Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/jNuyWudBVzr-qIIeH3U9Js019cg.roa
File: jNuyWudBVzr-qIIeH3U9Js019cg.roa (raw, json)
Hash identifier: pG79PUtB9Fi5eVrC8SaPhqjX7xuInueL9AW9U8KA/JY=
Subject key identifier: 8C:DB:B2:5A:E7:41:57:3A:FE:A8:82:1E:1F:75:3D:26:CD:35:F5:C8
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 018CF747B41BD037585755AEEB8C7D76B187
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/jNuyWudBVzr-qIIeH3U9Js019cg.roa
Signing time: Thu 11 Jan 2024 06:48:40 +0000
ROA not before: Thu 11 Jan 2024 06:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41176
IP address blocks: 188.117.64.0/18 maxlen: 18
188.117.76.0/24 maxlen: 24
188.117.76.0/22 maxlen: 22
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.72.0/22 maxlen: 22
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.80.0/24 maxlen: 24
188.117.80.0/23 maxlen: 23
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.104.0/24 maxlen: 24
188.117.100.0/23 maxlen: 23
188.117.107.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.70.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.85.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
89.108.0.0/18 maxlen: 18
89.108.29.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.26.0/24 maxlen: 24
89.108.26.0/23 maxlen: 23
89.108.27.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
185.20.152.0/24 maxlen: 24
185.20.152.0/22 maxlen: 22
213.236.39.0/24 maxlen: 24
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.56.0/22 maxlen: 22
213.236.56.0/21 maxlen: 21
213.236.53.0/24 maxlen: 24
213.236.59.0/24 maxlen: 24
213.236.60.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
213.236.60.0/22 maxlen: 22
2a02:d70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:47:b4:1b:d0:37:58:57:55:ae:eb:8c:7d:76:b1:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Jan 11 06:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cdbb25ae741573afea8821e1f753d26cd35f5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:28:be:80:da:8a:44:88:a2:25:d3:48:3c:8c:
ac:ac:e7:b9:0b:ec:3a:36:c1:c9:d6:2b:2e:07:01:
32:41:b3:19:c3:98:37:a0:a7:6f:ad:a1:58:53:f2:
a1:b6:a8:88:f5:9f:dc:c4:c1:70:ab:7b:61:d5:27:
0f:16:c9:04:aa:ca:0c:98:97:43:1c:d4:40:70:85:
56:90:4a:88:16:6f:3f:2b:81:51:68:88:c1:cf:69:
73:25:87:3b:de:81:56:3b:11:5c:cf:7f:85:c2:e2:
07:52:aa:49:46:9f:b7:50:7f:da:16:e6:af:eb:14:
48:4e:76:f0:77:10:8b:3b:08:1e:37:eb:95:dc:d9:
bf:86:7e:0a:6e:44:b8:9f:d1:fe:e7:7e:b8:34:8b:
62:3e:8b:8d:fa:bc:19:c8:4e:92:0f:cf:17:a9:76:
ce:25:fa:5a:80:a3:2e:db:a5:0c:73:8a:5d:d8:54:
e3:ee:51:2e:2d:fc:23:dd:c5:d9:df:ec:a7:b8:0c:
21:f4:63:8a:fd:b6:43:01:7d:eb:91:7a:3e:e3:83:
c3:f5:ce:e7:f0:15:95:c2:84:5c:88:fd:36:65:d5:
54:65:9c:f7:a8:e1:30:68:66:53:43:ce:4e:60:c2:
d1:27:9f:d4:91:3f:6a:e3:6f:5c:05:ef:71:e9:09:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DB:B2:5A:E7:41:57:3A:FE:A8:82:1E:1F:75:3D:26:CD:35:F5:C8
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/jNuyWudBVzr-qIIeH3U9Js019cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
6f:71:36:f4:b6:cb:cb:dc:84:38:17:4c:70:7a:bd:15:4d:18:
bd:cc:6a:40:85:a3:5a:42:ca:27:4a:b3:ee:8a:52:ce:f5:ba:
40:75:80:11:8c:cd:e8:0d:63:39:35:03:3b:53:c7:da:48:65:
03:52:3e:15:e3:c3:0d:e0:25:4c:4d:d1:8d:5d:a6:b9:e8:70:
b6:cf:a2:26:ec:16:bd:ec:88:b6:19:a4:bc:9e:2f:d0:41:81:
50:50:53:9b:e5:06:37:6e:77:74:9c:18:15:bb:b6:26:9a:f3:
3c:e3:c8:51:06:35:dc:64:8d:c4:b0:40:4d:70:e0:03:51:fa:
92:b8:b4:5f:8f:36:32:63:4f:78:a6:e1:b9:f1:e5:25:9e:75:
89:5a:55:82:9b:cb:d3:d7:4a:78:ce:ac:80:39:0b:c1:d1:c4:
f0:09:d7:17:1f:40:f0:85:a8:7d:92:44:53:da:59:26:73:ac:
3d:cf:27:c6:57:06:7a:9a:19:90:51:c6:67:9c:4d:69:5b:eb:
47:bd:66:82:92:f0:ad:ca:31:7a:f7:6a:b4:1e:6e:72:d3:46:
ac:18:91:55:a7:3d:af:cc:5e:72:a4:a3:8d:a4:ad:42:df:c7:
f0:f7:ca:e8:c7:78:b2:2a:79:0b:f7:c2:ff:f6:59:f5:f3:cb:
d8:a7:a2:3c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYz3R7Qb0DdYV1Wu64x9drGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjQwMTExMDY0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RiYjI1YWU3NDE1NzNhZmVhODgyMWUxZjc1M2QyNmNkMzVmNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ci+gNqKRIiiJdNIPIysrOe5C+w6
NsHJ1isuBwEyQbMZw5g3oKdvraFYU/KhtqiI9Z/cxMFwq3th1ScPFskEqsoMmJdD
HNRAcIVWkEqIFm8/K4FRaIjBz2lzJYc73oFWOxFcz3+FwuIHUqpJRp+3UH/aFuav
6xRITnbwdxCLOwgeN+uV3Nm/hn4KbkS4n9H+5364NItiPouN+rwZyE6SD88XqXbO
JfpagKMu26UMc4pd2FTj7lEuLfwj3cXZ3+ynuAwh9GOK/bZDAX3rkXo+44PD9c7n
8BWVwoRciP02ZdVUZZz3qOEwaGZTQ85OYMLRJ5/UkT9q429cBe9x6Qlz6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIzbslrnQVc6/qiCHh91PSbNNfXIMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvak51eVd1ZEJWenItcUlJZUgzVTlKczAxOWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQBvcTb0tsvL3IQ4F0xwer0VTRi9zGpAhaNaQsonSrPuilLO9bpAdYAR
jM3oDWM5NQM7U8faSGUDUj4V48MN4CVMTdGNXaa56HC2z6Im7Ba97Ii2GaS8ni/Q
QYFQUFOb5QY3bnd0nBgVu7YmmvM848hRBjXcZI3EsEBNcOADUfqSuLRfjzYyY094
puG58eUlnnWJWlWCm8vT10p4zqyAOQvB0cTwCdcXH0Dwhah9kkRT2lkmc6w9zyfG
VwZ6mhmQUcZnnE1pW+tHvWaCkvCtyjF692q0Hm5y00asGJFVpz2vzF5ypKONpK1C
38fw98rox3iyKnkL98L/9ln188vYp6I8
-----END CERTIFICATE-----
Generated at Thu May 9 22:24:43 2024 by rpki-client on console-fra.rpki-client.org