Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/GJ2Cqz8OoJtZLn5pPYKY0fnYR7k.roa
File: GJ2Cqz8OoJtZLn5pPYKY0fnYR7k.roa (raw, json)
Hash identifier: hUBNIpfEgthz00BR4IAAZopLj7QZ2Di6DGDA/ZjpvcY=
Subject key identifier: 18:9D:82:AB:3F:0E:A0:9B:59:2E:7E:69:3D:82:98:D1:F9:D8:47:B9
Certificate issuer: /CN=eecc4cf37241ced1467c918aa276d388b0a82ed5
Certificate serial: 019103AEFA38828CB383430AFCDFA5E9B991
Authority key identifier: EE:CC:4C:F3:72:41:CE:D1:46:7C:91:8A:A2:76:D3:88:B0:A8:2E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7sxM83JBztFGfJGKonbTiLCoLtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/GJ2Cqz8OoJtZLn5pPYKY0fnYR7k.roa
Signing time: Tue 30 Jul 2024 12:48:04 +0000
ROA not before: Tue 30 Jul 2024 12:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39505
IP address blocks: 78.40.136.0/24 maxlen: 24
78.40.137.0/24 maxlen: 24
78.40.138.0/24 maxlen: 24
87.247.248.0/24 maxlen: 24
87.247.249.0/24 maxlen: 24
87.247.250.0/24 maxlen: 24
87.247.252.0/24 maxlen: 24
87.247.254.0/24 maxlen: 24
87.247.255.0/24 maxlen: 24
93.93.8.0/24 maxlen: 24
93.93.12.0/24 maxlen: 24
93.93.13.0/24 maxlen: 24
178.249.170.0/24 maxlen: 24
185.75.48.0/24 maxlen: 24
2a00:6580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/7sxM83JBztFGfJGKonbTiLCoLtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/7sxM83JBztFGfJGKonbTiLCoLtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7sxM83JBztFGfJGKonbTiLCoLtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:ae:fa:38:82:8c:b3:83:43:0a:fc:df:a5:e9:b9:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eecc4cf37241ced1467c918aa276d388b0a82ed5
Validity
Not Before: Jul 30 12:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=189d82ab3f0ea09b592e7e693d8298d1f9d847b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1f:0c:1d:53:91:52:3e:32:f8:01:7c:92:3b:
0f:a5:6c:b9:02:ac:76:49:39:cf:55:ba:c7:2d:ee:
b6:f4:20:51:86:6d:e4:94:14:7f:f0:f5:eb:9d:43:
4d:be:70:eb:13:e6:cb:cd:d9:a0:ab:2e:3f:67:40:
c5:aa:88:ec:6f:3d:b6:ab:ae:96:ab:bd:59:3b:27:
3b:06:2a:de:bb:c4:39:4f:2a:40:ff:75:c6:5e:b4:
d3:a1:1f:b7:95:88:c3:1a:ea:13:ad:d9:5a:13:cd:
df:f3:37:16:f1:b4:49:1a:db:7f:08:81:17:06:58:
5a:a7:2b:6d:dc:57:61:71:73:da:6e:86:47:db:91:
b2:32:a8:99:b9:85:4d:fd:07:17:d4:8f:bf:d9:7a:
a0:53:76:23:ce:30:4f:79:88:84:9f:d2:62:66:3a:
bd:90:1c:ec:6c:2f:e6:bd:06:f1:86:2d:70:33:cc:
08:57:d0:c1:0d:3a:1f:a0:68:38:80:09:0d:43:ee:
53:00:33:28:f2:ef:e4:1c:eb:d1:d7:ed:fb:e2:fd:
b9:9f:ff:04:35:41:52:64:d7:64:0e:90:87:5a:c6:
8e:a5:06:b3:dd:38:cf:ab:e4:41:9a:49:aa:e9:38:
06:3f:1c:7f:70:4c:a9:60:c6:84:e8:01:81:72:36:
bd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9D:82:AB:3F:0E:A0:9B:59:2E:7E:69:3D:82:98:D1:F9:D8:47:B9
X509v3 Authority Key Identifier:
keyid:EE:CC:4C:F3:72:41:CE:D1:46:7C:91:8A:A2:76:D3:88:B0:A8:2E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7sxM83JBztFGfJGKonbTiLCoLtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/GJ2Cqz8OoJtZLn5pPYKY0fnYR7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/7sxM83JBztFGfJGKonbTiLCoLtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.136.0-78.40.138.255
87.247.248.0-87.247.250.255
87.247.252.0/24
87.247.254.0/23
93.93.8.0/24
93.93.12.0/23
178.249.170.0/24
185.75.48.0/24
IPv6:
2a00:6580::/32
Signature Algorithm: sha256WithRSAEncryption
3d:8a:7b:cf:7e:ba:ef:b5:9f:de:5a:26:90:e8:72:a6:09:c2:
0d:f6:0a:71:48:fb:01:89:1f:50:ec:91:a3:b8:15:34:1b:f3:
68:8a:8c:65:59:6a:f5:1b:17:a5:a8:f3:31:3f:69:db:2d:85:
6a:ec:ac:0e:d1:9d:c3:12:11:68:0d:32:3f:49:96:03:c6:7f:
6c:19:bf:2b:fb:9c:73:61:83:58:73:8b:a9:97:1b:d3:f6:a0:
ab:8c:a0:40:84:05:53:37:94:fe:9b:2e:c7:40:a0:9b:92:3c:
88:35:66:15:71:c3:d7:c0:c2:04:33:e3:9c:0f:a7:e1:59:2f:
aa:ec:d4:c3:26:57:2c:88:6c:4b:35:0c:ba:24:a1:b8:31:c5:
18:ab:44:09:36:ab:d0:3b:cb:19:a3:59:66:09:b9:e4:97:eb:
35:c0:b7:d1:75:81:cd:1f:01:a8:a1:a9:70:ed:06:0d:c9:1c:
b3:ee:50:59:49:87:95:6e:5f:7a:d9:53:a9:3d:ef:5b:2e:75:
22:57:cd:be:0b:41:3f:77:19:0f:8c:a5:24:5e:ab:9e:21:fa:
6a:1e:b6:7e:0b:3f:41:44:c3:72:55:e0:0d:b0:cd:30:6a:bd:
b4:fd:cd:07:28:56:c5:c0:35:0d:1e:ee:54:78:7c:7d:dc:9f:
7c:21:b3:81
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZEDrvo4goyzg0MK/N+l6bmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlY2M0Y2YzNzI0MWNlZDE0NjdjOTE4YWEyNzZkMzg4YjBh
ODJlZDUwHhcNMjQwNzMwMTI0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODlkODJhYjNmMGVhMDliNTkyZTdlNjkzZDgyOThkMWY5ZDg0N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR8MHVORUj4y+AF8kjsPpWy5Aqx2
STnPVbrHLe629CBRhm3klBR/8PXrnUNNvnDrE+bLzdmgqy4/Z0DFqojsbz22q66W
q71ZOyc7Bireu8Q5TypA/3XGXrTToR+3lYjDGuoTrdlaE83f8zcW8bRJGtt/CIEX
Blhapytt3FdhcXPaboZH25GyMqiZuYVN/QcX1I+/2XqgU3YjzjBPeYiEn9JiZjq9
kBzsbC/mvQbxhi1wM8wIV9DBDTofoGg4gAkNQ+5TADMo8u/kHOvR1+374v25n/8E
NUFSZNdkDpCHWsaOpQaz3TjPq+RBmkmq6TgGPxx/cEypYMaE6AGBcja91wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFBidgqs/DqCbWS5+aT2CmNH52Ee5MB8GA1UdIwQY
MBaAFO7MTPNyQc7RRnyRiqJ204iwqC7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3N4TTgzSkJ6dEZHZkpHS29uYlRpTENvTHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jZjdkOTMtYTA3Ni00OWZmLTliYWYt
NWEzN2FmNDM5MDRjLzEvR0oyQ3F6OE9vSnRaTG41cFBZS1kwZm5ZUjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jZjdkOTMtYTA3Ni00OWZmLTliYWYtNWEzN2FmNDM5MDRj
LzEvN3N4TTgzSkJ6dEZHZkpHS29uYlRpTENvTHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBANOKIgD
BABOKIowDAMEA1f3+AMEAFf3+gMEAFf3/AMEAVf3/gMEAF1dCAMEAV1dDAMEALL5
qgMEALlLMDANBAIAAjAHAwUAKgBlgDANBgkqhkiG9w0BAQsFAAOCAQEAPYp7z366
77Wf3lomkOhypgnCDfYKcUj7AYkfUOyRo7gVNBvzaIqMZVlq9RsXpajzMT9p2y2F
auysDtGdwxIRaA0yP0mWA8Z/bBm/K/ucc2GDWHOLqZcb0/agq4ygQIQFUzeU/psu
x0Cgm5I8iDVmFXHD18DCBDPjnA+n4VkvquzUwyZXLIhsSzUMuiShuDHFGKtECTar
0DvLGaNZZgm55JfrNcC30XWBzR8BqKGpcO0GDckcs+5QWUmHlW5fetlTqT3vWy51
IlfNvgtBP3cZD4ylJF6rniH6ah62fgs/QUTDclXgDbDNMGq9tP3NByhWxcA1DR7u
VHh8fdyffCGzgQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:23:02 2024 by rpki-client on console-fra.rpki-client.org