b:7a:d1:53:20:e9:2d:
b6:57:78:23:6d:51:aa:84:f1:c5:66:5a:b4:64:3c:
5a:fc:15:9f:99:2c:94:7f:74:d2:6c:e9:bc:06:24:
bc:5d:c2:41:23:50:66:a7:54:cd:6c:87:05:56:cf:
6e:33:33:ff:02:89:d5:47:81:8a:77:32:fd:34:49:
68:df:5b:f0:bb:f1:8a:2c:3b:d5:3f:f0:3a:58:f6:
46:5b:8a:ba:78:81:3e:e9:03:1c:a2:f2:03:f9:d4:
29:d7:9c:81:57:33:31:98:f2:ac:3f:77:eb:69:58:
8f:b3:1a:25:81:a7:7e:6a:8d:a7:5b:7c:e7:97:d9:
a6:12:cd:a3:ed:bc:ad:60:21:36:2f:52:8e:28:78:
f1:9d:a5:06:1e:bb:17:3f:46:00:8f:ca:f8:a5:6c:
f7:93:b8:70:30:49:88:f1:48:e1:7b:83:b9:1d:f4:
da:ab:f2:7a:b2:6a:55:46:fb:f5:cf:4a:58:8c:ef:
69:6b:ca:8a:b9:a8:42:9c:a7:25:6b:4a:9f:d7:dd:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2F:F9:5D:4B:8D:46:87:77:95:FA:8F:66:D8:11:F9:2E:21:D8:CD
X509v3 Authority Key Identifier:
keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/gC_5XUuNRod3lfqPZtgR-S4h2M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.128.0/19
194.46.0.0/19
194.46.152.0/22
194.46.160.0/23
194.46.164.0/22
212.108.64.0/20
212.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
05:bf:ba:43:34:95:47:3c:90:d2:22:ce:0d:81:82:95:8a:5a:
c9:ec:aa:92:ad:cf:bb:1c:b0:aa:ad:f0:78:79:28:18:bb:35:
ff:76:da:b4:a8:21:7e:3c:7a:22:2d:ac:c9:2b:6a:31:45:5d:
14:24:a4:13:9d:a1:2f:be:13:10:80:98:12:01:21:b6:8f:22:
be:56:ef:d1:1b:f2:20:70:7e:53:59:75:f5:36:43:58:d7:b9:
40:e4:41:5b:b2:45:91:03:17:2d:5e:19:36:06:65:dc:3b:40:
a5:0b:5c:77:47:10:a7:e2:8e:87:95:47:eb:62:31:25:bc:aa:
82:58:45:65:f0:58:43:e0:05:fa:78:90:eb:33:7b:7a:38:cf:
36:e6:12:12:89:e5:70:af:bf:37:49:f1:d7:1e:04:04:36:c7:
91:9c:9b:58:6d:3f:01:80:cb:ec:43:c1:56:54:97:a5:40:5d:
9e:f4:a7:7a:6f:10:14:3b:21:a6:a8:38:d5:ff:54:4d:aa:e3:
f5:24:5a:22:6f:84:ea:f0:73:8c:37:aa:0f:e2:94:1e:95:46:
5d:04:fb:c2:42:02:89:ac:7c:07:bb:63:d2:2a:42:e8:d3:33:
20:f0:3d:c2:f9:99:89:0b:f0:34:65:c1:89:76:59:16:f2:35:
95:05:8d:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzI3w4EeNOOun9+rwVNHH7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjQwMTAyMDYzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJmZjk1ZDRiOGQ0Njg3Nzc5NWZhOGY2NmQ4MTFmOTJlMjFkOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgezsyCdVsWkZaoREyo4O7aetl2u5
n4clNq6293xSklSJgZ18JDXXzyMvNTcYEUun7MXgY1t60VMg6S22V3gjbVGqhPHF
Zlq0ZDxa/BWfmSyUf3TSbOm8BiS8XcJBI1Bmp1TNbIcFVs9uMzP/AonVR4GKdzL9
NElo31vwu/GKLDvVP/A6WPZGW4q6eIE+6QMcovID+dQp15yBVzMxmPKsP3fraViP
sxolgad+ao2nW3znl9mmEs2j7bytYCE2L1KOKHjxnaUGHrsXP0YAj8r4pWz3k7hw
MEmI8Ujhe4O5HfTaq/J6smpVRvv1z0pYjO9pa8qKuahCnKcla0qf192UCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIAv+V1LjUaHd5X6j2bYEfkuIdjNMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvZ0NfNVhVdU5Sb2QzbGZxUFp0Z1ItUzRoMk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFWbmAAwQF
wi4AAwQCwi6YAwQBwi6gAwQCwi6kAwQE1GxAAwQC1GxcMA0GCSqGSIb3DQEBCwUA
A4IBAQAFv7pDNJVHPJDSIs4NgYKVilrJ7KqSrc+7HLCqrfB4eSgYuzX/dtq0qCF+
PHoiLazJK2oxRV0UJKQTnaEvvhMQgJgSASG2jyK+Vu/RG/IgcH5TWXX1NkNY17lA
5EFbskWRAxctXhk2BmXcO0ClC1x3RxCn4o6HlUfrYjElvKqCWEVl8FhD4AX6eJDr
M3t6OM825hISieVwr783SfHXHgQENseRnJtYbT8BgMvsQ8FWVJelQF2e9Kd6bxAU
OyGmqDjV/1RNquP1JFoib4Tq8HOMN6oP4pQelUZdBPvCQgKJrHwHu2PSKkLo0zMg
8D3C+ZmJC/A0ZcGJdlkW8jWVBY1G
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:53:42 2024 by rpki-client on console-ams.rpki-client.org