Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GhDBeFsV0o6Q5aVQohlMSB4QT1g.roa
File: GhDBeFsV0o6Q5aVQohlMSB4QT1g.roa (raw, json)
Hash identifier: UYV/suRHLLDsYPK9PyGH4BBnn3WpwoULemZ5uunPcns=
Subject key identifier: 1A:10:C1:78:5B:15:D2:8E:90:E5:A5:50:A2:19:4C:48:1E:10:4F:58
Certificate issuer: /CN=191e27b29f65a24d9f94215715cd3671825a9eae
Certificate serial: 018CC86F645AE0532AD5E8B5A01CB1911BC8
Authority key identifier: 19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GhDBeFsV0o6Q5aVQohlMSB4QT1g.roa
Signing time: Tue 02 Jan 2024 04:29:52 +0000
ROA not before: Tue 02 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208917
IP address blocks: 185.102.26.0/24 maxlen: 24
185.102.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:64:5a:e0:53:2a:d5:e8:b5:a0:1c:b1:91:1b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191e27b29f65a24d9f94215715cd3671825a9eae
Validity
Not Before: Jan 2 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a10c1785b15d28e90e5a550a2194c481e104f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ee:e1:04:bb:16:2a:12:12:ff:43:d8:78:38:
d4:91:82:46:36:a0:f0:45:96:8d:14:f4:5a:5b:bc:
e6:d9:42:3a:16:55:45:51:d7:a1:7f:84:57:24:27:
3b:73:36:8c:db:ef:02:c1:c7:f8:7c:c4:95:0c:52:
80:37:3e:e9:70:75:19:32:5b:4c:49:10:49:2b:a5:
0d:09:15:0b:d2:6c:86:c8:bf:82:1b:ca:44:53:46:
ab:36:10:e1:46:c0:16:65:6e:1f:72:fc:07:f1:88:
82:5c:ec:65:08:ff:4c:71:74:9a:91:86:d1:56:d4:
d5:e1:6a:57:87:23:d6:6b:f9:ef:9a:15:d9:34:5d:
02:8a:dd:18:0f:35:66:63:9c:06:50:39:60:30:c6:
9a:20:e8:fc:c2:6c:c1:53:3c:0d:96:34:53:c1:e9:
5f:54:94:d7:2f:96:95:e3:48:71:45:13:96:a3:84:
f0:f3:63:77:db:7f:66:aa:50:4b:38:83:69:2d:14:
67:5c:43:6c:c0:03:44:3c:f3:1f:08:d0:10:41:32:
17:70:ac:71:d5:12:e7:f0:68:8e:96:c1:97:6a:8b:
3c:40:cb:1d:37:57:0d:19:db:7e:55:8a:06:a5:7a:
7c:06:27:91:95:4a:ee:ef:33:54:6b:a7:e4:2f:55:
1c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:10:C1:78:5B:15:D2:8E:90:E5:A5:50:A2:19:4C:48:1E:10:4F:58
X509v3 Authority Key Identifier:
keyid:19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GhDBeFsV0o6Q5aVQohlMSB4QT1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.24.0-185.102.26.255
Signature Algorithm: sha256WithRSAEncryption
55:3c:d7:6b:35:5e:9a:21:4f:fb:8f:9c:c6:2b:69:2a:1f:d3:
11:af:0e:e8:0c:2b:b0:24:ee:33:ae:ee:20:ac:e9:b0:28:f9:
54:04:4a:8e:e5:0c:0d:15:3d:4c:6b:86:9a:a5:e2:db:92:0e:
b7:54:cf:d9:63:a2:27:74:22:84:10:cd:36:f0:64:45:33:ba:
59:25:cf:93:c4:4f:d1:1f:c7:28:a1:7e:61:c9:e3:50:68:4b:
73:53:c4:dc:e0:86:19:cd:03:17:ca:03:30:46:11:d6:f5:3f:
eb:f4:a2:b5:6d:9e:a5:e0:51:e8:b7:aa:d3:74:b5:e1:fa:91:
29:c0:61:4f:02:4d:a9:9d:24:48:02:41:e0:99:b2:93:1c:b0:
22:ac:2b:5c:e5:dd:a4:4f:58:63:ba:d2:d1:27:61:37:31:a0:
c5:68:7c:bb:75:75:4e:d4:3e:37:93:bd:e7:31:5c:97:24:30:
88:a0:0a:51:c2:22:cb:1e:7a:9e:b4:4e:2d:2a:49:ea:dc:10:
4a:c9:77:13:67:43:87:7f:d8:5e:b7:a8:6c:fe:23:54:e9:43:
83:97:9a:ce:e4:dc:62:6e:7d:4d:65:ce:c2:29:c0:3f:83:39:
ee:b2:08:f6:4d:c3:fd:6a:ea:aa:f8:65:42:05:75:81:52:e3:
5c:b2:21:7f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIb2Ra4FMq1ei1oByxkRvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWUyN2IyOWY2NWEyNGQ5Zjk0MjE1NzE1Y2QzNjcxODI1
YTllYWUwHhcNMjQwMTAyMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTEwYzE3ODViMTVkMjhlOTBlNWE1NTBhMjE5NGM0ODFlMTA0ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO7hBLsWKhIS/0PYeDjUkYJGNqDw
RZaNFPRaW7zm2UI6FlVFUdehf4RXJCc7czaM2+8Cwcf4fMSVDFKANz7pcHUZMltM
SRBJK6UNCRUL0myGyL+CG8pEU0arNhDhRsAWZW4fcvwH8YiCXOxlCP9McXSakYbR
VtTV4WpXhyPWa/nvmhXZNF0Cit0YDzVmY5wGUDlgMMaaIOj8wmzBUzwNljRTwelf
VJTXL5aV40hxRROWo4Tw82N3239mqlBLOINpLRRnXENswANEPPMfCNAQQTIXcKxx
1RLn8GiOlsGXaos8QMsdN1cNGdt+VYoGpXp8BieRlUru7zNUa6fkL1UcTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBoQwXhbFdKOkOWlUKIZTEgeEE9YMB8GA1UdIwQY
MBaAFBkeJ7KfZaJNn5QhVxXNNnGCWp6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTct
YjhjNjY2ZTZkMzUxLzEvR2hEQmVGc1YwbzZRNWFWUW9obE1TQjRRVDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTctYjhjNjY2ZTZkMzUx
LzEvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5ZhgD
BAC5ZhowDQYJKoZIhvcNAQELBQADggEBAFU812s1XpohT/uPnMYraSof0xGvDugM
K7Ak7jOu7iCs6bAo+VQESo7lDA0VPUxrhpql4tuSDrdUz9ljoid0IoQQzTbwZEUz
ulklz5PET9EfxyihfmHJ41BoS3NTxNzghhnNAxfKAzBGEdb1P+v0orVtnqXgUei3
qtN0teH6kSnAYU8CTamdJEgCQeCZspMcsCKsK1zl3aRPWGO60tEnYTcxoMVofLt1
dU7UPjeTvecxXJckMIigClHCIsseep60Ti0qSercEErJdxNnQ4d/2F63qGz+I1Tp
Q4OXms7k3GJufU1lzsIpwD+DOe6yCPZNw/1q6qr4ZUIFdYFS41yyIX8=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:58:00 2024 by rpki-client on console-ams.rpki-client.org