Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/GUsM4n0lEB6f8RpP9qCCBZxLZMY.roa
File: GUsM4n0lEB6f8RpP9qCCBZxLZMY.roa (raw, json)
Hash identifier: +dKtcWvfKHqlMhBLBrBhtABSfzVcCnlhMXOCHDXquPg=
Subject key identifier: 19:4B:0C:E2:7D:25:10:1E:9F:F1:1A:4F:F6:A0:82:05:9C:4B:64:C6
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018CC6B9256EC01E88FE5C5B0E37155D4837
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/GUsM4n0lEB6f8RpP9qCCBZxLZMY.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48435
IP address blocks: 195.42.112.0/23 maxlen: 23
195.42.112.0/24 maxlen: 24
195.42.113.0/24 maxlen: 24
193.169.78.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:25:6e:c0:1e:88:fe:5c:5b:0e:37:15:5d:48:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=194b0ce27d25101e9ff11a4ff6a082059c4b64c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d3:4d:72:d8:2b:e5:56:65:b3:d1:bd:c2:66:
ee:f9:bc:47:5d:e3:18:b1:d0:e0:e2:2f:14:81:51:
c8:d6:68:b3:7b:7b:04:99:b0:70:1c:6f:b3:7f:69:
96:8c:6a:71:75:4c:7e:18:aa:33:24:55:f3:07:3c:
2f:8c:97:48:30:8a:52:2a:5a:1b:fb:38:2d:5b:ef:
99:e8:c1:e9:21:ab:2a:db:d6:70:4c:72:09:51:07:
7f:fc:02:d0:07:27:cf:90:0c:94:4d:fc:b4:b2:4f:
b8:de:f5:82:7a:c7:5d:e9:d1:d4:dc:70:f0:9d:cf:
5d:46:27:f6:22:b0:3d:bf:b9:12:69:9d:34:f1:9e:
5c:34:87:d1:ac:4d:93:0e:ef:af:dd:f7:ea:3e:12:
83:07:b6:b5:b7:3f:71:ca:cd:25:d0:e1:a4:c8:8c:
af:03:82:37:22:ff:4c:6c:dc:4f:cd:48:07:d9:3a:
d0:f0:c4:2b:cf:c9:98:5f:36:72:e7:db:02:7e:c8:
4f:65:5a:1e:3c:32:df:aa:91:9f:21:31:4d:d6:88:
5d:80:df:39:34:0a:f4:82:0d:35:21:58:24:26:3a:
3a:c0:45:dd:f2:44:3c:8a:c2:24:72:7d:e7:ee:24:
a8:8b:93:0a:94:b2:0d:83:ea:db:ad:cd:00:80:5a:
1e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:4B:0C:E2:7D:25:10:1E:9F:F1:1A:4F:F6:A0:82:05:9C:4B:64:C6
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/GUsM4n0lEB6f8RpP9qCCBZxLZMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.78.0/23
195.42.112.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:83:36:da:09:3c:7c:e3:af:39:93:80:11:7d:69:c0:20:61:
7e:7c:e5:6f:0f:8f:52:15:fd:4b:e9:dc:4f:74:b2:b9:5d:47:
80:0b:15:6e:36:ee:9f:9f:64:83:59:38:b4:7f:ed:56:7b:d4:
ef:2a:e3:68:b7:84:5e:f2:d7:3b:56:f2:40:e3:fc:12:93:44:
ef:70:d3:17:1b:2e:e5:b8:a3:60:1e:da:29:83:b2:40:c1:06:
81:0b:c5:74:e3:52:3c:d4:c5:c0:7b:a5:4e:81:5a:e9:62:da:
63:d6:b0:97:1f:e8:b0:69:43:2d:8e:f7:0f:c3:b6:48:58:d2:
52:93:16:a5:65:cd:4c:f0:ba:8e:f1:6a:6d:06:c6:a5:0e:aa:
ef:b6:51:69:64:fd:62:52:35:fd:53:70:33:32:7f:bc:d6:08:
65:8d:2d:0e:8f:b9:93:73:44:db:32:68:fc:ca:9f:5e:f1:3e:
69:4f:8c:78:93:1e:88:28:4e:ca:b6:b6:e6:8a:6a:36:97:bc:
89:98:9e:4b:19:1e:76:09:b2:e9:4d:da:0a:90:ea:7f:ee:b7:
6f:f7:be:be:97:ca:e9:55:54:2d:5c:c5:64:6a:dc:9a:f8:8b:
89:77:14:22:36:2a:03:13:48:d3:58:c9:8a:e3:87:e5:3d:48:
1b:be:3f:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuSVuwB6I/lxbDjcVXUg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTRiMGNlMjdkMjUxMDFlOWZmMTFhNGZmNmEwODIwNTljNGI2NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29NNctgr5VZls9G9wmbu+bxHXeMY
sdDg4i8UgVHI1mize3sEmbBwHG+zf2mWjGpxdUx+GKozJFXzBzwvjJdIMIpSKlob
+zgtW++Z6MHpIasq29ZwTHIJUQd//ALQByfPkAyUTfy0sk+43vWCesdd6dHU3HDw
nc9dRif2IrA9v7kSaZ008Z5cNIfRrE2TDu+v3ffqPhKDB7a1tz9xys0l0OGkyIyv
A4I3Iv9MbNxPzUgH2TrQ8MQrz8mYXzZy59sCfshPZVoePDLfqpGfITFN1ohdgN85
NAr0gg01IVgkJjo6wEXd8kQ8isIkcn3n7iSoi5MKlLINg+rbrc0AgFoevQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBlLDOJ9JRAen/EaT/agggWcS2TGMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvR1VzTTRuMGxFQjZmOFJwUDlxQ0NCWnhMWk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwalOAwQB
wypwMA0GCSqGSIb3DQEBCwUAA4IBAQB6gzbaCTx84685k4ARfWnAIGF+fOVvD49S
Ff1L6dxPdLK5XUeACxVuNu6fn2SDWTi0f+1We9TvKuNot4Re8tc7VvJA4/wSk0Tv
cNMXGy7luKNgHtopg7JAwQaBC8V041I81MXAe6VOgVrpYtpj1rCXH+iwaUMtjvcP
w7ZIWNJSkxalZc1M8LqO8WptBsalDqrvtlFpZP1iUjX9U3AzMn+81ghljS0Oj7mT
c0TbMmj8yp9e8T5pT4x4kx6IKE7Ktrbmimo2l7yJmJ5LGR52CbLpTdoKkOp/7rdv
976+l8rpVVQtXMVkatya+IuJdxQiNioDE0jTWMmK44flPUgbvj8f
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:36:21 2024 by rpki-client on console-ams.rpki-client.org