Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/GUqmbbo1yT_SKrSCo3c9pB14ssI.roa
File: GUqmbbo1yT_SKrSCo3c9pB14ssI.roa (raw, json)
Hash identifier: bftbVe6yaNvY7+C+/fuafOy6uHwpmf0ITDDkRolF1G8=
Subject key identifier: 19:4A:A6:6D:BA:35:C9:3F:D2:2A:B4:82:A3:77:3D:A4:1D:78:B2:C2
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018CC34928CE29AA7F259DE305412ED6EF71
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/GUqmbbo1yT_SKrSCo3c9pB14ssI.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35600
IP address blocks: 185.56.176.0/22 maxlen: 22
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
194.117.246.0/23 maxlen: 23
185.48.132.0/22 maxlen: 24
2001:67c:184c::/48 maxlen: 48
2a02:5520::/32 maxlen: 32
2a00:4780::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:28:ce:29:aa:7f:25:9d:e3:05:41:2e:d6:ef:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=194aa66dba35c93fd22ab482a3773da41d78b2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8f:70:34:19:9b:5f:27:a9:62:e9:34:17:1d:
ef:40:f9:16:5f:0f:78:23:b3:af:c9:a3:32:db:54:
c5:33:6a:e8:5b:46:f3:a5:f3:b0:10:54:83:e1:ac:
93:8e:fa:60:55:4b:ac:76:fb:55:7e:2a:0b:17:77:
42:26:c2:51:42:d5:c3:ae:c9:e1:41:61:7a:be:cf:
fb:a1:aa:e4:5a:14:4b:60:1a:c1:8b:1a:00:d5:23:
42:df:7d:d9:f1:c6:d5:0b:be:a0:28:3d:a5:69:1d:
8b:b9:8e:ca:75:48:ae:e0:f0:d9:77:41:27:cf:46:
58:d0:7e:c3:74:8d:6a:b4:2f:ee:5d:63:8c:29:f1:
82:0a:61:0b:7c:71:92:9e:66:56:45:07:fe:45:a8:
bc:47:d1:ea:a4:73:75:c9:dd:49:b4:cd:3f:56:90:
6f:cc:5c:01:b7:57:3b:a3:f9:6d:ca:58:82:ae:2b:
1d:e4:0e:55:e9:49:9e:c0:a0:80:d8:c7:41:29:59:
e7:7c:b4:62:d4:18:c1:0e:8a:c1:2e:2d:97:0c:29:
da:30:09:ce:84:e9:61:55:fe:bd:30:02:16:c3:2d:
8b:a4:f0:41:9a:8d:1f:10:af:39:1d:20:5c:aa:cd:
01:00:55:f0:3a:98:50:c4:bc:39:67:e4:f9:28:55:
7e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:4A:A6:6D:BA:35:C9:3F:D2:2A:B4:82:A3:77:3D:A4:1D:78:B2:C2
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/GUqmbbo1yT_SKrSCo3c9pB14ssI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
18:dc:f7:8d:b8:27:de:f4:69:8d:4a:01:b5:75:52:07:da:9f:
74:c7:38:2b:51:82:dc:5c:1f:f3:c1:94:97:fd:e7:a6:9e:7d:
73:cd:db:6e:6b:97:e3:bd:57:bb:ca:fa:cc:c7:b5:cb:a9:72:
18:e9:38:0a:1c:97:f5:4d:8e:16:a6:6e:65:f5:b0:4a:7b:70:
6f:15:8a:74:1c:28:68:7d:a9:8d:b2:b2:1e:60:24:01:b4:ef:
ac:bb:94:df:75:fe:79:89:7d:03:0b:2b:5c:40:3a:55:9c:62:
ec:49:6b:64:b0:1d:1c:a1:6e:0b:44:51:3b:c7:6f:47:ce:d0:
50:01:fe:14:40:c4:d6:8e:58:3c:50:97:b6:54:e2:4d:77:2b:
a9:78:e2:db:cd:79:4c:6f:68:62:9f:33:a5:c3:67:ad:b8:6e:
c3:fb:ed:a9:6d:60:85:01:6e:37:88:5c:41:46:4d:af:4c:6e:
7c:c0:f4:80:e3:2f:57:46:1c:e0:f1:33:0e:59:4d:e9:a5:7c:
e6:62:30:43:62:e2:d9:eb:8b:84:08:e7:32:d6:8e:22:48:b7:
5b:bc:d9:f1:78:bb:0e:ac:59:bc:99:29:02:0e:9a:9a:47:10:
26:8d:ac:27:0f:ff:b7:ec:89:9b:72:9f:92:78:47:e0:a0:7a:
31:1a:0e:c6
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzDSSjOKap/JZ3jBUEu1u9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTRhYTY2ZGJhMzVjOTNmZDIyYWI0ODJhMzc3M2RhNDFkNzhiMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj49wNBmbXyepYuk0Fx3vQPkWXw94
I7OvyaMy21TFM2roW0bzpfOwEFSD4ayTjvpgVUusdvtVfioLF3dCJsJRQtXDrsnh
QWF6vs/7oarkWhRLYBrBixoA1SNC333Z8cbVC76gKD2laR2LuY7KdUiu4PDZd0En
z0ZY0H7DdI1qtC/uXWOMKfGCCmELfHGSnmZWRQf+Rai8R9HqpHN1yd1JtM0/VpBv
zFwBt1c7o/ltyliCrisd5A5V6UmewKCA2MdBKVnnfLRi1BjBDorBLi2XDCnaMAnO
hOlhVf69MAIWwy2LpPBBmo0fEK85HSBcqs0BAFXwOphQxLw5Z+T5KFV+JQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBlKpm26Nck/0iq0gqN3PaQdeLLCMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvR1VxbWJibzF5VF9TS3JTQ28zYzlwQjE0c3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQBW91cAwQB
W91qAwQCuTCEAwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8GEwDBQAqAEeAAwUA
KgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBABjc9424J970aY1KAbV1Ugfa
n3THOCtRgtxcH/PBlJf956aefXPN225rl+O9V7vK+szHtcupchjpOAocl/VNjham
bmX1sEp7cG8VinQcKGh9qY2ysh5gJAG076y7lN91/nmJfQMLK1xAOlWcYuxJa2Sw
HRyhbgtEUTvHb0fO0FAB/hRAxNaOWDxQl7ZU4k13K6l44tvNeUxvaGKfM6XDZ624
bsP77altYIUBbjeIXEFGTa9MbnzA9IDjL1dGHODxMw5ZTemlfOZiMENi4tnri4QI
5zLWjiJIt1u82fF4uw6sWbyZKQIOmppHECaNrCcP/7fsiZtyn5J4R+CgejEaDsY=
-----END CERTIFICATE-----
Generated at Sat Jun 15 22:04:02 2024 by rpki-client on console-ams.rpki-client.org