Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/GeQFwwE4I-D3o9pCZjHiMsiIzwE.roa
File: GeQFwwE4I-D3o9pCZjHiMsiIzwE.roa (raw, json)
Hash identifier: wFeiHk0WR5zGrwhCjUZFkrb7KUYm8e1xADAIuLqMA6g=
Subject key identifier: 19:E4:05:C3:01:38:23:E0:F7:A3:DA:42:66:31:E2:32:C8:88:CF:01
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018CC6B92A50E3EC483B4D3B330BE871F0D6
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/GeQFwwE4I-D3o9pCZjHiMsiIzwE.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210539
IP address blocks: 185.196.221.0/24 maxlen: 24
185.162.90.0/24 maxlen: 24
185.170.130.0/24 maxlen: 24
185.170.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2a:50:e3:ec:48:3b:4d:3b:33:0b:e8:71:f0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19e405c3013823e0f7a3da426631e232c888cf01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b5:7b:33:5c:e1:9e:ab:db:7f:a7:7a:eb:93:
1b:8f:7f:a9:2a:85:fd:07:ea:d1:4e:01:f0:a2:00:
0f:a1:ef:95:05:80:0f:dc:ca:2e:c0:0d:c5:50:54:
19:1b:67:aa:15:8b:bb:c2:46:2c:74:1b:f1:10:b7:
41:c6:7c:30:a8:be:fc:16:02:8b:8b:53:9c:50:19:
4a:0f:e0:f6:36:ae:80:11:4f:50:b3:1d:67:d5:09:
08:0d:2a:e7:b7:15:7f:ca:76:8f:78:ef:53:fe:e0:
52:5a:e0:55:e4:49:f7:30:d6:ec:11:2d:d9:99:da:
35:94:4d:97:bf:1d:95:02:22:90:d0:11:df:a4:3e:
4a:be:50:ac:42:e3:87:ac:2e:40:e8:07:3b:4d:78:
f5:ef:d4:a4:3d:47:51:9a:ab:85:8d:2b:a4:8f:2d:
bc:4d:0e:47:c7:8c:da:1c:ff:14:e5:9d:bc:d5:02:
cf:3e:2a:f1:6c:8c:01:20:d5:0d:e7:0f:ee:03:4a:
5d:74:ca:04:62:8e:ef:78:29:56:e4:8c:a4:11:59:
b0:97:8e:58:c9:b3:d2:64:4a:d3:c9:89:71:02:1f:
fc:d7:d1:bc:e5:fb:59:df:06:c5:d2:9b:26:1b:8a:
02:84:8b:ae:39:53:7d:f6:e6:19:d3:84:b3:02:85:
47:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E4:05:C3:01:38:23:E0:F7:A3:DA:42:66:31:E2:32:C8:88:CF:01
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/GeQFwwE4I-D3o9pCZjHiMsiIzwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.90.0/24
185.170.128.0/24
185.170.130.0/24
185.196.221.0/24
Signature Algorithm: sha256WithRSAEncryption
53:32:b3:9f:28:bc:3c:c2:00:0d:35:4b:c7:04:04:e4:03:dd:
e3:89:f8:56:54:ab:bd:b2:ea:58:c7:69:b2:7c:69:e8:0a:80:
81:ba:be:91:63:2f:ed:b7:24:a9:96:5a:cd:30:9e:ea:24:14:
da:2d:f1:f8:2c:69:d5:2f:85:78:61:ad:dc:b6:a1:d6:f0:12:
d9:19:68:86:87:49:18:69:29:e1:12:20:0c:b0:1b:41:bf:6f:
ae:30:2e:74:a8:36:60:b9:aa:67:c1:47:22:c3:c0:3e:d2:67:
29:a4:b8:b9:8e:2d:a9:a8:ca:f5:76:8c:ef:c9:52:22:61:49:
6f:5b:f6:bc:65:b5:63:53:4c:20:90:c3:81:44:15:5f:00:72:
7d:69:77:c3:8d:74:bd:42:0a:bb:93:c1:71:81:49:c2:93:16:
00:b5:3c:30:c8:1b:14:6d:b3:59:8d:e5:18:2a:64:ac:16:79:
40:9f:02:db:6b:ba:5f:71:98:69:5c:c6:fa:b6:7d:6b:11:b4:
b0:46:86:c5:d6:62:d0:9c:d1:24:59:8e:4d:07:aa:1f:cd:f4:
d9:08:36:9a:18:dc:d5:a9:08:b1:07:45:2c:57:dd:0c:8c:83:
37:e1:ef:f9:b2:43:80:d9:c5:14:54:03:72:9b:fa:4f:2d:9f:
55:b6:63:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuSpQ4+xIO007MwvocfDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU0MDVjMzAxMzgyM2UwZjdhM2RhNDI2NjMxZTIzMmM4ODhjZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLV7M1zhnqvbf6d665Mbj3+pKoX9
B+rRTgHwogAPoe+VBYAP3MouwA3FUFQZG2eqFYu7wkYsdBvxELdBxnwwqL78FgKL
i1OcUBlKD+D2Nq6AEU9Qsx1n1QkIDSrntxV/ynaPeO9T/uBSWuBV5En3MNbsES3Z
mdo1lE2Xvx2VAiKQ0BHfpD5KvlCsQuOHrC5A6Ac7TXj179SkPUdRmquFjSukjy28
TQ5Hx4zaHP8U5Z281QLPPirxbIwBINUN5w/uA0pddMoEYo7veClW5IykEVmwl45Y
ybPSZErTyYlxAh/819G85ftZ3wbF0psmG4oChIuuOVN99uYZ04SzAoVH1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBnkBcMBOCPg96PaQmYx4jLIiM8BMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvR2VRRnd3RTRJLUQzbzlwQ1pqSGlNc2lJendFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaJaAwQA
uaqAAwQAuaqCAwQAucTdMA0GCSqGSIb3DQEBCwUAA4IBAQBTMrOfKLw8wgANNUvH
BATkA93jifhWVKu9supYx2myfGnoCoCBur6RYy/ttySpllrNMJ7qJBTaLfH4LGnV
L4V4Ya3ctqHW8BLZGWiGh0kYaSnhEiAMsBtBv2+uMC50qDZguapnwUciw8A+0mcp
pLi5ji2pqMr1dozvyVIiYUlvW/a8ZbVjU0wgkMOBRBVfAHJ9aXfDjXS9Qgq7k8Fx
gUnCkxYAtTwwyBsUbbNZjeUYKmSsFnlAnwLba7pfcZhpXMb6tn1rEbSwRobF1mLQ
nNEkWY5NB6ofzfTZCDaaGNzVqQixB0UsV90MjIM34e/5skOA2cUUVANym/pPLZ9V
tmNH
-----END CERTIFICATE-----
Generated at Wed May 15 18:27:25 2024 by rpki-client on console-ams.rpki-client.org