Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/gJWSe5nHoNEmAASovwBKDAfkIsU.roa
File: gJWSe5nHoNEmAASovwBKDAfkIsU.roa (raw, json)
Hash identifier: jQblCMWeR9oTOm8dnyqhnxMh51TGmnviYohwH4IpMe8=
Subject key identifier: 80:95:92:7B:99:C7:A0:D1:26:00:04:A8:BF:00:4A:0C:07:E4:22:C5
Certificate issuer: /CN=0f92c52f86009879c177092f7cd83418b4df8cab
Certificate serial: 018CC3494DA0C6A7E00877F872EB28DED34E
Authority key identifier: 0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/gJWSe5nHoNEmAASovwBKDAfkIsU.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47887
IP address blocks: 81.28.112.0/20 maxlen: 24
188.123.160.0/19 maxlen: 24
185.175.248.0/22 maxlen: 24
82.212.64.0/18 maxlen: 24
2a00:18d0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4d:a0:c6:a7:e0:08:77:f8:72:eb:28:de:d3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f92c52f86009879c177092f7cd83418b4df8cab
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8095927b99c7a0d1260004a8bf004a0c07e422c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c5:26:df:d5:90:ab:7f:a3:6f:9d:8c:99:bf:
ab:94:d7:59:fc:18:39:cb:43:3d:9f:c0:db:a4:80:
00:15:56:1c:7b:15:00:8d:af:d5:9a:c2:91:08:ec:
ba:6a:46:d9:6e:4a:a4:87:50:56:b0:ce:c3:36:b9:
f6:22:33:f6:b5:4f:93:a4:26:a0:85:4f:d0:49:82:
94:59:3d:bd:96:e5:8c:ee:04:50:b7:8f:8d:ef:43:
7b:96:0d:69:a3:6c:31:cc:fa:08:7a:5e:99:8a:41:
ce:b9:05:ce:e1:39:46:33:49:f3:55:f4:01:b9:d2:
e2:c5:da:42:79:67:0f:bb:11:3f:18:4f:f9:43:33:
21:98:92:0a:e3:d1:46:52:48:ff:9a:73:e4:17:f9:
7d:e6:3a:ab:1e:a0:9f:a0:1b:bc:9f:ab:23:de:2a:
e5:03:af:e9:3c:85:a2:33:23:a1:6e:ff:73:61:d1:
57:e2:6c:58:53:23:72:c1:0d:27:06:89:49:66:53:
61:9c:32:16:09:f7:f3:04:42:43:5f:71:e4:a2:1e:
f3:02:f2:44:ab:c2:7c:d4:08:83:4e:30:bb:7c:47:
a6:07:6c:0a:ff:66:cc:32:b0:b6:87:a6:ca:21:c0:
d6:c5:3d:85:af:91:c7:ba:89:95:45:71:54:00:c4:
44:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:95:92:7B:99:C7:A0:D1:26:00:04:A8:BF:00:4A:0C:07:E4:22:C5
X509v3 Authority Key Identifier:
keyid:0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/gJWSe5nHoNEmAASovwBKDAfkIsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.112.0/20
82.212.64.0/18
185.175.248.0/22
188.123.160.0/19
IPv6:
2a00:18d0::/32
Signature Algorithm: sha256WithRSAEncryption
28:a5:88:6d:63:72:55:ad:e3:80:09:15:fc:d3:3c:63:a7:5f:
1f:0f:f4:7a:af:70:f1:72:83:3d:f1:e0:d7:9d:13:3d:6e:9d:
1b:ab:db:11:3c:ea:f3:36:1e:9d:b8:2d:91:45:b3:6f:da:2c:
6c:d8:5d:f7:33:e5:2e:fe:e3:f5:b4:83:70:e0:85:77:06:7a:
d0:6e:82:f3:b1:f9:65:65:08:96:1f:82:59:1e:b9:0f:51:1d:
cd:11:61:28:62:fd:01:77:e3:17:2d:62:c8:ee:b5:f2:e2:a3:
55:e6:65:2a:db:8d:93:25:76:e3:e1:69:a7:89:e1:fa:c5:81:
86:21:12:70:6c:5c:c4:8a:2a:ff:e4:20:0f:a9:c4:d3:81:ab:
88:10:98:e2:7a:9b:28:6f:ed:6c:1a:4a:6c:a9:2c:6f:99:a1:
3e:18:ac:55:34:f1:6e:e4:d4:84:d5:b0:35:f2:22:73:71:3b:
fe:11:cc:b4:80:fa:e5:d0:de:2d:7c:86:5e:2d:da:bb:de:86:
67:a7:7a:80:40:be:57:95:3f:2a:31:c6:d6:59:09:79:5e:6a:
67:a7:22:40:47:b1:31:1b:d9:70:16:a1:ff:42:51:df:9e:2d:
4a:33:29:9f:b7:cf:48:d0:58:75:7d:12:ac:59:c4:a3:d7:0b:
f4:2a:ea:1f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSU2gxqfgCHf4cuso3tNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTJjNTJmODYwMDk4NzljMTc3MDkyZjdjZDgzNDE4YjRk
ZjhjYWIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk1OTI3Yjk5YzdhMGQxMjYwMDA0YThiZjAwNGEwYzA3ZTQyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMUm39WQq3+jb52Mmb+rlNdZ/Bg5
y0M9n8DbpIAAFVYcexUAja/VmsKRCOy6akbZbkqkh1BWsM7DNrn2IjP2tU+TpCag
hU/QSYKUWT29luWM7gRQt4+N70N7lg1po2wxzPoIel6ZikHOuQXO4TlGM0nzVfQB
udLixdpCeWcPuxE/GE/5QzMhmJIK49FGUkj/mnPkF/l95jqrHqCfoBu8n6sj3irl
A6/pPIWiMyOhbv9zYdFX4mxYUyNywQ0nBolJZlNhnDIWCffzBEJDX3Hkoh7zAvJE
q8J81AiDTjC7fEemB2wK/2bMMrC2h6bKIcDWxT2Fr5HHuomVRXFUAMRE5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFICVknuZx6DRJgAEqL8ASgwH5CLFMB8GA1UdIwQY
MBaAFA+SxS+GAJh5wXcJL3zYNBi034yrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWIt
MGJlMjA5ZmZiYWVjLzEvZ0pXU2U1bkhvTkVtQUFTb3Z3QktEQWZrSXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWItMGJlMjA5ZmZiYWVj
LzEvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEURxwAwQG
UtRAAwQCua/4AwQFvHugMA0EAgACMAcDBQAqABjQMA0GCSqGSIb3DQEBCwUAA4IB
AQAopYhtY3JVreOACRX80zxjp18fD/R6r3DxcoM98eDXnRM9bp0bq9sRPOrzNh6d
uC2RRbNv2ixs2F33M+Uu/uP1tINw4IV3BnrQboLzsfllZQiWH4JZHrkPUR3NEWEo
Yv0Bd+MXLWLI7rXy4qNV5mUq242TJXbj4WmnieH6xYGGIRJwbFzEiir/5CAPqcTT
gauIEJjiepsob+1sGkpsqSxvmaE+GKxVNPFu5NSE1bA18iJzcTv+Ecy0gPrl0N4t
fIZeLdq73oZnp3qAQL5XlT8qMcbWWQl5XmpnpyJAR7ExG9lwFqH/QlHfni1KMymf
t89I0Fh1fRKsWcSj1wv0Kuof
-----END CERTIFICATE-----
Generated at Sun May 19 16:47:43 2024 by rpki-client on console-fra.rpki-client.org