Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/GX2ZARXZsERfXD_X3fjhilLoPYs.roa
File: GX2ZARXZsERfXD_X3fjhilLoPYs.roa (raw, json)
Hash identifier: 8/7/wRKwNcfMrhftHmUbXs2QyjSnhLb65g2w75nNHzk=
Subject key identifier: 19:7D:99:01:15:D9:B0:44:5F:5C:3F:D7:DD:F8:E1:8A:52:E8:3D:8B
Certificate issuer: /CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Certificate serial: 018CC2DB5721D2A34060C06B8C306CEDA4FA
Authority key identifier: 09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/GX2ZARXZsERfXD_X3fjhilLoPYs.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35393
IP address blocks: 185.158.44.0/22 maxlen: 24
185.111.228.0/22 maxlen: 24
188.208.198.0/23 maxlen: 24
94.247.24.0/21 maxlen: 24
92.39.240.0/20 maxlen: 24
84.246.224.0/21 maxlen: 24
2a02:23e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:57:21:d2:a3:40:60:c0:6b:8c:30:6c:ed:a4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=197d990115d9b0445f5c3fd7ddf8e18a52e83d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b0:32:64:0e:13:65:5c:f7:d6:5e:0f:b0:7c:
94:ff:48:94:ec:8a:88:de:7f:c4:37:cc:4c:a5:f9:
01:ba:2a:ee:84:7a:6a:45:14:9c:12:f1:58:fb:d4:
ad:05:24:81:ca:25:30:be:6c:6b:0a:2a:14:74:12:
ab:0b:9e:24:e3:55:e5:23:ee:5c:83:ea:0b:4e:06:
2c:07:54:a9:61:68:ec:58:5a:88:69:95:64:30:9b:
dc:c5:0b:cf:86:a1:89:67:a6:c9:51:1b:ce:17:bc:
9b:af:d6:7c:b7:17:48:ff:eb:9d:5d:0e:bf:ea:0c:
bc:bf:f1:3c:da:39:13:af:a6:6b:21:e7:b5:eb:f2:
a6:da:0e:5b:93:0f:88:d6:8f:1e:50:c0:43:e5:5c:
40:75:9a:55:21:52:97:0e:60:8c:57:2e:ee:8c:ee:
e1:47:69:17:7d:51:06:be:1a:cb:fe:59:5a:d9:50:
02:b1:aa:33:5a:fd:ee:53:91:f4:98:87:51:33:6a:
58:db:28:dd:23:1d:ef:76:2e:61:13:89:51:da:99:
10:c1:e3:25:e6:72:c9:66:69:3a:5d:f3:d4:8a:37:
cb:5e:44:b3:7b:9a:ab:ef:9c:90:1e:16:18:af:a7:
9a:32:15:97:62:1d:2b:82:8c:2b:c0:be:5f:35:4e:
e8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7D:99:01:15:D9:B0:44:5F:5C:3F:D7:DD:F8:E1:8A:52:E8:3D:8B
X509v3 Authority Key Identifier:
keyid:09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/GX2ZARXZsERfXD_X3fjhilLoPYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.224.0/21
92.39.240.0/20
94.247.24.0/21
185.111.228.0/22
185.158.44.0/22
188.208.198.0/23
IPv6:
2a02:23e0::/32
Signature Algorithm: sha256WithRSAEncryption
c6:d3:db:dc:5b:69:e3:a9:7f:30:ae:06:74:39:0b:f6:72:9c:
e9:5d:5a:20:43:d7:8f:5d:66:03:de:0a:4e:ca:8c:92:67:83:
26:05:7d:91:0e:f8:49:2d:d5:a8:f9:3a:22:86:36:2b:a6:56:
9f:5b:ac:28:cd:82:f3:3d:cd:9d:7a:2b:8b:f1:6f:04:6b:a8:
34:77:5d:bb:4f:52:c5:55:49:b8:06:f0:86:ad:1a:2c:ae:f4:
d4:2f:b8:12:16:89:44:21:6f:b0:95:9f:44:c6:d5:0e:42:14:
74:47:2b:fa:50:84:e3:95:5d:1f:ce:5d:5a:ac:48:9e:45:9c:
2d:5a:b2:82:71:9b:36:e6:57:97:77:e0:1b:34:d5:62:3b:66:
9f:61:d4:e3:0c:22:b9:1b:c3:5b:57:79:1b:c5:c4:e2:7c:25:
21:18:2c:19:59:f3:61:c9:5d:5c:06:20:3c:de:5a:36:c2:4f:
66:21:2c:3c:4e:44:bc:3b:b4:0f:7f:40:3a:07:93:21:d7:bc:
15:a1:78:08:97:db:d1:3b:bb:83:e5:ed:b0:61:6a:91:6f:b7:
0a:12:46:3b:9b:77:08:11:dc:d0:d6:ef:9e:e7:42:dc:3f:84:
bd:35:35:42:e7:b9:98:15:a2:53:c0:97:db:93:6c:56:b8:ce:
0c:24:20:b0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzC21ch0qNAYMBrjDBs7aT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjRiZjM3ZjM5ZWVjNjI5ODJjNGI2MzcwOWZhYjVkMTQ2
YzczNzMwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdkOTkwMTE1ZDliMDQ0NWY1YzNmZDdkZGY4ZTE4YTUyZTgzZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbAyZA4TZVz31l4PsHyU/0iU7IqI
3n/EN8xMpfkBuiruhHpqRRScEvFY+9StBSSByiUwvmxrCioUdBKrC54k41XlI+5c
g+oLTgYsB1SpYWjsWFqIaZVkMJvcxQvPhqGJZ6bJURvOF7ybr9Z8txdI/+udXQ6/
6gy8v/E82jkTr6ZrIee16/Km2g5bkw+I1o8eUMBD5VxAdZpVIVKXDmCMVy7ujO7h
R2kXfVEGvhrL/lla2VACsaozWv3uU5H0mIdRM2pY2yjdIx3vdi5hE4lR2pkQweMl
5nLJZmk6XfPUijfLXkSze5qr75yQHhYYr6eaMhWXYh0rgowrwL5fNU7o3wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBl9mQEV2bBEX1w/19344YpS6D2LMB8GA1UdIwQY
MBaAFAm0vzfznuximCxLY3Cfq10UbHNzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JTX05fT2U3R0tZTEV0amNKLXJYUlJzYzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzE2ZDktNDczZi00YWYzLWExZDMt
MjRlNmMwZDRmYWQ3LzEvR1gyWkFSWFpzRVJmWERfWDNmamhpbExvUFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzE2ZDktNDczZi00YWYzLWExZDMtMjRlNmMwZDRmYWQ3
LzEvQ2JTX05fT2U3R0tZTEV0amNKLXJYUlJzYzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVPbgAwQE
XCfwAwQDXvcYAwQCuW/kAwQCuZ4sAwQBvNDGMA0EAgACMAcDBQAqAiPgMA0GCSqG
SIb3DQEBCwUAA4IBAQDG09vcW2njqX8wrgZ0OQv2cpzpXVogQ9ePXWYD3gpOyoyS
Z4MmBX2RDvhJLdWo+ToihjYrplafW6wozYLzPc2deiuL8W8Ea6g0d127T1LFVUm4
BvCGrRosrvTUL7gSFolEIW+wlZ9ExtUOQhR0Ryv6UITjlV0fzl1arEieRZwtWrKC
cZs25leXd+AbNNViO2afYdTjDCK5G8NbV3kbxcTifCUhGCwZWfNhyV1cBiA83lo2
wk9mISw8TkS8O7QPf0A6B5Mh17wVoXgIl9vRO7uD5e2wYWqRb7cKEkY7m3cIEdzQ
1u+e50LcP4S9NTVC57mYFaJTwJfbk2xWuM4MJCCw
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:44 2024 by rpki-client on console-ams.rpki-client.org