Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/gVQc1Aj9LbsbNV6kZmGRvWvuuz0.roa
File: gVQc1Aj9LbsbNV6kZmGRvWvuuz0.roa (raw, json)
Hash identifier: eKb98j9pgCwGo0Tp6dReZcwQ4agigc1VvCGjdqpWy6I=
Subject key identifier: 81:54:1C:D4:08:FD:2D:BB:1B:35:5E:A4:66:61:91:BD:6B:EE:BB:3D
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018CC7933E0ECB49D5FAC08AC9F7987FFADF
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/gVQc1Aj9LbsbNV6kZmGRvWvuuz0.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205575
IP address blocks: 185.234.159.0/24 maxlen: 24
185.234.156.0/22 maxlen: 22
185.234.156.0/24 maxlen: 24
185.234.158.0/24 maxlen: 24
185.234.157.0/24 maxlen: 24
185.137.105.0/24 maxlen: 24
185.137.104.0/24 maxlen: 24
185.137.104.0/22 maxlen: 22
185.137.106.0/24 maxlen: 24
185.137.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3e:0e:cb:49:d5:fa:c0:8a:c9:f7:98:7f:fa:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81541cd408fd2dbb1b355ea4666191bd6beebb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:4b:75:e0:1d:00:14:f2:dc:65:b1:8b:34:
c6:1f:da:7e:fc:a1:0a:3b:a2:ff:42:a2:6b:54:5a:
84:b0:6b:78:3a:4b:f7:66:e0:93:b1:f5:19:78:b0:
83:a4:4e:61:54:f9:3e:c0:b0:0c:ca:d1:3e:8d:8c:
de:3a:75:74:e4:43:4f:f6:46:d2:ac:ab:ad:65:3a:
f1:4b:74:36:0b:ca:2b:c4:24:d0:da:c1:5c:1a:cc:
b0:f7:ad:d4:dd:1e:5d:b8:b4:bc:8c:0c:18:09:a1:
db:cc:3f:18:d0:89:bf:ca:13:61:0c:f9:7b:72:34:
8a:48:64:3b:58:7e:06:b4:7c:5d:00:4f:3f:4e:37:
2a:a7:bf:fb:7b:8e:d2:17:3b:9c:ec:e7:b3:1c:c0:
a9:9c:28:da:b3:28:b0:c3:76:d2:58:ed:d6:cf:43:
86:d5:2e:d8:a8:c7:29:28:2c:44:65:a4:de:25:27:
86:91:01:af:49:3b:06:a8:43:e1:4c:29:ef:96:51:
90:8d:1c:4d:d9:4b:54:fb:a1:2f:aa:e1:a8:a1:8c:
09:d9:27:79:f7:06:44:55:53:ef:1a:d6:47:e9:07:
36:5a:6b:71:90:bf:a5:2f:82:d1:f1:26:37:b9:a4:
0c:d7:c3:42:c0:4f:cf:d8:76:5e:85:44:1e:b7:69:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:54:1C:D4:08:FD:2D:BB:1B:35:5E:A4:66:61:91:BD:6B:EE:BB:3D
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/gVQc1Aj9LbsbNV6kZmGRvWvuuz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.104.0/22
185.234.156.0/22
Signature Algorithm: sha256WithRSAEncryption
79:8f:a5:11:22:17:23:12:25:31:f8:d3:8f:88:6e:91:11:ca:
ff:5e:6f:ff:2f:b7:bd:ee:13:6a:5d:c1:76:09:a2:61:2c:12:
89:91:05:4d:de:19:1c:26:31:cd:d2:68:9e:32:0d:9e:34:61:
06:bf:75:e4:35:11:f0:0d:fb:bc:a1:3d:1f:23:03:c6:71:34:
6f:90:75:bd:3b:bb:55:44:14:a5:67:ae:c3:e3:f1:37:02:2a:
8c:5d:09:30:f8:6f:6f:67:32:70:9f:e7:e4:76:20:98:8f:ba:
64:45:03:e4:7a:02:d1:39:72:9c:b6:0a:c2:d2:6d:70:79:21:
d0:23:e1:0d:d2:39:e8:7a:a9:a7:09:8e:62:e8:6e:57:c5:d3:
e0:07:79:bd:52:12:03:30:22:39:be:7d:ba:08:8d:b5:5a:cf:
27:6c:61:ee:95:33:62:73:a6:61:ab:e9:db:7f:79:38:77:81:
82:d9:37:fd:28:b9:0e:ae:e7:85:29:5d:a3:67:19:b6:ab:cf:
21:2a:5c:fc:08:4e:8e:4a:b2:33:bf:cd:bd:b5:5b:4e:85:ea:
35:fe:0f:a1:e4:2b:05:97:26:53:05:e2:6a:5e:0f:52:da:d3:
1d:bc:9d:16:1f:5c:6b:99:29:5e:33:56:7d:a3:86:8e:fa:30:
18:cd:ad:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHkz4Oy0nV+sCKyfeYf/rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTU0MWNkNDA4ZmQyZGJiMWIzNTVlYTQ2NjYxOTFiZDZiZWViYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8JLdeAdABTy3GWxizTGH9p+/KEK
O6L/QqJrVFqEsGt4Okv3ZuCTsfUZeLCDpE5hVPk+wLAMytE+jYzeOnV05ENP9kbS
rKutZTrxS3Q2C8orxCTQ2sFcGsyw963U3R5duLS8jAwYCaHbzD8Y0Im/yhNhDPl7
cjSKSGQ7WH4GtHxdAE8/Tjcqp7/7e47SFzuc7OezHMCpnCjasyiww3bSWO3Wz0OG
1S7YqMcpKCxEZaTeJSeGkQGvSTsGqEPhTCnvllGQjRxN2UtU+6EvquGooYwJ2Sd5
9wZEVVPvGtZH6Qc2WmtxkL+lL4LR8SY3uaQM18NCwE/P2HZehUQet2k7WQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIFUHNQI/S27GzVepGZhkb1r7rs9MB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvZ1ZRYzFBajlMYnNiTlY2a1ptR1J2V3Z1dXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYloAwQC
ueqcMA0GCSqGSIb3DQEBCwUAA4IBAQB5j6URIhcjEiUx+NOPiG6REcr/Xm//L7e9
7hNqXcF2CaJhLBKJkQVN3hkcJjHN0mieMg2eNGEGv3XkNRHwDfu8oT0fIwPGcTRv
kHW9O7tVRBSlZ67D4/E3AiqMXQkw+G9vZzJwn+fkdiCYj7pkRQPkegLROXKctgrC
0m1weSHQI+EN0jnoeqmnCY5i6G5XxdPgB3m9UhIDMCI5vn26CI21Ws8nbGHulTNi
c6Zhq+nbf3k4d4GC2Tf9KLkOrueFKV2jZxm2q88hKlz8CE6OSrIzv829tVtOheo1
/g+h5CsFlyZTBeJqXg9S2tMdvJ0WH1xrmSleM1Z9o4aO+jAYza0y
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:25:38 2024 by rpki-client on console-fra.rpki-client.org