Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/GbsJvtplpWaPoPiz_x2fVSFUrPY.roa
File: GbsJvtplpWaPoPiz_x2fVSFUrPY.roa (raw, json)
Hash identifier: yfh+9320wjoBW4Bo4VTRcsZ6IugcrcoZ4UL35SwIRTc=
Subject key identifier: 19:BB:09:BE:DA:65:A5:66:8F:A0:F8:B3:FF:1D:9F:55:21:54:AC:F6
Certificate issuer: /CN=43acc2f2be1a36b089216544d23c95ace232e143
Certificate serial: 018CC3B73C4832B230E564A9B389C7CB26F9
Authority key identifier: 43:AC:C2:F2:BE:1A:36:B0:89:21:65:44:D2:3C:95:AC:E2:32:E1:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/GbsJvtplpWaPoPiz_x2fVSFUrPY.roa
Signing time: Mon 01 Jan 2024 06:30:14 +0000
ROA not before: Mon 01 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57154
IP address blocks: 185.80.168.0/22 maxlen: 24
5.10.8.0/21 maxlen: 24
185.36.44.0/22 maxlen: 24
213.152.96.0/19 maxlen: 24
88.133.248.0/21 maxlen: 24
31.47.80.0/21 maxlen: 24
2a03:80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3c:48:32:b2:30:e5:64:a9:b3:89:c7:cb:26:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43acc2f2be1a36b089216544d23c95ace232e143
Validity
Not Before: Jan 1 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19bb09beda65a5668fa0f8b3ff1d9f552154acf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ae:87:2d:9a:45:50:d3:28:72:ec:67:d2:ac:
44:87:88:ce:78:79:64:d4:c5:8b:92:3f:e5:81:42:
7c:eb:45:40:24:ca:47:58:8e:1d:7d:a8:65:64:17:
aa:65:2d:67:52:a4:72:ef:47:b8:fb:47:0c:16:fc:
6e:26:96:ab:1f:3f:3b:58:f3:1f:1a:85:ab:ba:70:
e2:18:ed:b4:2d:a6:32:ba:b6:1b:bc:62:d7:a0:bb:
a9:40:cf:29:4a:fe:dd:2c:43:0c:0f:db:b1:29:a8:
ee:24:88:aa:03:74:ab:60:bd:84:b6:29:ab:6a:97:
47:5a:d6:61:42:1f:8a:cb:d8:61:9f:87:4c:d9:c8:
47:b1:00:64:2a:c9:23:cb:7f:8f:a0:30:79:b2:11:
40:ee:dc:46:0d:78:8e:32:27:56:3c:81:f8:d2:c0:
e4:2c:f0:d7:71:fd:4d:e4:d8:fd:7c:71:e4:55:2c:
51:36:7e:4d:8f:e2:7b:0c:13:23:45:9e:df:56:dc:
fa:9a:03:7c:99:23:7a:65:31:20:e0:0b:95:98:b0:
7f:a6:56:cb:c0:99:39:64:a4:86:71:49:89:38:50:
3d:88:2d:08:51:fc:16:48:87:77:89:8b:cb:0d:4d:
01:b2:97:68:41:11:34:7a:9b:24:0b:a6:34:19:d1:
da:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BB:09:BE:DA:65:A5:66:8F:A0:F8:B3:FF:1D:9F:55:21:54:AC:F6
X509v3 Authority Key Identifier:
keyid:43:AC:C2:F2:BE:1A:36:B0:89:21:65:44:D2:3C:95:AC:E2:32:E1:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/GbsJvtplpWaPoPiz_x2fVSFUrPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/eacd48-76ea-4ec7-a141-f5201658fa14/1/Q6zC8r4aNrCJIWVE0jyVrOIy4UM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.8.0/21
31.47.80.0/21
88.133.248.0/21
185.36.44.0/22
185.80.168.0/22
213.152.96.0/19
IPv6:
2a03:80::/32
Signature Algorithm: sha256WithRSAEncryption
53:d6:53:59:45:6a:49:02:a7:ed:9b:8f:07:59:4e:ef:11:f2:
0f:80:1f:c3:c8:1d:7b:0d:f1:55:87:6d:9e:62:06:27:4d:82:
09:aa:c8:80:49:d1:a6:f3:2b:9a:8d:40:34:1e:78:99:ac:2e:
6b:61:e6:9f:e2:33:55:ce:d2:bc:df:dc:ae:41:5d:30:a2:f4:
35:d5:cc:f8:60:c2:0a:db:ae:68:f2:fd:91:d8:b2:24:a1:af:
cf:ec:25:6d:dc:b8:5c:66:f6:2d:21:af:4d:22:c4:65:4b:71:
74:99:1a:6f:84:9f:ae:a1:b8:21:cc:fe:6b:b0:10:31:5f:de:
de:43:ee:53:ab:1b:cf:fc:b2:6a:d0:21:b5:14:07:7f:2e:e4:
7a:91:6d:81:ec:b0:76:39:6f:40:9b:f1:b3:3e:fd:ad:7b:fe:
9c:74:87:ab:ff:0b:c6:0f:1d:ec:4a:b8:bd:75:b1:11:3d:8e:
0b:9e:67:78:83:bb:14:4e:cd:97:ab:7a:1f:1f:9a:db:b9:1c:
56:45:76:fa:54:e7:cf:62:d8:79:e5:e6:fc:b9:43:4e:71:d8:
e6:cd:3e:13:4d:52:23:e7:d1:1d:c5:71:38:81:fd:c9:97:c0:
fc:77:60:4a:81:82:b1:42:8b:bd:13:fc:fe:f9:b9:f6:28:5e:
56:61:7c:ff
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDtzxIMrIw5WSps4nHyyb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWNjMmYyYmUxYTM2YjA4OTIxNjU0NGQyM2M5NWFjZTIz
MmUxNDMwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWJiMDliZWRhNjVhNTY2OGZhMGY4YjNmZjFkOWY1NTIxNTRhY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq6HLZpFUNMocuxn0qxEh4jOeHlk
1MWLkj/lgUJ860VAJMpHWI4dfahlZBeqZS1nUqRy70e4+0cMFvxuJparHz87WPMf
GoWrunDiGO20LaYyurYbvGLXoLupQM8pSv7dLEMMD9uxKajuJIiqA3SrYL2Etimr
apdHWtZhQh+Ky9hhn4dM2chHsQBkKskjy3+PoDB5shFA7txGDXiOMidWPIH40sDk
LPDXcf1N5Nj9fHHkVSxRNn5Nj+J7DBMjRZ7fVtz6mgN8mSN6ZTEg4AuVmLB/plbL
wJk5ZKSGcUmJOFA9iC0IUfwWSId3iYvLDU0BspdoQRE0epskC6Y0GdHaBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBm7Cb7aZaVmj6D4s/8dn1UhVKz2MB8GA1UdIwQY
MBaAFEOswvK+GjawiSFlRNI8laziMuFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZ6QzhyNGFOckNKSVdWRTBqeVZyT0l5NFVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9lYWNkNDgtNzZlYS00ZWM3LWExNDEt
ZjUyMDE2NThmYTE0LzEvR2JzSnZ0cGxwV2FQb1Bpel94MmZWU0ZVclBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9lYWNkNDgtNzZlYS00ZWM3LWExNDEtZjUyMDE2NThmYTE0
LzEvUTZ6QzhyNGFOckNKSVdWRTBqeVZyT0l5NFVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBQoIAwQD
Hy9QAwQDWIX4AwQCuSQsAwQCuVCoAwQF1ZhgMA0EAgACMAcDBQAqAwCAMA0GCSqG
SIb3DQEBCwUAA4IBAQBT1lNZRWpJAqftm48HWU7vEfIPgB/DyB17DfFVh22eYgYn
TYIJqsiASdGm8yuajUA0HniZrC5rYeaf4jNVztK839yuQV0wovQ11cz4YMIK265o
8v2R2LIkoa/P7CVt3LhcZvYtIa9NIsRlS3F0mRpvhJ+uobghzP5rsBAxX97eQ+5T
qxvP/LJq0CG1FAd/LuR6kW2B7LB2OW9Am/GzPv2te/6cdIer/wvGDx3sSri9dbER
PY4Lnmd4g7sUTs2Xq3ofH5rbuRxWRXb6VOfPYth55eb8uUNOcdjmzT4TTVIj59Ed
xXE4gf3Jl8D8d2BKgYKxQou9E/z++bn2KF5WYXz/
-----END CERTIFICATE-----
Generated at Tue Jun 18 06:23:45 2024 by rpki-client on console-ams.rpki-client.org