Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/GPVQKiv2kfwlhUy1TzF5EG4QNeE.roa
File: GPVQKiv2kfwlhUy1TzF5EG4QNeE.roa (raw, json)
Hash identifier: TKvwLPVWyOOSs37hoySa0NtV0RTszkfh655OBWKFDSo=
Subject key identifier: 18:F5:50:2A:2B:F6:91:FC:25:85:4C:B5:4F:31:79:10:6E:10:35:E1
Certificate issuer: /CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Certificate serial: 018CC9BC71B6405DA57B076497DFF8B9D02E
Authority key identifier: 7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/GPVQKiv2kfwlhUy1TzF5EG4QNeE.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9558
IP address blocks: 194.24.250.0/24 maxlen: 24
194.24.251.0/24 maxlen: 24
217.195.145.0/24 maxlen: 24
217.195.144.0/24 maxlen: 24
2a06:2340:2000::/44 maxlen: 44
2a06:2340:1000::/44 maxlen: 44
2a06:2340:3000::/44 maxlen: 44
2a0d:9e40:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/fx0OMpi-06fzn7OyRO2Ri_bE178.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/fx0OMpi-06fzn7OyRO2Ri_bE178.mft
rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:71:b6:40:5d:a5:7b:07:64:97:df:f8:b9:d0:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18f5502a2bf691fc25854cb54f3179106e1035e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:d7:0c:56:09:55:19:e1:3a:f4:75:35:5e:
7c:1b:d6:4e:37:db:66:95:66:cc:31:f8:2a:98:2b:
6e:38:98:62:5c:a1:3b:52:b7:dd:8b:89:ad:df:a5:
37:7c:95:4c:93:c6:a3:40:17:16:43:34:6e:09:82:
c4:be:fb:e4:4e:4f:ba:c6:27:1e:60:6f:8d:0f:1e:
a2:e9:cb:fc:5d:fc:74:f7:e3:4c:60:7b:23:7a:3b:
ee:4a:41:cf:bf:66:16:7e:7a:60:b4:7c:7a:6b:23:
f5:3a:70:59:07:4b:e5:dc:27:d3:70:b1:56:d1:ff:
b0:f9:0d:85:b1:79:18:9f:4b:8c:c3:d1:03:4c:1e:
1b:bc:d5:4d:2e:61:d0:b4:11:75:3b:67:70:81:b9:
6b:5c:d9:db:e7:dc:61:61:80:3f:58:15:2e:1e:62:
b9:a2:7c:57:ba:2a:a3:2c:0b:12:13:2e:5b:61:6a:
dc:d4:15:0f:ba:e3:ee:1b:8e:fe:e7:d3:4c:20:ea:
74:d0:60:bf:41:fa:6c:4a:f1:0a:14:65:81:b5:cc:
0f:35:19:76:6b:3c:1a:61:33:42:55:82:e0:b3:9d:
0d:a9:8c:67:aa:45:6c:3f:56:98:2c:71:bf:2c:0c:
8d:19:16:63:4f:13:91:45:30:6c:59:0a:77:c0:27:
dc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F5:50:2A:2B:F6:91:FC:25:85:4C:B5:4F:31:79:10:6E:10:35:E1
X509v3 Authority Key Identifier:
keyid:7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/GPVQKiv2kfwlhUy1TzF5EG4QNeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/fx0OMpi-06fzn7OyRO2Ri_bE178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.250.0/23
217.195.144.0/23
IPv6:
2a06:2340:1000::/44
2a06:2340:2000::/44
2a06:2340:3000::/44
2a0d:9e40:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5b:e0:d3:67:1e:5d:0f:be:7b:a4:a7:dc:e4:3d:bd:75:60:4d:
29:0b:d0:7e:da:ec:9a:ac:76:e1:d3:d5:ba:51:f9:92:e4:76:
53:7a:a0:38:4f:34:86:ae:ab:7b:6d:b5:99:b5:ee:41:8d:8e:
f0:44:c8:10:94:fe:20:ea:7d:35:f2:52:1a:8d:3b:3a:21:76:
9c:65:4e:ed:a5:61:4e:9d:4e:20:dc:57:be:f7:b9:7f:23:33:
af:5a:7b:f2:58:86:78:5f:87:7d:97:02:62:37:35:d1:b9:bc:
b7:a5:2f:d9:0e:ac:14:5d:2f:8e:15:91:ef:80:95:7c:17:26:
12:32:38:48:f2:c6:78:bd:47:59:20:0f:61:79:86:c6:b5:0a:
a0:44:38:c0:e0:43:bf:12:8f:6a:1c:e8:4d:07:cf:b5:4d:e3:
ca:f6:f1:f6:54:70:64:ff:46:3f:f1:4d:fa:7a:40:a5:85:97:
69:08:db:bd:f8:7e:0e:49:01:b8:90:9d:79:03:3d:e0:e4:3b:
b2:f1:74:bc:52:0b:91:68:1a:b3:e3:ad:0e:8e:59:c5:71:b8:
d5:d8:f8:be:b9:11:6c:b2:b5:c9:ae:f4:cb:3a:9f:75:b2:b1:
90:d3:6d:96:6f:e3:14:f6:4e:56:f6:a9:34:ab:7e:a2:23:d4:
4d:14:d6:b7
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzJvHG2QF2lewdkl9/4udAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMWQwZTMyOThiZWQzYTdmMzlmYjNiMjQ0ZWQ5MThiZjZj
NGQ3YmYwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY1NTAyYTJiZjY5MWZjMjU4NTRjYjU0ZjMxNzkxMDZlMTAzNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrjXDFYJVRnhOvR1NV58G9ZON9tm
lWbMMfgqmCtuOJhiXKE7Urfdi4mt36U3fJVMk8ajQBcWQzRuCYLEvvvkTk+6xice
YG+NDx6i6cv8Xfx09+NMYHsjejvuSkHPv2YWfnpgtHx6ayP1OnBZB0vl3CfTcLFW
0f+w+Q2FsXkYn0uMw9EDTB4bvNVNLmHQtBF1O2dwgblrXNnb59xhYYA/WBUuHmK5
onxXuiqjLAsSEy5bYWrc1BUPuuPuG47+59NMIOp00GC/QfpsSvEKFGWBtcwPNRl2
azwaYTNCVYLgs50NqYxnqkVsP1aYLHG/LAyNGRZjTxORRTBsWQp3wCfcUwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBj1UCor9pH8JYVMtU8xeRBuEDXhMB8GA1UdIwQY
MBaAFH8dDjKYvtOn85+zskTtkYv2xNe/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMt
MjFhZjNkZWU4ZWU5LzEvR1BWUUtpdjJrZndsaFV5MVR6RjVFRzRRTmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMtMjFhZjNkZWU4ZWU5
LzEvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzASBAIAATAMAwQBwhj6AwQB
2cOQMCkEAgACMCMDBwQqBiNAEAADBwQqBiNAIAADBwQqBiNAMAADBgQqDZ5AEDAN
BgkqhkiG9w0BAQsFAAOCAQEAW+DTZx5dD757pKfc5D29dWBNKQvQftrsmqx24dPV
ulH5kuR2U3qgOE80hq6re221mbXuQY2O8ETIEJT+IOp9NfJSGo07OiF2nGVO7aVh
Tp1OINxXvve5fyMzr1p78liGeF+HfZcCYjc10bm8t6Uv2Q6sFF0vjhWR74CVfBcm
EjI4SPLGeL1HWSAPYXmGxrUKoEQ4wOBDvxKPahzoTQfPtU3jyvbx9lRwZP9GP/FN
+npApYWXaQjbvfh+DkkBuJCdeQM94OQ7svF0vFILkWgas+OtDo5ZxXG41dj4vrkR
bLK1ya70yzqfdbKxkNNtlm/jFPZOVvapNKt+oiPUTRTWtw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:23:03 2024 by rpki-client on console-fra.rpki-client.org