Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/GEXB8i0Vrc5wHJWZz2T8QfFQMHQ.roa
File: GEXB8i0Vrc5wHJWZz2T8QfFQMHQ.roa (raw, json)
Hash identifier: wGfvUO9jbbR531mZBPHBySAU0Iqbx/dtikWVIHhyhx4=
Subject key identifier: 18:45:C1:F2:2D:15:AD:CE:70:1C:95:99:CF:64:FC:41:F1:50:30:74
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 018D846E4450EBA4AEF8E628F70E69B374F5
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/GEXB8i0Vrc5wHJWZz2T8QfFQMHQ.roa
Signing time: Wed 07 Feb 2024 16:37:15 +0000
ROA not before: Wed 07 Feb 2024 16:37:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.186.0/24 maxlen: 24
185.1.231.0/24 maxlen: 24
185.188.83.0/24 maxlen: 24
217.29.66.0/23 maxlen: 23
217.29.68.0/23 maxlen: 23
2001:7f8:b:100::/64 maxlen: 64
2001:7f8:b:101::/64 maxlen: 64
2001:7f8:101:7::/64 maxlen: 64
2001:7f8:101:13::/64 maxlen: 64
2001:7f8:101:14::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:6e:44:50:eb:a4:ae:f8:e6:28:f7:0e:69:b3:74:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Feb 7 16:37:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1845c1f22d15adce701c9599cf64fc41f1503074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ae:d3:a5:e7:79:2e:e9:cc:5d:ae:7e:20:c8:
c9:ce:cd:27:51:d2:77:cc:61:38:17:96:5f:75:29:
43:77:bc:32:94:48:1d:55:36:d1:45:82:14:4c:b0:
b4:03:99:0c:a8:3e:a8:09:c2:84:04:bc:d4:c0:c2:
5e:73:e2:be:e7:04:74:40:fe:56:c4:4e:ed:14:25:
b9:ac:2d:95:79:a7:1c:95:4a:54:4c:a1:35:85:b8:
fb:86:10:5a:d3:07:45:04:f3:c7:66:d4:f9:1e:bb:
ce:6c:1d:8e:b7:dc:4d:14:d9:ed:f5:ff:92:a1:39:
79:86:99:8d:a4:ed:bf:91:4d:f2:49:2e:3e:a6:93:
05:c1:6a:af:90:76:16:bb:12:4d:50:cc:e1:84:5e:
22:90:52:e4:04:de:f7:12:4f:86:58:d3:a6:de:36:
82:9b:00:b3:7f:03:9a:22:b4:d0:66:94:83:39:d6:
0d:8c:d6:ee:ad:6b:8e:f4:7b:86:90:c1:c0:2b:c4:
2c:d4:3d:47:93:bc:da:2e:d2:6e:7b:75:ec:6a:35:
56:ec:57:dd:ee:d5:2f:8c:c6:57:87:34:97:78:77:
a1:3e:45:ed:c6:32:c7:5d:ec:39:81:e8:97:24:43:
d8:b0:07:5b:e0:a4:ae:37:7a:13:c8:66:59:ac:49:
b4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:45:C1:F2:2D:15:AD:CE:70:1C:95:99:CF:64:FC:41:F1:50:30:74
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/GEXB8i0Vrc5wHJWZz2T8QfFQMHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.186.0/24
185.1.231.0/24
185.188.83.0/24
217.29.66.0-217.29.69.255
IPv6:
2001:7f8:b:100::/63
2001:7f8:101:7::/64
2001:7f8:101:13::-2001:7f8:101:14:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:c9:1b:9b:7c:56:1d:36:7e:36:45:64:8b:4a:5b:a5:43:46:
39:05:7c:ad:30:d5:e0:04:dc:cc:57:c8:5f:5c:4b:bb:9d:c3:
d6:e7:65:ce:08:43:3d:6a:6c:96:48:c3:aa:12:1e:55:91:66:
a3:81:9e:59:05:17:57:3c:97:15:3d:64:29:30:a5:cd:ad:76:
29:05:67:cf:f9:d0:b1:fe:d2:b9:0a:c9:68:01:f9:6a:55:eb:
ea:c9:bb:4f:ea:1f:84:6d:2d:5f:8e:dc:db:7f:12:9c:f4:b8:
2f:91:db:02:c3:dc:32:36:c6:d9:83:9a:e0:54:0a:c1:c5:6c:
0f:b3:40:e9:65:3d:b7:49:a4:15:52:1f:77:84:01:4d:b8:49:
5e:73:37:e3:6f:d1:4f:92:98:cc:74:de:b4:79:51:64:7c:29:
e5:ed:56:73:9d:09:9a:19:1e:da:03:c3:12:e6:b2:ee:a9:05:
88:71:dd:ff:44:c6:72:91:57:37:04:0d:cb:2a:29:66:49:1b:
a3:73:66:93:b2:ff:e9:a3:14:6a:b6:46:37:f5:9c:7e:2a:84:
28:71:43:21:b0:a7:06:3a:03:e3:5f:70:7a:d8:c8:87:e3:b1:
7b:e9:87:73:2b:c8:1d:f8:32:96:dd:9b:6c:c0:3c:22:2c:0f:
6b:2d:52:d2
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY2EbkRQ66Su+OYo9w5ps3T1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjQwMjA3MTYzNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQ1YzFmMjJkMTVhZGNlNzAxYzk1OTljZjY0ZmM0MWYxNTAzMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq7Tped5LunMXa5+IMjJzs0nUdJ3
zGE4F5ZfdSlDd7wylEgdVTbRRYIUTLC0A5kMqD6oCcKEBLzUwMJec+K+5wR0QP5W
xE7tFCW5rC2VeacclUpUTKE1hbj7hhBa0wdFBPPHZtT5HrvObB2Ot9xNFNnt9f+S
oTl5hpmNpO2/kU3ySS4+ppMFwWqvkHYWuxJNUMzhhF4ikFLkBN73Ek+GWNOm3jaC
mwCzfwOaIrTQZpSDOdYNjNburWuO9HuGkMHAK8Qs1D1Hk7zaLtJue3XsajVW7Ffd
7tUvjMZXhzSXeHehPkXtxjLHXew5geiXJEPYsAdb4KSuN3oTyGZZrEm04QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFBhFwfItFa3OcByVmc9k/EHxUDB0MB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvR0VYQjhpMFZyYzV3SEpXWnoyVDhRZkZRTUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjAmBAIAATAgAwQAuQG6AwQA
uQHnAwQAubxTMAwDBAHZHUIDBAHZHUQwNAQCAAIwLgMJASABB/gACwEAAwkAIAEH
+AEBAAcwFgMJACABB/gBAQATAwkAIAEH+AEBABQwDQYJKoZIhvcNAQELBQADggEB
AAbJG5t8Vh02fjZFZItKW6VDRjkFfK0w1eAE3MxXyF9cS7udw9bnZc4IQz1qbJZI
w6oSHlWRZqOBnlkFF1c8lxU9ZCkwpc2tdikFZ8/50LH+0rkKyWgB+WpV6+rJu0/q
H4RtLV+O3Nt/Epz0uC+R2wLD3DI2xtmDmuBUCsHFbA+zQOllPbdJpBVSH3eEAU24
SV5zN+Nv0U+SmMx03rR5UWR8KeXtVnOdCZoZHtoDwxLmsu6pBYhx3f9ExnKRVzcE
DcsqKWZJG6NzZpOy/+mjFGq2Rjf1nH4qhChxQyGwpwY6A+NfcHrYyIfjsXvph3Mr
yB34Mpbdm2zAPCIsD2stUtI=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:46:45 2024 by rpki-client on console-fra.rpki-client.org