Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/gct1EytPChSKxHLajQDcR4zdkBQ.roa
File: gct1EytPChSKxHLajQDcR4zdkBQ.roa (raw, json)
Hash identifier: S+7RbnDpTMI/lPfcm8FnPstgsXtseH3/UKgVEu/GrqY=
Subject key identifier: 81:CB:75:13:2B:4F:0A:14:8A:C4:72:DA:8D:00:DC:47:8C:DD:90:14
Certificate issuer: /CN=e992a035bffc5a41412c497c1285d1838234ffb0
Certificate serial: 018CC26CFE502D30FB47DB1798C1CF39C3AD
Authority key identifier: E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/gct1EytPChSKxHLajQDcR4zdkBQ.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47886
IP address blocks: 217.114.96.0/20 maxlen: 24
185.76.16.0/22 maxlen: 24
77.222.64.0/19 maxlen: 24
87.249.96.0/19 maxlen: 24
2001:1540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fe:50:2d:30:fb:47:db:17:98:c1:cf:39:c3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e992a035bffc5a41412c497c1285d1838234ffb0
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81cb75132b4f0a148ac472da8d00dc478cdd9014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:f1:5b:7f:2b:5c:cf:8a:6b:88:70:92:9f:
e6:dd:41:be:43:c4:e6:3a:30:30:d1:7c:fc:3f:84:
ea:af:03:fa:df:f8:f6:de:1a:13:51:ff:e7:56:84:
51:c1:cd:4e:bc:8c:e0:a8:05:7c:0e:30:71:ed:1c:
a1:de:7b:e2:51:6e:c0:30:d6:70:13:82:5f:9d:61:
ec:24:13:89:36:10:d0:16:d5:96:72:1c:42:8b:3a:
40:f2:7f:2f:19:46:a7:c7:16:f7:75:71:4d:ee:7a:
98:b3:62:c3:c4:26:ed:97:2e:a8:75:c2:67:fe:b2:
a5:35:5f:d3:d3:ce:24:88:53:51:bb:d8:55:e0:2f:
9a:4f:57:e8:3e:0e:d8:0b:0a:02:e3:05:5b:70:55:
17:cf:c2:24:5a:7c:25:48:a5:fb:c0:f9:6d:17:b3:
1e:25:6e:6b:ed:38:68:52:6c:4c:51:10:19:7a:88:
6d:2d:28:f5:c3:f1:00:56:e8:2b:29:a2:73:d9:56:
70:c2:5a:f1:fe:23:54:29:94:a8:7a:a9:9e:ab:65:
94:2e:8c:39:0e:55:de:66:a9:b9:cf:c8:fe:d8:9f:
25:70:15:6e:7e:9e:6f:19:28:76:4f:ef:2c:f9:5f:
a5:e3:8a:48:51:45:62:5b:92:f0:97:03:36:c9:15:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CB:75:13:2B:4F:0A:14:8A:C4:72:DA:8D:00:DC:47:8C:DD:90:14
X509v3 Authority Key Identifier:
keyid:E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/gct1EytPChSKxHLajQDcR4zdkBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.64.0/19
87.249.96.0/19
185.76.16.0/22
217.114.96.0/20
IPv6:
2001:1540::/32
Signature Algorithm: sha256WithRSAEncryption
1b:4f:72:f2:64:ca:3c:6b:49:2a:d6:dc:f7:1c:53:85:a7:2e:
0c:0b:24:b6:d3:b4:fa:0e:7d:27:73:17:1c:76:cd:5f:ca:37:
d5:a6:c2:06:52:06:4f:cd:e0:d2:0e:1c:ee:2c:10:2d:0c:95:
6f:49:dd:55:79:3b:af:e8:72:b6:67:a5:eb:17:a5:40:b4:b4:
78:d9:06:e6:93:e8:7c:17:9a:a0:e6:56:67:50:39:63:8d:59:
b1:d2:0e:72:e5:fa:5a:4c:f6:2c:d6:92:04:e8:e3:3c:6c:6e:
fc:3e:b5:1d:8e:87:43:77:9a:e0:78:ea:e0:97:68:7c:ed:70:
0b:f7:a4:19:87:f7:33:e6:3a:1b:2f:a5:4c:ac:72:57:f3:40:
cd:bb:09:02:c9:67:ac:10:2a:22:2b:da:34:87:f7:55:04:8c:
84:b0:bd:38:e9:7c:2a:a7:97:ae:92:35:80:d9:1b:3c:47:2c:
62:54:23:15:0d:1e:79:9c:7b:60:4f:ac:8d:c7:e5:fc:ef:ce:
2f:a5:b0:be:2a:d9:e9:37:78:f0:8d:af:f7:d1:2c:5b:b3:99:
74:92:39:5f:ce:cc:c5:41:dc:24:49:80:00:a2:73:62:27:6d:
be:d0:2f:d7:8a:35:fe:ca:44:81:a6:e8:d6:1b:91:3f:e4:15:
80:56:54:73
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbP5QLTD7R9sXmMHPOcOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OTJhMDM1YmZmYzVhNDE0MTJjNDk3YzEyODVkMTgzODIz
NGZmYjAwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWNiNzUxMzJiNGYwYTE0OGFjNDcyZGE4ZDAwZGM0NzhjZGQ5MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9XxW38rXM+Ka4hwkp/m3UG+Q8Tm
OjAw0Xz8P4TqrwP63/j23hoTUf/nVoRRwc1OvIzgqAV8DjBx7Ryh3nviUW7AMNZw
E4JfnWHsJBOJNhDQFtWWchxCizpA8n8vGUanxxb3dXFN7nqYs2LDxCbtly6odcJn
/rKlNV/T084kiFNRu9hV4C+aT1foPg7YCwoC4wVbcFUXz8IkWnwlSKX7wPltF7Me
JW5r7ThoUmxMURAZeohtLSj1w/EAVugrKaJz2VZwwlrx/iNUKZSoeqmeq2WULow5
DlXeZqm5z8j+2J8lcBVufp5vGSh2T+8s+V+l44pIUUViW5LwlwM2yRUGPwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIHLdRMrTwoUisRy2o0A3EeM3ZAUMB8GA1UdIwQY
MBaAFOmSoDW//FpBQSxJfBKF0YOCNP+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTkt
Yjk3ZDMzNmVhMmY1LzEvZ2N0MUV5dFBDaFNLeEhMYWpRRGNSNHpka0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTktYjk3ZDMzNmVhMmY1
LzEvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFTd5AAwQF
V/lgAwQCuUwQAwQE2XJgMA0EAgACMAcDBQAgARVAMA0GCSqGSIb3DQEBCwUAA4IB
AQAbT3LyZMo8a0kq1tz3HFOFpy4MCyS207T6Dn0ncxccds1fyjfVpsIGUgZPzeDS
DhzuLBAtDJVvSd1VeTuv6HK2Z6XrF6VAtLR42Qbmk+h8F5qg5lZnUDljjVmx0g5y
5fpaTPYs1pIE6OM8bG78PrUdjodDd5rgeOrgl2h87XAL96QZh/cz5jobL6VMrHJX
80DNuwkCyWesECoiK9o0h/dVBIyEsL046Xwqp5eukjWA2Rs8RyxiVCMVDR55nHtg
T6yNx+X8784vpbC+KtnpN3jwja/30Sxbs5l0kjlfzszFQdwkSYAAonNiJ22+0C/X
ijX+ykSBpujWG5E/5BWAVlRz
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:55:04 2024 by rpki-client on console-ams.rpki-client.org