Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/GaUprd4OwN4yphD6ZC9oNJUjAgk.roa
File: GaUprd4OwN4yphD6ZC9oNJUjAgk.roa (raw, json)
Hash identifier: YrNDd3I166BMr30N7qkv6obDc7ximCcQYkjdQLAW1j4=
Subject key identifier: 19:A5:29:AD:DE:0E:C0:DE:32:A6:10:FA:64:2F:68:34:95:23:02:09
Certificate issuer: /CN=b710b9be1e2db37482e1f8f25b35fda5380d32c6
Certificate serial: 018CC3B6AC9260F1635D26DB7716D1B3E440
Authority key identifier: B7:10:B9:BE:1E:2D:B3:74:82:E1:F8:F2:5B:35:FD:A5:38:0D:32:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txC5vh4ts3SC4fjyWzX9pTgNMsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/GaUprd4OwN4yphD6ZC9oNJUjAgk.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206516
IP address blocks: 185.184.98.0/23 maxlen: 24
185.184.96.0/23 maxlen: 24
185.184.96.0/22 maxlen: 24
2a0b:3080:10::/44 maxlen: 44
2a0b:3080:8010::/44 maxlen: 44
2a0b:3080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/txC5vh4ts3SC4fjyWzX9pTgNMsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/txC5vh4ts3SC4fjyWzX9pTgNMsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/txC5vh4ts3SC4fjyWzX9pTgNMsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ac:92:60:f1:63:5d:26:db:77:16:d1:b3:e4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b710b9be1e2db37482e1f8f25b35fda5380d32c6
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19a529adde0ec0de32a610fa642f683495230209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b3:79:81:50:f3:da:78:42:17:0a:c1:e7:32:
a9:04:84:c9:2a:17:61:4c:23:b0:87:ba:7d:95:11:
35:6e:08:42:b9:c8:2d:e9:29:35:a7:ff:12:38:67:
d8:05:5c:74:5f:07:c5:e4:a0:bd:cc:41:af:a5:5e:
85:3e:82:f6:b3:d6:e8:19:c1:28:ff:74:48:0d:5c:
47:fc:e8:5e:64:ca:ba:43:bc:8d:65:99:8f:c1:d9:
b0:af:31:dd:3d:b4:d9:2c:8f:ae:27:f5:6d:b0:11:
ba:3c:9c:70:8b:74:56:b5:32:f8:8a:46:6e:0b:25:
db:33:9b:da:b0:66:3c:a6:6b:1c:1a:a3:a9:9f:f3:
7c:1f:33:55:76:5d:e4:69:7a:2f:a3:6b:30:09:87:
d1:7a:5b:26:da:61:4c:2c:68:63:0c:05:fd:e4:ee:
f5:df:94:0c:08:6e:23:86:57:f4:4d:18:d6:14:13:
da:45:29:f6:e3:66:d8:82:28:89:4f:aa:00:40:1a:
06:f7:d3:f4:13:9c:93:c7:26:05:ad:62:3d:29:17:
f4:4c:aa:7e:cb:62:7d:06:18:54:11:07:50:a5:56:
21:d3:23:ee:7a:32:dd:5f:92:0c:31:02:54:97:cb:
a2:8d:aa:e7:99:3f:5f:f2:a8:75:f3:e8:f4:94:ee:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A5:29:AD:DE:0E:C0:DE:32:A6:10:FA:64:2F:68:34:95:23:02:09
X509v3 Authority Key Identifier:
keyid:B7:10:B9:BE:1E:2D:B3:74:82:E1:F8:F2:5B:35:FD:A5:38:0D:32:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txC5vh4ts3SC4fjyWzX9pTgNMsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/GaUprd4OwN4yphD6ZC9oNJUjAgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/txC5vh4ts3SC4fjyWzX9pTgNMsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.96.0/22
IPv6:
2a0b:3080::/32
Signature Algorithm: sha256WithRSAEncryption
bb:d9:db:87:67:b0:a7:c5:fe:15:bf:b3:a1:5d:8f:ac:33:4d:
d2:28:29:e6:b2:4a:49:b0:78:a4:44:4e:ab:2a:18:68:e1:19:
16:9d:26:d8:6a:7f:41:ec:2b:2d:04:ae:a7:9e:d6:c4:eb:21:
15:5f:25:7e:90:e5:88:f6:fe:ef:c7:89:a0:f5:d8:1a:59:f0:
17:c1:df:1e:23:4b:49:20:b2:a5:18:4f:26:69:28:a9:f7:1d:
11:98:58:2b:e4:fd:56:c2:29:90:4f:51:ea:47:35:54:87:a9:
2e:52:f5:f8:88:20:0d:db:bb:ef:b3:a9:1a:a4:c6:34:c5:e2:
46:eb:01:41:e7:63:8d:db:ad:dc:13:40:49:93:71:99:4d:c3:
78:bb:28:af:72:39:e0:b4:4b:9e:06:67:93:9b:d3:ad:e2:a1:
6b:0f:fb:1c:ab:13:fc:80:2e:fe:88:c0:a6:9b:d3:13:bb:e5:
73:72:44:d0:34:aa:10:ad:c3:6f:0a:aa:59:1e:12:22:0e:5f:
9c:42:d4:2f:e5:6b:bd:c9:e6:cf:48:0d:e9:11:d3:95:86:20:
9e:ee:a3:86:62:33:a6:7c:3a:3a:27:58:16:60:e4:9f:2c:c4:
d5:90:53:f3:7a:72:4e:7a:83:3f:d9:90:76:45:d9:dc:1e:f0:
69:c6:22:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtqySYPFjXSbbdxbRs+RAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MTBiOWJlMWUyZGIzNzQ4MmUxZjhmMjViMzVmZGE1Mzgw
ZDMyYzYwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE1MjlhZGRlMGVjMGRlMzJhNjEwZmE2NDJmNjgzNDk1MjMwMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbN5gVDz2nhCFwrB5zKpBITJKhdh
TCOwh7p9lRE1bghCucgt6Sk1p/8SOGfYBVx0XwfF5KC9zEGvpV6FPoL2s9boGcEo
/3RIDVxH/OheZMq6Q7yNZZmPwdmwrzHdPbTZLI+uJ/VtsBG6PJxwi3RWtTL4ikZu
CyXbM5vasGY8pmscGqOpn/N8HzNVdl3kaXovo2swCYfRelsm2mFMLGhjDAX95O71
35QMCG4jhlf0TRjWFBPaRSn242bYgiiJT6oAQBoG99P0E5yTxyYFrWI9KRf0TKp+
y2J9BhhUEQdQpVYh0yPuejLdX5IMMQJUl8uijarnmT9f8qh18+j0lO6iUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBmlKa3eDsDeMqYQ+mQvaDSVIwIJMB8GA1UdIwQY
MBaAFLcQub4eLbN0guH48ls1/aU4DTLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHhDNXZoNHRzM1NDNGZqeVd6WDlwVGdOTXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81Nzg3ODgtMjUwZi00N2YyLWJkM2Ut
MjcyY2NjMTdkZmVhLzEvR2FVcHJkNE93TjR5cGhENlpDOW9OSlVqQWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81Nzg3ODgtMjUwZi00N2YyLWJkM2UtMjcyY2NjMTdkZmVh
LzEvdHhDNXZoNHRzM1NDNGZqeVd6WDlwVGdOTXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubhgMA0E
AgACMAcDBQAqCzCAMA0GCSqGSIb3DQEBCwUAA4IBAQC72duHZ7Cnxf4Vv7OhXY+s
M03SKCnmskpJsHikRE6rKhho4RkWnSbYan9B7CstBK6nntbE6yEVXyV+kOWI9v7v
x4mg9dgaWfAXwd8eI0tJILKlGE8maSip9x0RmFgr5P1WwimQT1HqRzVUh6kuUvX4
iCAN27vvs6kapMY0xeJG6wFB52ON263cE0BJk3GZTcN4uyivcjngtEueBmeTm9Ot
4qFrD/scqxP8gC7+iMCmm9MTu+VzckTQNKoQrcNvCqpZHhIiDl+cQtQv5Wu9yebP
SA3pEdOVhiCe7qOGYjOmfDo6J1gWYOSfLMTVkFPzenJOeoM/2ZB2RdncHvBpxiJ4
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:13:29 2024 by rpki-client on console-ams.rpki-client.org