Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/GR9JIYL-GwHYKwF_F3fI5cVYHIw.roa
File: GR9JIYL-GwHYKwF_F3fI5cVYHIw.roa (raw, json)
Hash identifier: HCucHems+RldWH46hS7ILhnK+ZZ509STqsRHwqhwOvM=
Subject key identifier: 19:1F:49:21:82:FE:1B:01:D8:2B:01:7F:17:77:C8:E5:C5:58:1C:8C
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB36964AB0DF64085CAED06BFFC10
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/GR9JIYL-GwHYKwF_F3fI5cVYHIw.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199478
IP address blocks: 89.140.116.0/22 maxlen: 24
89.140.229.0/24 maxlen: 24
89.140.234.0/23 maxlen: 24
62.82.32.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b3:69:64:ab:0d:f6:40:85:ca:ed:06:bf:fc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191f492182fe1b01d82b017f1777c8e5c5581c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1a:66:99:67:c4:bf:46:72:c1:7e:1d:9f:c6:
61:4d:17:f8:f4:fc:be:7c:97:0e:44:ab:0c:30:1a:
2b:f1:d7:13:ee:09:fa:a7:9f:f7:28:98:79:15:c5:
f3:38:72:a2:53:e9:b1:f2:3d:4c:69:fc:7d:6b:aa:
82:08:32:93:cd:fa:68:31:19:16:98:d6:9c:aa:b3:
f8:90:c6:3e:2a:f4:72:84:62:4b:73:0b:11:59:98:
06:f5:c6:cb:e9:4c:9c:64:28:fa:8a:4a:20:66:d1:
15:6c:5b:43:7c:3c:70:44:05:92:7a:62:16:8a:72:
1a:ce:0d:f7:e1:6e:88:ac:2d:e8:c5:69:e6:39:ee:
af:da:fc:96:76:60:3a:d9:37:2d:18:e4:cb:c6:ac:
7f:1c:0d:a0:b7:14:4c:b3:e4:04:76:84:1e:87:76:
da:a2:f2:e9:35:f0:a3:cd:7f:6a:ba:83:b3:da:56:
c2:8e:84:77:31:a5:ff:77:9c:a4:6e:46:c2:cd:14:
60:be:48:04:7e:2a:cb:c2:74:8c:87:26:3d:6f:76:
a9:8c:3a:90:7d:87:a7:b3:f5:73:d3:fd:48:66:1b:
b3:c8:81:90:fe:e5:38:95:04:3a:49:5d:3e:8c:ea:
53:50:62:4b:95:57:ec:18:2f:0c:8c:aa:2b:5b:1b:
2e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1F:49:21:82:FE:1B:01:D8:2B:01:7F:17:77:C8:E5:C5:58:1C:8C
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/GR9JIYL-GwHYKwF_F3fI5cVYHIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.82.32.0/23
89.140.116.0/22
89.140.229.0/24
89.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
27:d0:78:b4:0b:97:93:1b:74:6c:61:8a:ec:58:d2:88:09:51:
d3:a3:ff:1f:62:f7:f3:01:44:56:4e:ef:6a:00:b7:2d:64:ea:
7a:dd:4b:b9:f0:36:a8:85:35:b2:29:f9:ba:09:33:c9:17:d0:
19:b5:bc:32:44:d3:2e:02:7a:d5:2c:5f:fc:ed:5d:db:ac:93:
c6:cb:91:73:61:e8:3c:4c:bd:0e:30:c4:32:7b:60:98:21:75:
57:dd:75:0b:98:12:7e:43:6c:b7:df:c0:d2:e1:a5:67:3c:dd:
5c:d7:fb:83:a6:f7:e2:7b:49:fc:60:e1:9f:4d:19:66:a0:a7:
27:32:5a:fe:dc:02:b1:80:c3:3b:87:8c:5b:4c:98:4d:1e:67:
13:e2:3a:25:36:5b:bf:fd:00:88:49:7d:9f:3b:22:cf:65:23:
df:55:24:30:a0:44:06:f9:ad:7c:c3:81:dc:4f:b1:be:7c:5a:
df:5f:1b:db:f4:21:e4:07:9a:1c:72:73:4f:04:8f:47:c2:ec:
f0:8d:1e:df:0d:11:64:c0:b6:ac:95:45:0e:af:b9:d0:c1:d5:
55:ee:81:d6:9e:69:6f:68:2c:24:7d:45:6e:c2:cd:0f:19:0d:
4e:d6:90:78:a5:8b:70:83:72:b7:c0:9f:1f:1b:c0:c8:14:2c:
a9:64:f0:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3LNpZKsN9kCFyu0Gv/wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFmNDkyMTgyZmUxYjAxZDgyYjAxN2YxNzc3YzhlNWM1NTgxYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxpmmWfEv0ZywX4dn8ZhTRf49Py+
fJcORKsMMBor8dcT7gn6p5/3KJh5FcXzOHKiU+mx8j1Mafx9a6qCCDKTzfpoMRkW
mNacqrP4kMY+KvRyhGJLcwsRWZgG9cbL6UycZCj6ikogZtEVbFtDfDxwRAWSemIW
inIazg334W6IrC3oxWnmOe6v2vyWdmA62TctGOTLxqx/HA2gtxRMs+QEdoQeh3ba
ovLpNfCjzX9quoOz2lbCjoR3MaX/d5ykbkbCzRRgvkgEfirLwnSMhyY9b3apjDqQ
fYens/Vz0/1IZhuzyIGQ/uU4lQQ6SV0+jOpTUGJLlVfsGC8MjKorWxsudQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBkfSSGC/hsB2CsBfxd3yOXFWByMMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvR1I5SklZTC1Hd0hZS3dGX0YzZkk1Y1ZZSEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBPlIgAwQC
WYx0AwQAWYzlAwQBWYzqMA0GCSqGSIb3DQEBCwUAA4IBAQAn0Hi0C5eTG3RsYYrs
WNKICVHTo/8fYvfzAURWTu9qALctZOp63Uu58DaohTWyKfm6CTPJF9AZtbwyRNMu
AnrVLF/87V3brJPGy5FzYeg8TL0OMMQye2CYIXVX3XULmBJ+Q2y338DS4aVnPN1c
1/uDpvfie0n8YOGfTRlmoKcnMlr+3AKxgMM7h4xbTJhNHmcT4jolNlu//QCISX2f
OyLPZSPfVSQwoEQG+a18w4HcT7G+fFrfXxvb9CHkB5occnNPBI9HwuzwjR7fDRFk
wLaslUUOr7nQwdVV7oHWnmlvaCwkfUVuws0PGQ1O1pB4pYtwg3K3wJ8fG8DIFCyp
ZPDE
-----END CERTIFICATE-----
Generated at Sun May 19 07:21:23 2024 by rpki-client on console-ams.rpki-client.org