Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/GpPHyX2m5P2MdLf4YzELYaxFllk.roa
File: GpPHyX2m5P2MdLf4YzELYaxFllk.roa (raw, json)
Hash identifier: sJjHc4PmDO5Ud9kVB7+h5AKhQPWcDnTT5MBdbZXiMGM=
Subject key identifier: 1A:93:C7:C9:7D:A6:E4:FD:8C:74:B7:F8:63:31:0B:61:AC:45:96:59
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 018CC87090E00B94363FDC9ABB11D5A5A45D
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/GpPHyX2m5P2MdLf4YzELYaxFllk.roa
Signing time: Tue 02 Jan 2024 04:31:09 +0000
ROA not before: Tue 02 Jan 2024 04:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12912
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:90:e0:0b:94:36:3f:dc:9a:bb:11:d5:a5:a4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Jan 2 04:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a93c7c97da6e4fd8c74b7f863310b61ac459659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:13:bd:9d:99:d0:8c:f7:4f:ce:de:e9:b5:
54:60:7c:25:b4:c7:6b:84:68:db:43:b8:d3:61:8f:
e1:70:0e:28:c6:57:1f:66:d1:2d:9c:02:f6:d2:d6:
b9:5e:e8:46:71:a6:e1:14:5d:79:d2:85:32:a5:5c:
df:cd:70:6b:f6:8b:3f:f5:0f:07:04:e2:d8:50:1a:
a1:8a:f1:ca:da:d8:a6:69:d3:ec:f1:64:26:c2:10:
12:49:22:9f:5f:55:f7:e1:16:8b:79:13:ac:1a:a9:
05:2b:d4:ae:96:85:55:d7:37:90:28:d8:19:59:cd:
e8:6b:e0:8e:1d:12:1b:6c:e2:54:59:7f:7c:d0:63:
79:19:59:bf:19:7d:29:0e:b0:1b:54:72:2a:b9:4d:
30:11:ba:59:fa:b4:7f:d8:b8:f2:30:01:05:32:a1:
b1:28:a6:21:e0:c8:85:84:21:b3:21:f6:1b:80:c6:
d7:6b:ef:65:01:d3:f5:69:b7:2c:bb:b5:62:31:76:
29:a0:a1:f1:ad:b0:72:04:ef:ad:1b:ff:ef:0b:a9:
e6:75:7f:d1:ef:87:5d:df:ca:ba:73:e4:ed:e8:95:
ba:bb:a9:e5:72:ea:7c:84:6e:3c:00:77:50:fb:1f:
fb:80:96:01:8a:6a:f9:df:02:10:21:53:5f:8e:57:
22:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:93:C7:C9:7D:A6:E4:FD:8C:74:B7:F8:63:31:0B:61:AC:45:96:59
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/GpPHyX2m5P2MdLf4YzELYaxFllk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:cd:40:6c:9d:5f:73:49:66:ce:ac:b0:b2:b8:57:72:2a:5a:
8b:06:6f:c7:61:70:66:f7:1c:f6:25:cd:1b:67:1c:26:f4:ff:
67:ed:41:e1:85:65:c2:ea:b4:5a:d6:3a:03:4f:65:5f:e5:3f:
b8:96:fc:f6:1a:97:78:70:15:66:10:fa:0a:c1:8a:81:be:18:
8e:ea:3a:e9:ea:5e:c1:8b:30:77:d4:ee:85:d1:b6:81:86:e5:
9b:7b:7d:36:e9:65:d5:fc:90:ac:40:d1:e4:53:26:6b:0d:e1:
3f:fa:82:ec:ba:eb:ca:fa:55:e4:a3:5f:fb:45:a7:a5:e8:84:
1e:b4:0d:f8:bd:fc:f5:d7:1b:12:ec:43:44:9d:21:3b:7c:e8:
af:2b:2e:6f:ae:83:0c:2b:4e:21:17:12:6a:dc:6e:bc:db:49:
0e:fd:15:d1:fc:37:16:40:ba:ce:a4:ca:29:3c:9d:0d:3b:59:
48:8d:4a:48:b2:90:cc:35:16:aa:a5:39:fe:95:e7:0f:87:1b:
1f:3c:d2:9e:77:e3:82:fa:30:af:d0:af:b0:bd:52:2d:a3:38:
67:7f:e0:69:1c:d3:9e:2c:c7:3c:94:df:11:fb:ae:48:ce:f2:
d6:32:b7:a4:93:7b:92:6a:3e:33:51:5c:9c:68:17:4e:b9:66:
35:0e:87:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcJDgC5Q2P9yauxHVpaRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNl
OThlMjAwHhcNMjQwMTAyMDQzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkzYzdjOTdkYTZlNGZkOGM3NGI3Zjg2MzMxMGI2MWFjNDU5NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM8TvZ2Z0Iz3T87e6bVUYHwltMdr
hGjbQ7jTYY/hcA4oxlcfZtEtnAL20ta5XuhGcabhFF150oUypVzfzXBr9os/9Q8H
BOLYUBqhivHK2timadPs8WQmwhASSSKfX1X34RaLeROsGqkFK9SuloVV1zeQKNgZ
Wc3oa+COHRIbbOJUWX980GN5GVm/GX0pDrAbVHIquU0wEbpZ+rR/2LjyMAEFMqGx
KKYh4MiFhCGzIfYbgMbXa+9lAdP1abcsu7ViMXYpoKHxrbByBO+tG//vC6nmdX/R
74dd38q6c+Tt6JW6u6nlcup8hG48AHdQ+x/7gJYBimr53wIQIVNfjlcikwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBqTx8l9puT9jHS3+GMxC2GsRZZZMB8GA1UdIwQY
MBaAFD4L6OSNugffIXEXRbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5Zjgt
MjBmOWYwZGJmNDU4LzEvR3BQSHlYMm01UDJNZExmNFl6RUxZYXhGbGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4
LzEvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF
1CbAAwQH1MuAAwQF1dpgMA0GCSqGSIb3DQEBCwUAA4IBAQB+zUBsnV9zSWbOrLCy
uFdyKlqLBm/HYXBm9xz2Jc0bZxwm9P9n7UHhhWXC6rRa1joDT2Vf5T+4lvz2Gpd4
cBVmEPoKwYqBvhiO6jrp6l7BizB31O6F0baBhuWbe3026WXV/JCsQNHkUyZrDeE/
+oLsuuvK+lXko1/7Rael6IQetA34vfz11xsS7ENEnSE7fOivKy5vroMMK04hFxJq
3G6820kO/RXR/DcWQLrOpMopPJ0NO1lIjUpIspDMNRaqpTn+lecPhxsfPNKed+OC
+jCv0K+wvVItozhnf+BpHNOeLMc8lN8R+65IzvLWMrekk3uSaj4zUVycaBdOuWY1
DofY
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:25:14 2024 by rpki-client on console-ams.rpki-client.org