Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/gmYKckI_UW05q6CtpjRpCOmmDrA.roa
File: gmYKckI_UW05q6CtpjRpCOmmDrA.roa (raw, json)
Hash identifier: BNKd96b5uy4xKU8zqdqNOK/LKCUlMZCHz4cGHP/blaM=
Subject key identifier: 82:66:0A:72:42:3F:51:6D:39:AB:A0:AD:A6:34:69:08:E9:A6:0E:B0
Certificate issuer: /CN=2cd41bcc3cd73e0dc7f7e95b5d0dca6d6857bedc
Certificate serial: 018D8E49759E8E8F53E3A9C2C444CD94F243
Authority key identifier: 2C:D4:1B:CC:3C:D7:3E:0D:C7:F7:E9:5B:5D:0D:CA:6D:68:57:BE:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/gmYKckI_UW05q6CtpjRpCOmmDrA.roa
Signing time: Fri 09 Feb 2024 14:33:15 +0000
ROA not before: Fri 09 Feb 2024 14:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197886
IP address blocks: 91.228.212.0/23 maxlen: 23
185.97.208.0/22 maxlen: 22
185.166.228.0/22 maxlen: 22
185.244.68.0/24 maxlen: 24
185.244.69.0/24 maxlen: 24
185.244.70.0/24 maxlen: 24
185.244.71.0/24 maxlen: 24
2a0b:1e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:49:75:9e:8e:8f:53:e3:a9:c2:c4:44:cd:94:f2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd41bcc3cd73e0dc7f7e95b5d0dca6d6857bedc
Validity
Not Before: Feb 9 14:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82660a72423f516d39aba0ada6346908e9a60eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:be:c6:1a:2b:73:8b:54:ec:fa:48:98:8e:
d0:5b:51:87:5c:b3:f8:6a:97:d7:d7:4e:b8:09:04:
57:7e:23:e9:62:ef:d1:9d:a2:55:d1:79:31:ce:24:
c8:2b:61:c3:93:56:98:8b:e3:13:46:23:2b:83:34:
fd:f0:16:1b:13:7c:e6:a2:ac:5b:4f:20:60:70:18:
65:ea:e9:d7:e0:88:e5:23:e1:8c:bd:68:35:b0:50:
0c:a4:16:fe:f2:bc:e8:80:41:6c:35:9c:d9:c8:24:
ff:73:36:51:72:d4:58:b3:3f:96:86:be:81:6f:89:
fb:e6:2f:0a:dc:a2:3c:95:ef:aa:d1:98:d1:3d:6e:
f6:71:ee:f8:b7:87:5a:bd:a4:fa:ad:df:33:e8:0a:
2e:97:f1:5e:d8:ab:b7:69:57:54:7d:00:82:36:82:
d3:8b:60:97:4d:1b:0d:0b:df:aa:ef:af:2d:28:f6:
9d:cb:fb:18:aa:5a:8b:21:05:dd:98:50:7f:91:45:
d6:ac:e7:83:9c:88:2a:e0:f6:54:ac:80:65:94:95:
cf:74:d9:59:79:51:94:7f:5c:be:80:3f:9f:69:9c:
f6:ac:0f:34:68:20:96:d6:17:b2:7d:3f:d0:b0:ef:
5b:47:ef:c1:dc:21:69:3b:0d:95:05:87:2a:e1:7f:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:66:0A:72:42:3F:51:6D:39:AB:A0:AD:A6:34:69:08:E9:A6:0E:B0
X509v3 Authority Key Identifier:
keyid:2C:D4:1B:CC:3C:D7:3E:0D:C7:F7:E9:5B:5D:0D:CA:6D:68:57:BE:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/gmYKckI_UW05q6CtpjRpCOmmDrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.212.0/23
185.97.208.0/22
185.166.228.0/22
185.244.68.0/22
IPv6:
2a0b:1e00::/29
Signature Algorithm: sha256WithRSAEncryption
67:61:cd:ab:f7:2e:3e:a4:2a:5a:ab:a7:a8:58:e9:d9:0b:28:
6b:a8:a8:ad:50:d8:a6:d6:24:ee:42:3f:29:42:93:ad:4a:f2:
76:61:a6:bd:3f:3a:fa:d3:16:d4:68:2b:ce:2e:fe:20:68:6a:
44:cb:c1:93:66:77:bd:ca:bd:b5:f5:78:67:fb:e4:f5:74:c0:
13:b8:f9:87:0f:03:53:33:2e:eb:cd:5d:92:73:f4:ce:3f:34:
b0:3c:3e:ce:e9:d7:63:ea:42:bc:8e:f1:f1:d6:e4:ad:a8:94:
b3:f4:31:61:2a:62:b0:f0:b0:fc:60:b9:75:27:97:57:24:88:
d1:c9:d9:3b:4f:8c:fe:b6:33:3e:05:cf:0b:5b:61:49:96:d7:
9c:35:54:26:96:e4:c8:64:cb:88:d7:a5:d8:5e:21:96:f9:3b:
9e:41:16:73:97:44:ec:a1:04:54:d9:ec:20:bc:6b:0c:f2:e2:
29:03:c5:20:fb:76:e5:69:56:bb:50:3d:54:11:63:73:50:4f:
ca:1a:c7:01:60:14:35:b6:69:b4:45:71:04:12:74:0f:0e:95:
e4:23:d2:10:1e:be:1a:d3:21:90:ff:c2:5b:22:a4:36:4a:71:
63:a5:4e:f9:88:eb:bc:52:26:62:38:93:a6:3a:55:d3:b6:bc:
f4:2f:c8:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY2OSXWejo9T46nCxETNlPJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDQxYmNjM2NkNzNlMGRjN2Y3ZTk1YjVkMGRjYTZkNjg1
N2JlZGMwHhcNMjQwMjA5MTQzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjY2MGE3MjQyM2Y1MTZkMzlhYmEwYWRhNjM0NjkwOGU5YTYwZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEW+xhorc4tU7PpImI7QW1GHXLP4
apfX1064CQRXfiPpYu/RnaJV0XkxziTIK2HDk1aYi+MTRiMrgzT98BYbE3zmoqxb
TyBgcBhl6unX4IjlI+GMvWg1sFAMpBb+8rzogEFsNZzZyCT/czZRctRYsz+Whr6B
b4n75i8K3KI8le+q0ZjRPW72ce74t4davaT6rd8z6Aoul/Fe2Ku3aVdUfQCCNoLT
i2CXTRsNC9+q768tKPady/sYqlqLIQXdmFB/kUXWrOeDnIgq4PZUrIBllJXPdNlZ
eVGUf1y+gD+faZz2rA80aCCW1heyfT/QsO9bR+/B3CFpOw2VBYcq4X9k6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIJmCnJCP1FtOaugraY0aQjppg6wMB8GA1UdIwQY
MBaAFCzUG8w81z4Nx/fpW10Nym1oV77cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5RYnpEelhQZzNIOS1sYlhRM0tiV2hYdnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8xYWQ5YmYtMDMyMi00NTM0LWIwMDkt
ZTZlOTFiZjA1MmZlLzEvZ21ZS2NrSV9VVzA1cTZDdHBqUnBDT21tRHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8xYWQ5YmYtMDMyMi00NTM0LWIwMDktZTZlOTFiZjA1MmZl
LzEvTE5RYnpEelhQZzNIOS1sYlhRM0tiV2hYdnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW+TUAwQC
uWHQAwQCuabkAwQCufREMA0EAgACMAcDBQMqCx4AMA0GCSqGSIb3DQEBCwUAA4IB
AQBnYc2r9y4+pCpaq6eoWOnZCyhrqKitUNim1iTuQj8pQpOtSvJ2Yaa9Pzr60xbU
aCvOLv4gaGpEy8GTZne9yr219Xhn++T1dMATuPmHDwNTMy7rzV2Sc/TOPzSwPD7O
6ddj6kK8jvHx1uStqJSz9DFhKmKw8LD8YLl1J5dXJIjRydk7T4z+tjM+Bc8LW2FJ
ltecNVQmluTIZMuI16XYXiGW+TueQRZzl0TsoQRU2ewgvGsM8uIpA8Ug+3blaVa7
UD1UEWNzUE/KGscBYBQ1tmm0RXEEEnQPDpXkI9IQHr4a0yGQ/8JbIqQ2SnFjpU75
iOu8UiZiOJOmOlXTtrz0L8g6
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:21:16 2024 by rpki-client on console-ams.rpki-client.org