Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/gaRHHpOwIzb4VxGEtIE2qFy_axE.roa
File: gaRHHpOwIzb4VxGEtIE2qFy_axE.roa (raw, json)
Hash identifier: 1P/OoQyiSVYg3Ww8WwS5vn5A/nwsH8xBI+tUJj+zk6M=
Subject key identifier: 81:A4:47:1E:93:B0:23:36:F8:57:11:84:B4:81:36:A8:5C:BF:6B:11
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018E12DDAD28AFC789E864A8EB4A6026CA13
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/gaRHHpOwIzb4VxGEtIE2qFy_axE.roa
Signing time: Wed 06 Mar 2024 08:25:01 +0000
ROA not before: Wed 06 Mar 2024 08:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60695
IP address blocks: 45.88.4.0/24 maxlen: 24
155.133.33.0/24 maxlen: 24
155.133.60.0/23 maxlen: 23
185.225.100.0/22 maxlen: 22
185.228.108.0/22 maxlen: 22
2a06:1e00::/29 maxlen: 48
2a0d:a00::/29 maxlen: 29
2a0d:b400::/29 maxlen: 48
2a0e:4d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:dd:ad:28:af:c7:89:e8:64:a8:eb:4a:60:26:ca:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Mar 6 08:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81a4471e93b02336f8571184b48136a85cbf6b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:76:fb:cd:4d:8f:ec:6f:a4:64:33:d3:56:f1:
4b:8a:48:4f:4f:8a:b1:6a:2e:0e:56:70:b9:0c:d0:
ba:68:c0:70:f5:c8:5d:56:47:42:44:18:a7:9c:0b:
c3:fc:fa:f1:53:ea:c7:6d:39:ca:a0:6e:30:e0:6b:
4d:d9:7d:91:f1:5f:61:ec:bf:b6:5d:eb:95:b1:fe:
a0:0a:e5:c7:0a:32:77:4f:b8:6c:4c:89:4c:60:97:
d5:5d:7b:91:14:0c:cc:92:5f:73:2e:8c:c1:41:d1:
2c:41:12:ba:c0:9e:88:37:a4:fb:93:c6:3d:ca:a8:
5e:6c:dc:4a:f4:7c:22:5a:23:be:19:41:74:d3:d9:
42:61:83:93:c0:b4:12:14:cb:66:3a:77:6d:52:d7:
c7:0f:18:1d:fe:09:87:75:b9:72:d8:a6:95:56:00:
a4:2b:78:d3:ca:87:1c:30:d5:7c:c4:75:fb:49:f9:
6d:e6:4e:af:02:4b:ca:b9:57:1e:3f:85:9a:e1:95:
5f:af:d8:74:35:f7:cb:79:91:ff:e3:00:34:25:ac:
20:7c:ca:d9:fb:3f:6c:a4:c9:af:0e:11:ac:20:f2:
9b:8e:e2:66:ff:26:21:41:9d:3f:fc:8e:74:17:76:
bc:67:1e:42:2b:1e:96:00:5e:97:5f:cb:01:c2:a8:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:47:1E:93:B0:23:36:F8:57:11:84:B4:81:36:A8:5C:BF:6B:11
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/gaRHHpOwIzb4VxGEtIE2qFy_axE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.4.0/24
155.133.33.0/24
155.133.60.0/23
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/29
2a0d:a00::/29
2a0d:b400::/29
2a0e:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
b4:a8:bc:4e:6a:64:ea:8c:c6:d4:a6:d0:06:80:c7:60:b8:4e:
c1:79:33:e6:b2:d7:cb:4e:77:92:ae:8e:b9:6f:79:b9:56:bb:
c7:8c:1b:e3:70:eb:b5:25:28:29:da:87:ff:75:36:c7:fa:3e:
26:18:17:cc:e5:c9:c8:a2:89:ad:21:db:2c:ef:39:04:a5:f4:
bd:60:c6:3c:38:22:20:f8:13:88:d4:7b:25:7c:f5:44:ea:84:
a1:82:b6:02:9c:f4:a4:94:66:43:b0:77:10:2c:0c:c9:e9:c5:
ef:03:53:a5:15:94:ce:a5:69:18:62:73:ba:46:da:0f:28:45:
51:59:17:68:d6:97:57:fd:b1:36:a6:3c:6d:d2:f5:8e:96:91:
7b:b6:b1:dd:ef:b6:2b:40:f7:f9:de:35:2e:3b:5f:0a:50:b4:
d2:d8:06:12:f5:76:ee:0b:21:ed:33:c8:2d:33:36:68:39:de:
d0:cd:96:88:70:e9:08:5e:7b:cc:3b:9a:b7:43:31:56:5f:4e:
53:8a:4f:6b:2c:49:f3:73:c8:fb:53:49:35:83:6b:18:d8:4c:
bd:a3:83:72:69:d7:b2:f3:6c:ef:b9:30:c3:21:f0:d4:14:79:
82:a8:38:e5:9f:81:63:ab:d7:69:be:21:5b:fd:00:ef:41:dc:
4b:82:7c:62
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY4S3a0or8eJ6GSo60pgJsoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwMzA2MDgyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE0NDcxZTkzYjAyMzM2Zjg1NzExODRiNDgxMzZhODVjYmY2YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33b7zU2P7G+kZDPTVvFLikhPT4qx
ai4OVnC5DNC6aMBw9chdVkdCRBinnAvD/PrxU+rHbTnKoG4w4GtN2X2R8V9h7L+2
XeuVsf6gCuXHCjJ3T7hsTIlMYJfVXXuRFAzMkl9zLozBQdEsQRK6wJ6IN6T7k8Y9
yqhebNxK9HwiWiO+GUF009lCYYOTwLQSFMtmOndtUtfHDxgd/gmHdbly2KaVVgCk
K3jTyoccMNV8xHX7Sflt5k6vAkvKuVceP4Wa4ZVfr9h0NffLeZH/4wA0JawgfMrZ
+z9spMmvDhGsIPKbjuJm/yYhQZ0//I50F3a8Zx5CKx6WAF6XX8sBwqgqSwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIGkRx6TsCM2+FcRhLSBNqhcv2sRMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvZ2FSSEhwT3dJemI0VnhHRXRJRTJxRnlfYXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQALVgEAwQA
m4UhAwQBm4U8AwQCueFkAwQCueRsMCIEAgACMBwDBQMqBh4AAwUDKg0KAAMFAyoN
tAADBQMqDk0AMA0GCSqGSIb3DQEBCwUAA4IBAQC0qLxOamTqjMbUptAGgMdguE7B
eTPmstfLTneSro65b3m5VrvHjBvjcOu1JSgp2of/dTbH+j4mGBfM5cnIoomtIdss
7zkEpfS9YMY8OCIg+BOI1HslfPVE6oShgrYCnPSklGZDsHcQLAzJ6cXvA1OlFZTO
pWkYYnO6RtoPKEVRWRdo1pdX/bE2pjxt0vWOlpF7trHd77YrQPf53jUuO18KULTS
2AYS9XbuCyHtM8gtMzZoOd7QzZaIcOkIXnvMO5q3QzFWX05Tik9rLEnzc8j7U0k1
g2sY2Ey9o4Nyadey82zvuTDDIfDUFHmCqDjln4Fjq9dpviFb/QDvQdxLgnxi
-----END CERTIFICATE-----
Generated at Fri May 17 13:16:58 2024 by rpki-client on console-fra.rpki-client.org