Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/glSyn9ZhnoDrM7qPF5erNeLtajE.roa
File: glSyn9ZhnoDrM7qPF5erNeLtajE.roa (raw, json)
Hash identifier: UNus30gLvnBwtWL3qSyweIVHM6bx2fno/nSb/YhjSeE=
Subject key identifier: 82:54:B2:9F:D6:61:9E:80:EB:33:BA:8F:17:97:AB:35:E2:ED:6A:31
Certificate issuer: /CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Certificate serial: 018CC26D3C62B2F90772DD97F057DBC3F19C
Authority key identifier: 1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/glSyn9ZhnoDrM7qPF5erNeLtajE.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46652
IP address blocks: 141.0.171.0/24 maxlen: 24
141.0.172.0/22 maxlen: 22
141.0.168.0/24 maxlen: 24
141.0.174.0/24 maxlen: 24
185.88.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3c:62:b2:f9:07:72:dd:97:f0:57:db:c3:f1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8254b29fd6619e80eb33ba8f1797ab35e2ed6a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:1a:43:1b:0b:41:f1:0f:a8:56:9e:cc:d4:
6e:4b:a2:f9:a3:6b:0f:84:41:e6:f1:58:0b:28:7a:
24:5d:ca:5c:85:86:7f:5a:c7:1e:70:8d:4d:7b:b5:
02:c7:2a:87:41:46:0e:f8:ff:f7:b6:f6:72:9d:62:
ea:bf:f7:6a:8b:6f:11:1b:26:b7:33:16:04:af:a4:
38:7c:29:53:ec:90:fc:f1:41:a5:8d:68:0d:41:9a:
84:b3:c3:c0:af:9f:0a:7f:53:df:55:3b:90:ae:b7:
49:a9:e9:c7:78:f4:ea:a2:68:89:03:0c:4d:b7:cf:
d9:e6:91:5c:f0:3b:fe:c6:26:aa:ef:ee:17:1b:53:
2b:1e:9e:2d:01:cb:9d:d4:ef:a8:e5:e0:7b:25:dd:
c9:48:a9:6f:a2:ef:05:12:b6:f1:ea:b3:e7:a9:15:
53:0d:73:9e:d8:21:42:0d:60:2d:39:09:66:c1:f1:
a1:f7:c2:93:bf:76:f7:73:13:bd:dd:92:20:45:f4:
07:2a:2e:13:dc:56:aa:5c:c9:16:4f:f0:08:f8:03:
fe:e5:f8:f5:88:10:cd:c1:6d:dc:c0:42:ec:71:dc:
49:8f:be:08:62:7d:23:0c:cf:94:35:97:e4:5c:31:
3b:99:f3:fe:3f:0e:03:cf:4b:50:00:92:c9:13:95:
f8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:54:B2:9F:D6:61:9E:80:EB:33:BA:8F:17:97:AB:35:E2:ED:6A:31
X509v3 Authority Key Identifier:
keyid:1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/glSyn9ZhnoDrM7qPF5erNeLtajE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.0.168.0/24
141.0.171.0-141.0.175.255
185.88.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:2a:27:a1:f9:6f:de:61:e3:85:1d:63:92:6c:51:d9:4e:48:
a3:a6:cc:4e:e0:d5:03:c9:fa:d4:e8:68:80:b7:c8:33:ff:99:
b9:da:62:2b:50:f7:e9:fd:a3:47:7f:96:e7:b6:98:10:13:96:
8f:13:76:69:24:44:4e:a9:07:50:a7:75:58:0b:9c:56:22:38:
71:b5:54:00:1c:dd:7f:93:16:f1:67:75:ea:c2:d5:fa:4a:bd:
17:e9:81:bb:0d:2f:52:9e:7e:b8:40:79:35:11:aa:00:b7:9f:
94:77:08:50:e2:72:4d:d3:2d:8a:d9:41:1e:50:a7:be:47:76:
6c:c2:0a:24:81:09:a6:78:0c:c4:fd:52:12:55:d2:48:57:9a:
02:1c:38:7d:c7:e6:8e:f7:a6:03:0e:a2:33:c3:2d:0d:1f:b0:
a5:2f:22:ca:04:9e:fd:b5:93:9f:9c:94:9a:94:c8:78:3e:49:
a4:d9:74:94:ef:05:ac:7e:81:74:5c:e8:ba:bb:f9:67:cb:07:
d3:2e:ab:7e:f2:20:fb:e2:2d:47:fe:be:c2:45:40:c7:b9:94:
c8:93:bd:33:ef:2a:8d:05:77:0f:e6:c1:35:7f:5c:2a:9b:f9:
08:15:77:46:52:0c:39:51:7f:7c:c5:72:23:06:dd:a0:8b:0f:
32:88:06:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbTxisvkHct2X8Ffbw/GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMWQyMTU0YjkzMjRlZmIzOWNhMzhiYTE5MzFiYTVkZmI1
OWU4ZmQwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU0YjI5ZmQ2NjE5ZTgwZWIzM2JhOGYxNzk3YWIzNWUyZWQ2YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW4aQxsLQfEPqFaezNRuS6L5o2sP
hEHm8VgLKHokXcpchYZ/WscecI1Ne7UCxyqHQUYO+P/3tvZynWLqv/dqi28RGya3
MxYEr6Q4fClT7JD88UGljWgNQZqEs8PAr58Kf1PfVTuQrrdJqenHePTqomiJAwxN
t8/Z5pFc8Dv+xiaq7+4XG1MrHp4tAcud1O+o5eB7Jd3JSKlvou8FErbx6rPnqRVT
DXOe2CFCDWAtOQlmwfGh98KTv3b3cxO93ZIgRfQHKi4T3FaqXMkWT/AI+AP+5fj1
iBDNwW3cwELscdxJj74IYn0jDM+UNZfkXDE7mfP+Pw4Dz0tQAJLJE5X4JQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIJUsp/WYZ6A6zO6jxeXqzXi7WoxMB8GA1UdIwQY
MBaAFBodIVS5Mk77Oco4uhkxul37Wej9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAt
ODkwMWIwNTJiODZiLzEvZ2xTeW45Wmhub0RyTTdxUEY1ZXJOZUx0YWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAtODkwMWIwNTJiODZi
LzEvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjQCoMAwD
BACNAKsDBASNAKADBAK5WLQwDQYJKoZIhvcNAQELBQADggEBAAsqJ6H5b95h44Ud
Y5JsUdlOSKOmzE7g1QPJ+tToaIC3yDP/mbnaYitQ9+n9o0d/lue2mBATlo8Tdmkk
RE6pB1CndVgLnFYiOHG1VAAc3X+TFvFnderC1fpKvRfpgbsNL1KefrhAeTURqgC3
n5R3CFDick3TLYrZQR5Qp75HdmzCCiSBCaZ4DMT9UhJV0khXmgIcOH3H5o73pgMO
ojPDLQ0fsKUvIsoEnv21k5+clJqUyHg+SaTZdJTvBax+gXRc6Lq7+WfLB9Muq37y
IPviLUf+vsJFQMe5lMiTvTPvKo0Fdw/mwTV/XCqb+QgVd0ZSDDlRf3zFciMG3aCL
DzKIBvg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:06:04 2024 by rpki-client on console-fra.rpki-client.org