Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa
File: GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa (raw, json)
Hash identifier: 2S+q0rQnlxtIQiTxAkqCC0m/TSr2hljNi04OICoGOmc=
Subject key identifier: 19:CA:50:9A:E8:61:A3:DB:2A:B0:FC:E9:D1:66:7D:2B:35:4F:68:85
Certificate issuer: /CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
Certificate serial: 018CC493124ED3112406AB3CB52E9233A2D7
Authority key identifier: FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa
Signing time: Mon 01 Jan 2024 10:30:21 +0000
ROA not before: Mon 01 Jan 2024 10:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39256
IP address blocks: 46.254.80.0/21 maxlen: 21
188.93.24.0/21 maxlen: 21
92.43.0.0/21 maxlen: 21
185.17.88.0/22 maxlen: 22
2a03:7dc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:12:4e:d3:11:24:06:ab:3c:b5:2e:92:33:a2:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
Validity
Not Before: Jan 1 10:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19ca509ae861a3db2ab0fce9d1667d2b354f6885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8b:fd:cf:c7:f1:09:16:6e:e7:00:17:53:c0:
65:ee:c2:4e:0b:9e:db:ef:b6:be:cb:79:60:81:5d:
b7:85:21:11:b0:1c:a1:6b:41:d4:3b:00:fa:dc:2a:
ca:49:63:0b:b8:88:40:cc:d6:5b:01:15:9d:ce:59:
11:6e:9d:d2:e4:4d:6d:6b:7d:a8:4d:a4:69:e0:54:
81:19:16:b3:75:62:5e:9e:a3:fa:13:7c:a5:98:73:
6f:e4:00:51:92:f3:b2:f9:16:87:83:07:ce:83:3a:
c3:84:d0:d4:c7:0e:b9:2b:0e:74:7a:bd:0f:d5:90:
00:3b:d7:3e:6c:67:a3:5f:a0:18:83:6a:82:7c:48:
70:3f:7b:1b:07:fe:39:98:57:1f:ca:69:73:dc:23:
6a:80:07:44:ba:47:75:10:a9:e7:01:61:0c:68:ca:
93:18:15:e2:96:52:7d:4c:17:c1:f0:7f:be:7c:52:
ab:46:01:38:e9:44:d9:60:da:40:18:67:f4:63:36:
18:ed:d3:63:26:62:d6:ce:53:53:38:ba:71:82:8c:
09:cc:99:7f:d9:9e:d4:92:34:b3:e9:bb:3d:d8:d2:
b8:6d:41:44:b1:a2:1c:c7:84:fd:50:3a:b9:99:9b:
31:80:3b:08:ad:de:e8:a6:cb:8d:14:4b:86:2c:e1:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CA:50:9A:E8:61:A3:DB:2A:B0:FC:E9:D1:66:7D:2B:35:4F:68:85
X509v3 Authority Key Identifier:
keyid:FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.80.0/21
92.43.0.0/21
185.17.88.0/22
188.93.24.0/21
IPv6:
2a03:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
83:dd:63:cd:1f:2e:cc:85:88:59:1a:09:c5:1d:6d:44:63:91:
43:08:57:a0:1f:b4:33:97:cb:28:5e:c7:83:2f:d4:66:07:93:
4f:18:ba:8e:ac:d1:4c:85:7d:8a:67:5b:ea:0c:e9:9d:ad:65:
91:5b:3f:5e:16:66:37:46:c4:a7:2c:da:4a:f1:57:8a:64:ed:
6f:19:5a:40:63:9d:73:6a:6f:45:a9:9b:5d:26:71:e9:d3:2e:
9e:4e:e1:9a:85:52:b3:ec:10:c8:84:ce:a7:d3:7f:03:a4:18:
bb:c7:56:8f:3e:71:0a:a4:31:7e:7d:e8:31:ea:f0:de:16:2b:
9c:65:75:6e:e3:60:d1:cf:b5:c0:23:b7:cc:53:ca:78:56:f1:
d5:8d:42:91:fe:bd:d1:a3:98:44:2d:54:8b:25:79:56:11:d6:
91:18:9c:5e:ec:f1:99:5a:3c:e7:66:cc:6c:d7:2a:60:a5:aa:
b2:e9:60:da:63:59:da:63:40:d2:25:f0:ce:23:da:e9:03:8f:
43:c9:95:32:e6:23:a7:d4:7c:15:d7:4f:47:09:a7:68:bb:5a:
3a:42:10:bc:0d:e0:5b:15:9e:d6:77:fc:fc:5f:aa:23:97:b9:
d8:ea:75:55:bf:0c:fc:c5:00:1c:f7:50:4d:5e:84:fc:70:32:
ab:de:45:5b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzEkxJO0xEkBqs8tS6SM6LXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTRlZWE4NmY5ZjNlNmU3ODgxYjRiOGRhMTlhMWQyNzI1
ZTg3MTAwHhcNMjQwMTAxMTAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNhNTA5YWU4NjFhM2RiMmFiMGZjZTlkMTY2N2QyYjM1NGY2ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4v9z8fxCRZu5wAXU8Bl7sJOC57b
77a+y3lggV23hSERsByha0HUOwD63CrKSWMLuIhAzNZbARWdzlkRbp3S5E1ta32o
TaRp4FSBGRazdWJenqP6E3ylmHNv5ABRkvOy+RaHgwfOgzrDhNDUxw65Kw50er0P
1ZAAO9c+bGejX6AYg2qCfEhwP3sbB/45mFcfymlz3CNqgAdEukd1EKnnAWEMaMqT
GBXillJ9TBfB8H++fFKrRgE46UTZYNpAGGf0YzYY7dNjJmLWzlNTOLpxgowJzJl/
2Z7UkjSz6bs92NK4bUFEsaIcx4T9UDq5mZsxgDsIrd7opsuNFEuGLOEN9QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBnKUJroYaPbKrD86dFmfSs1T2iFMB8GA1UdIwQY
MBaAFPqk7qhvnz5ueIG0uNoZodJyXocQMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xVHVxRy1mUG01NGdiUzQyaG1oMG5KZWh4QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvYzJjMjg4LTZmNTYtNGM0ZC05ZGI1
LTk2ZTk5Zjc5NDI3OC8xL0djcFFtdWhobzlzcXNQenAwV1o5S3pWUGFJVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvYzJjMjg4LTZmNTYtNGM0ZC05ZGI1LTk2ZTk5Zjc5NDI3
OC8xLzEtcVR1cUctZlBtNTRnYlM0MmhtaDBuSmVoeEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMu/lAD
BANcKwADBAK5EVgDBAO8XRgwDQQCAAIwBwMFACoDfcAwDQYJKoZIhvcNAQELBQAD
ggEBAIPdY80fLsyFiFkaCcUdbURjkUMIV6AftDOXyyhex4Mv1GYHk08Yuo6s0UyF
fYpnW+oM6Z2tZZFbP14WZjdGxKcs2krxV4pk7W8ZWkBjnXNqb0Wpm10mcenTLp5O
4ZqFUrPsEMiEzqfTfwOkGLvHVo8+cQqkMX596DHq8N4WK5xldW7jYNHPtcAjt8xT
ynhW8dWNQpH+vdGjmEQtVIsleVYR1pEYnF7s8ZlaPOdmzGzXKmClqrLpYNpjWdpj
QNIl8M4j2ukDj0PJlTLmI6fUfBXXT0cJp2i7WjpCELwN4FsVntZ3/PxfqiOXudjq
dVW/DPzFABz3UE1ehPxwMqveRVs=
-----END CERTIFICATE-----
Generated at Sun May 19 13:58:50 2024 by rpki-client on console-fra.rpki-client.org