Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/gsF4sg9QdilnbRg18DVK94-ELbE.roa
File: gsF4sg9QdilnbRg18DVK94-ELbE.roa (raw, json)
Hash identifier: 60AwWcOWUs1WiNltnoqnmeH969z5s9VLrPScrkhURFI=
Subject key identifier: 82:C1:78:B2:0F:50:76:29:67:6D:18:35:F0:35:4A:F7:8F:84:2D:B1
Certificate issuer: /CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Certificate serial: 018CC2DB3F4A706EE8FA9ABEC444AA00D947
Authority key identifier: BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/gsF4sg9QdilnbRg18DVK94-ELbE.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203644
IP address blocks: 185.128.102.0/23 maxlen: 23
91.207.32.0/24 maxlen: 24
91.207.32.0/23 maxlen: 23
185.128.100.0/23 maxlen: 23
91.207.33.0/24 maxlen: 24
185.128.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/vQScpC4dgs4ntUu_0Bd4HVRaebc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/vQScpC4dgs4ntUu_0Bd4HVRaebc.mft
rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3f:4a:70:6e:e8:fa:9a:be:c4:44:aa:00:d9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82c178b20f507629676d1835f0354af78f842db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:b9:b8:92:35:e3:9a:bc:a1:0e:56:c4:64:
6e:84:b9:46:1e:d2:08:88:59:1d:a6:45:82:ab:e3:
2e:de:28:3a:ce:ff:76:f0:a9:64:b4:15:c0:89:f4:
46:dd:e1:e3:d1:15:aa:07:a1:d5:db:7f:66:68:cb:
96:a5:d4:b2:7d:0e:f2:27:54:42:b0:4e:e6:af:c7:
b1:18:26:3a:f0:c7:7d:4a:c7:15:7d:de:1a:22:a4:
f4:cc:9f:bb:7a:a3:21:f5:76:42:bc:05:18:c7:66:
d8:25:eb:32:4b:9b:c9:82:3a:e2:52:1d:ef:34:dd:
cf:7b:a3:7e:3d:c0:e7:57:df:8d:d7:a9:9a:9b:23:
62:9e:03:86:63:d6:b8:b1:6c:c3:a2:a4:fe:52:88:
72:b1:3e:5b:aa:f5:8f:cb:34:3e:bb:19:de:40:6f:
c4:8a:7b:72:00:ef:3a:96:a9:e9:f3:32:de:2a:19:
d2:62:b0:66:58:48:f8:c2:84:f9:a8:4a:df:93:3b:
3c:34:47:a4:c2:b2:83:0c:58:55:19:06:b9:a6:c1:
cb:d1:c9:95:99:8e:7d:22:d3:2c:c8:9b:06:34:ad:
45:3a:72:a3:ae:9b:f9:07:92:44:08:c0:54:dd:d2:
7a:bc:c5:ab:54:56:8d:e2:6b:f8:93:f9:b2:91:7d:
bf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C1:78:B2:0F:50:76:29:67:6D:18:35:F0:35:4A:F7:8F:84:2D:B1
X509v3 Authority Key Identifier:
keyid:BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/gsF4sg9QdilnbRg18DVK94-ELbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/vQScpC4dgs4ntUu_0Bd4HVRaebc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.32.0/23
185.128.100.0/22
Signature Algorithm: sha256WithRSAEncryption
30:9f:b7:fc:b0:7c:aa:1f:8e:6d:58:dc:b6:8a:1a:49:d0:23:
71:76:f4:58:6c:d0:33:3d:4a:ef:e4:63:f5:ed:48:6e:f3:9b:
71:f1:c2:22:2c:1e:db:dc:51:b2:c9:fe:1b:4e:0f:fa:ea:1b:
84:37:5e:6b:c8:8f:66:95:d4:94:3a:7b:0a:98:d0:e4:fd:c3:
2f:ee:c2:e7:8e:6b:b4:6b:35:6a:da:d5:51:31:c0:a1:d2:b2:
27:f6:2c:8a:bb:70:fd:39:05:d0:e3:33:d8:0d:1d:b3:f5:25:
39:dc:42:7a:ab:a4:e4:85:67:dc:e8:43:cb:f3:1c:29:ec:08:
87:48:48:f8:6d:93:a3:14:70:9a:98:01:12:ef:d9:f2:97:6a:
71:4c:95:7a:ce:0f:c0:33:93:64:b4:6e:86:70:41:11:1e:ad:
a7:b4:25:28:e2:1b:50:55:08:31:25:a7:31:a0:54:c1:96:12:
e5:28:18:a2:3b:e3:02:20:3b:e6:ef:6a:07:30:b5:b6:91:5f:
af:2a:82:fe:83:8d:d4:94:63:69:83:3c:a3:19:33:89:96:b5:
65:3b:e2:35:bb:f1:03:3a:8e:66:d0:90:8f:f1:b0:62:96:4c:
12:a2:62:86:a8:d5:af:c1:72:01:09:bd:68:4d:76:84:94:12:
1a:c3:12:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2z9KcG7o+pq+xESqANlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDQ5Y2E0MmUxZDgyY2UyN2I1NGJiZmQwMTc3ODFkNTQ1
YTc5YjcwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmMxNzhiMjBmNTA3NjI5Njc2ZDE4MzVmMDM1NGFmNzhmODQyZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH+5uJI145q8oQ5WxGRuhLlGHtII
iFkdpkWCq+Mu3ig6zv928KlktBXAifRG3eHj0RWqB6HV239maMuWpdSyfQ7yJ1RC
sE7mr8exGCY68Md9SscVfd4aIqT0zJ+7eqMh9XZCvAUYx2bYJesyS5vJgjriUh3v
NN3Pe6N+PcDnV9+N16mamyNingOGY9a4sWzDoqT+UohysT5bqvWPyzQ+uxneQG/E
intyAO86lqnp8zLeKhnSYrBmWEj4woT5qErfkzs8NEekwrKDDFhVGQa5psHL0cmV
mY59ItMsyJsGNK1FOnKjrpv5B5JECMBU3dJ6vMWrVFaN4mv4k/mykX2/pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFILBeLIPUHYpZ20YNfA1SvePhC2xMB8GA1UdIwQY
MBaAFL0EnKQuHYLOJ7VLv9AXeB1UWnm3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUt
MWFhMDM0YTJhZjljLzEvZ3NGNHNnOVFkaWxuYlJnMThEVks5NC1FTGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUtMWFhMDM0YTJhZjlj
LzEvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW88gAwQC
uYBkMA0GCSqGSIb3DQEBCwUAA4IBAQAwn7f8sHyqH45tWNy2ihpJ0CNxdvRYbNAz
PUrv5GP17Uhu85tx8cIiLB7b3FGyyf4bTg/66huEN15ryI9mldSUOnsKmNDk/cMv
7sLnjmu0azVq2tVRMcCh0rIn9iyKu3D9OQXQ4zPYDR2z9SU53EJ6q6TkhWfc6EPL
8xwp7AiHSEj4bZOjFHCamAES79nyl2pxTJV6zg/AM5NktG6GcEERHq2ntCUo4htQ
VQgxJacxoFTBlhLlKBiiO+MCIDvm72oHMLW2kV+vKoL+g43UlGNpgzyjGTOJlrVl
O+I1u/EDOo5m0JCP8bBilkwSomKGqNWvwXIBCb1oTXaElBIawxLX
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:04 2024 by rpki-client on console-fra.rpki-client.org