Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/_GMCSQFJXHFTOhxCgkRVU1QTMJo.roa
File: _GMCSQFJXHFTOhxCgkRVU1QTMJo.roa (raw, json)
Hash identifier: 2XIBf3K51Ehv+7b9gDCcZysN+iuKz+zODNCmPvBX5P8=
Subject key identifier: FC:63:02:49:01:49:5C:71:53:3A:1C:42:82:44:55:53:54:13:30:9A
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 018F78AE653D0D3AE3011CE01565E2C025C5
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/_GMCSQFJXHFTOhxCgkRVU1QTMJo.roa
Signing time: Tue 14 May 2024 19:57:25 +0000
ROA not before: Tue 14 May 2024 19:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:2880::/29 maxlen: 29
2a13:d3c0::/29 maxlen: 29
2a13:dec0::/29 maxlen: 29
2a14:1300::/29 maxlen: 29
2a14:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 20:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:78:ae:65:3d:0d:3a:e3:01:1c:e0:15:65:e2:c0:25:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: May 14 19:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc63024901495c71533a1c42824455535413309a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:2b:6c:bb:cb:9b:6a:7b:44:ac:6e:8e:62:
f6:92:72:b1:ee:91:b9:5d:a0:fb:cb:14:f5:3e:63:
78:80:b7:9a:0c:18:3b:bb:47:a5:85:84:b0:ab:85:
60:c0:d3:81:f1:1d:ca:4e:1a:02:97:55:63:5a:ca:
6f:82:28:42:26:b2:ae:95:ec:40:e8:4d:19:f8:d1:
bc:76:bd:99:b9:5b:21:b7:cd:d4:4c:67:5d:4c:2d:
89:62:d3:a0:b5:bd:91:77:63:30:89:e2:16:ed:e8:
37:48:a2:19:0e:fb:75:a0:cf:b1:cd:69:7d:ea:8b:
29:e9:3e:d8:ae:6c:c3:7d:a0:f3:79:7b:c7:57:fb:
9c:b1:bc:59:83:a9:db:13:ad:16:01:b1:99:85:d6:
3e:d6:d6:78:42:4d:1b:8f:d7:73:d4:0d:4a:63:15:
c7:81:79:4d:e2:b5:71:b4:25:53:a1:21:38:a3:09:
18:26:04:56:52:a7:19:6e:f6:ea:31:30:dd:c6:8f:
bc:e6:ef:a0:1e:60:25:70:22:80:95:d5:7d:d3:a1:
06:09:53:a4:99:57:e5:97:c6:27:0d:7c:72:aa:0a:
80:e1:9b:22:03:47:dd:29:80:46:0f:d6:c6:f1:5a:
ef:2d:1e:68:03:f6:c5:fe:ea:e6:fd:f8:1e:d0:f2:
29:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:63:02:49:01:49:5C:71:53:3A:1C:42:82:44:55:53:54:13:30:9A
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/_GMCSQFJXHFTOhxCgkRVU1QTMJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2880::/29
2a13:d3c0::/29
2a13:dec0::/29
2a14:1300::/29
2a14:1500::/29
Signature Algorithm: sha256WithRSAEncryption
7e:6b:9c:68:46:32:8f:4e:84:ac:7e:32:ee:29:0f:3c:e9:68:
24:ad:92:5f:65:02:23:2f:74:fd:2f:89:90:5c:6b:68:29:de:
a5:bd:e4:1d:bd:18:8a:f1:67:75:85:6e:ec:a1:1e:b1:b7:6f:
30:0c:b8:84:0d:1d:a0:7f:ca:5b:8c:f7:ca:b8:bf:16:19:e6:
ba:4e:3a:6b:98:98:3a:ea:52:e4:d6:3d:46:f6:bc:99:c3:8d:
56:bd:f6:6d:43:86:24:0a:43:a2:0b:2b:0b:7a:51:7c:4b:1e:
56:53:6d:1c:a1:67:3e:10:a6:a0:10:72:f6:92:93:52:09:3b:
fa:3a:c9:60:1f:bb:a9:61:05:34:5d:fd:01:7a:4d:e1:c1:f8:
b2:58:67:25:97:b4:70:2a:e3:d6:a9:7c:f0:15:b3:b5:fd:e2:
8a:2d:df:7e:bb:89:88:3f:f5:41:d9:be:f4:af:24:cf:79:17:
35:b1:99:0e:8b:3c:67:0a:0a:1f:88:83:bd:11:52:16:2d:0e:
6d:50:f3:7a:be:b2:b1:c2:1f:41:78:03:bd:f6:f1:71:6e:51:
64:94:82:a5:a7:ba:1e:8f:fd:44:08:7a:1a:eb:f1:57:0a:fd:
7c:b2:d9:60:e1:43:89:66:1b:70:2a:09:b0:12:ef:e0:9b:d0:
e9:20:56:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY94rmU9DTrjARzgFWXiwCXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjQwNTE0MTk1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYzMDI0OTAxNDk1YzcxNTMzYTFjNDI4MjQ0NTU1MzU0MTMzMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmssrbLvLm2p7RKxujmL2knKx7pG5
XaD7yxT1PmN4gLeaDBg7u0elhYSwq4VgwNOB8R3KThoCl1VjWspvgihCJrKulexA
6E0Z+NG8dr2ZuVsht83UTGddTC2JYtOgtb2Rd2MwieIW7eg3SKIZDvt1oM+xzWl9
6osp6T7YrmzDfaDzeXvHV/ucsbxZg6nbE60WAbGZhdY+1tZ4Qk0bj9dz1A1KYxXH
gXlN4rVxtCVToSE4owkYJgRWUqcZbvbqMTDdxo+85u+gHmAlcCKAldV906EGCVOk
mVfll8YnDXxyqgqA4ZsiA0fdKYBGD9bG8VrvLR5oA/bF/urm/fge0PIpaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPxjAkkBSVxxUzocQoJEVVNUEzCaMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvX0dNQ1NRRkpYSEZUT2h4Q2drUlZVMVFUTUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhMogAMF
AyoT08ADBQMqE97AAwUDKhQTAAMFAyoUFQAwDQYJKoZIhvcNAQELBQADggEBAH5r
nGhGMo9OhKx+Mu4pDzzpaCStkl9lAiMvdP0viZBca2gp3qW95B29GIrxZ3WFbuyh
HrG3bzAMuIQNHaB/yluM98q4vxYZ5rpOOmuYmDrqUuTWPUb2vJnDjVa99m1DhiQK
Q6ILKwt6UXxLHlZTbRyhZz4QpqAQcvaSk1IJO/o6yWAfu6lhBTRd/QF6TeHB+LJY
ZyWXtHAq49apfPAVs7X94oot3367iYg/9UHZvvSvJM95FzWxmQ6LPGcKCh+Ig70R
UhYtDm1Q83q+srHCH0F4A7328XFuUWSUgqWnuh6P/UQIehrr8VcK/Xyy2WDhQ4lm
G3AqCbAS7+Cb0OkgVpw=
-----END CERTIFICATE-----
Generated at Fri Jun 28 03:57:04 2024 by rpki-client on console-fra.rpki-client.org