Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GUCU9r5spdYRnROLrfk6oVQvByY.roa
File: GUCU9r5spdYRnROLrfk6oVQvByY.roa (raw, json)
Hash identifier: b6Bt/1ByJ/qATl8JRJUwbFmAOXHwSCqlQxEMsC2yryA=
Subject key identifier: 19:40:94:F6:BE:6C:A5:D6:11:9D:13:8B:AD:F9:3A:A1:54:2F:07:26
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E09BE3F95833A43653B11C210E773
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GUCU9r5spdYRnROLrfk6oVQvByY.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50896
IP address blocks: 5.188.219.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:09:be:3f:95:83:3a:43:65:3b:11:c2:10:e7:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=194094f6be6ca5d6119d138badf93aa1542f0726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:65:24:98:25:71:6b:8c:b8:32:6e:3c:67:8f:
ed:8a:df:39:d9:df:3c:19:c6:13:54:d8:e4:98:c1:
2c:b0:65:84:5d:78:a5:ee:e9:26:23:59:21:6c:e3:
e5:e4:3c:3d:b8:3a:bb:46:b9:af:72:37:9b:a1:34:
4f:20:65:3f:8c:75:76:04:e4:af:e0:44:13:b2:4e:
e8:58:3f:27:b4:00:90:4a:d2:34:51:72:eb:41:c3:
02:24:db:4a:a5:40:92:1a:3e:db:71:b6:d5:7f:8f:
87:49:2a:4e:07:74:b8:6c:c1:74:47:6d:b8:a2:7c:
f7:20:2e:d2:95:22:fb:ca:34:1d:67:dd:e3:63:80:
b3:eb:68:94:f5:91:8e:cb:39:39:01:dd:be:3a:90:
87:7f:8a:9a:c2:ce:23:98:b5:57:cb:09:84:ab:65:
41:4d:ff:49:c8:23:ff:67:b5:4b:c8:5a:b9:ef:c0:
65:75:b1:27:90:70:98:73:50:d4:03:80:a3:85:bc:
9d:67:c4:62:2b:65:c7:d7:4f:66:80:8f:70:24:67:
4b:90:30:2a:6c:6a:2f:87:54:23:28:32:c2:2c:13:
72:03:81:c9:2a:e7:c5:39:f6:c9:fb:e9:8a:b0:05:
cf:b3:1c:f0:93:02:0e:c7:1c:29:31:78:24:51:11:
f9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:40:94:F6:BE:6C:A5:D6:11:9D:13:8B:AD:F9:3A:A1:54:2F:07:26
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/GUCU9r5spdYRnROLrfk6oVQvByY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.219.0/24
37.9.40.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:32:9a:a3:10:c1:21:8f:c7:75:88:40:a2:86:2a:e0:fb:ce:
8f:4f:c5:10:93:45:c2:99:58:70:ea:5a:65:a8:15:96:56:71:
4b:63:9e:fb:8e:17:e8:b6:c4:0d:f4:a5:ee:90:47:9a:ab:3e:
f9:ac:1e:00:67:93:84:e7:23:23:06:20:76:32:ac:5b:f9:75:
1d:3c:b5:91:1b:15:e7:54:88:c7:9e:26:f7:64:e2:9e:34:17:
8a:29:57:df:45:8a:02:a5:50:bc:7f:d8:6e:6c:93:ed:e4:90:
6e:50:f5:8d:f1:93:6c:34:65:65:7f:f1:1d:5f:c8:9f:76:55:
b5:e1:fd:45:1f:05:17:bf:16:f0:69:5b:b3:6a:52:a2:94:9c:
9f:21:48:56:21:aa:8e:53:b0:11:70:37:e6:57:2d:04:8f:da:
2c:99:82:f5:41:f1:33:a9:b9:83:75:2a:ca:19:4c:67:20:f7:
75:ba:aa:e6:db:95:ae:ca:7a:b7:89:60:b2:87:56:e1:34:8d:
a9:3e:05:25:dc:98:96:95:3a:33:c4:10:20:74:c0:dd:c0:f2:
48:40:cc:4a:ca:52:5e:42:26:bb:22:86:ee:b7:e8:e9:57:6b:
9a:84:64:68:8f:3d:ff:21:af:cf:df:9d:a5:ac:76:78:9a:6d:
6f:65:90:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbgm+P5WDOkNlOxHCEOdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQwOTRmNmJlNmNhNWQ2MTE5ZDEzOGJhZGY5M2FhMTU0MmYwNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWUkmCVxa4y4Mm48Z4/tit852d88
GcYTVNjkmMEssGWEXXil7ukmI1khbOPl5Dw9uDq7RrmvcjeboTRPIGU/jHV2BOSv
4EQTsk7oWD8ntACQStI0UXLrQcMCJNtKpUCSGj7bcbbVf4+HSSpOB3S4bMF0R224
onz3IC7SlSL7yjQdZ93jY4Cz62iU9ZGOyzk5Ad2+OpCHf4qaws4jmLVXywmEq2VB
Tf9JyCP/Z7VLyFq578BldbEnkHCYc1DUA4CjhbydZ8RiK2XH109mgI9wJGdLkDAq
bGovh1QjKDLCLBNyA4HJKufFOfbJ++mKsAXPsxzwkwIOxxwpMXgkURH5vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBlAlPa+bKXWEZ0Ti635OqFULwcmMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvR1VDVTlyNXNwZFlSblJPTHJmazZvVlF2QnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbzbAwQB
JQkoMA0GCSqGSIb3DQEBCwUAA4IBAQDNMpqjEMEhj8d1iECihirg+86PT8UQk0XC
mVhw6lplqBWWVnFLY577jhfotsQN9KXukEeaqz75rB4AZ5OE5yMjBiB2Mqxb+XUd
PLWRGxXnVIjHnib3ZOKeNBeKKVffRYoCpVC8f9hubJPt5JBuUPWN8ZNsNGVlf/Ed
X8ifdlW14f1FHwUXvxbwaVuzalKilJyfIUhWIaqOU7ARcDfmVy0Ej9osmYL1QfEz
qbmDdSrKGUxnIPd1uqrm25Wuynq3iWCyh1bhNI2pPgUl3JiWlTozxBAgdMDdwPJI
QMxKylJeQia7Iobut+jpV2uahGRojz3/Ia/P352lrHZ4mm1vZZBr
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:04 2024 by rpki-client on console-ams.rpki-client.org