Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/t_GTjuflazRiPPFAq6tWSi-basc.roa
File: t_GTjuflazRiPPFAq6tWSi-basc.roa (raw, json)
Hash identifier: QNI/V4vOYOlhdGFDhPfLp28d9auaX5gAgaqEe7zFz90=
Subject key identifier: B7:F1:93:8E:E7:E5:6B:34:62:3C:F1:40:AB:AB:56:4A:2F:9B:6A:C7
Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial: 018CC6B77DB956C0ADDBBE171AABBE36013F
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/t_GTjuflazRiPPFAq6tWSi-basc.roa
Signing time: Mon 01 Jan 2024 20:29:22 +0000
ROA not before: Mon 01 Jan 2024 20:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43668
IP address blocks: 91.197.184.0/22 maxlen: 22
185.225.196.0/24 maxlen: 24
2001:67c:15d8::/48 maxlen: 48
2a0d:5d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:7d:b9:56:c0:ad:db:be:17:1a:ab:be:36:01:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
Validity
Not Before: Jan 1 20:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7f1938ee7e56b34623cf140abab564a2f9b6ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:5e:0f:da:e8:6a:e8:cb:96:d5:ac:a4:da:
2f:a6:6c:c2:df:03:fe:b5:8b:b0:ce:bf:9d:4d:7d:
de:00:ac:0a:c9:7b:87:90:b5:c3:d1:ed:bc:c8:3f:
d7:b3:76:d2:fc:75:61:78:a7:c7:4f:3b:1a:1b:0c:
6a:bb:4e:8e:64:77:e7:25:2f:7f:4f:13:f4:c3:8b:
51:25:40:a1:66:a5:27:18:ce:9a:91:0c:46:51:e1:
18:b5:2c:b9:c4:36:b4:a7:09:5b:a4:12:b3:17:a1:
ba:9d:e4:9f:00:c5:f0:ae:06:b7:4c:a0:54:75:33:
a5:74:a5:6b:8f:f0:d6:90:3e:70:10:c6:ee:a4:98:
0c:ff:f6:5b:ea:60:0d:de:04:ab:e7:b1:51:ef:b7:
c2:98:2d:61:b4:7d:85:45:25:5c:7c:14:42:d3:64:
08:a3:91:d6:fd:bb:6f:26:d9:31:0c:77:3f:96:b3:
7c:59:ea:90:27:a8:41:c8:c3:0a:f8:fc:19:88:2c:
0e:0e:7d:b0:ee:f1:ab:62:09:69:af:cd:99:5c:e0:
01:2d:76:76:0c:7d:e6:99:f5:c6:7c:e8:06:f0:66:
94:bf:67:da:58:5d:fd:9f:d2:5f:94:71:da:db:f5:
e3:38:86:bc:9d:74:8e:db:14:0a:69:f1:c3:20:00:
17:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F1:93:8E:E7:E5:6B:34:62:3C:F1:40:AB:AB:56:4A:2F:9B:6A:C7
X509v3 Authority Key Identifier:
keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/t_GTjuflazRiPPFAq6tWSi-basc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.184.0/22
185.225.196.0/24
IPv6:
2001:67c:15d8::/48
2a0d:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
58:a2:49:3f:a3:a0:4a:8a:d4:c7:39:0a:5c:c6:8d:ee:d2:18:
87:82:90:c4:c4:2a:03:20:78:9a:5f:ef:c8:69:79:51:d8:4b:
05:eb:75:b9:d6:a9:e0:47:da:2f:8e:5e:d1:a7:8c:fb:91:b3:
9e:e9:47:8c:fb:0a:d7:ce:b5:20:a6:ed:44:49:08:f0:5e:df:
5b:b3:7d:ec:5f:4c:ef:b1:ea:0a:41:b8:0a:5b:05:32:07:b4:
29:c4:e8:d3:19:d4:1f:98:47:b2:c0:77:21:ec:8b:0c:99:0e:
01:05:28:9f:f6:77:3a:5b:ba:24:66:21:c5:7c:55:d4:a6:af:
d1:3d:a8:cf:46:34:1b:ee:83:19:c6:61:84:30:f0:7c:93:35:
bc:df:85:2f:4d:28:57:d6:80:66:9f:e4:ee:6b:6f:ec:3b:6d:
05:f0:a4:e5:c8:5e:6d:c4:10:ee:14:78:49:38:cf:62:90:2a:
a2:7e:aa:94:57:17:b1:dd:53:33:0a:ac:3b:d0:74:a5:b0:a8:
af:20:4f:93:50:16:fd:6d:17:09:4d:c7:5b:79:d7:a9:37:40:
00:2a:3f:17:59:a1:6d:57:45:55:85:93:e9:ad:57:9e:6e:6b:
87:2e:39:b1:5b:c6:b8:7f:a0:2c:46:a4:b7:70:2a:c9:51:a1:
24:e9:4b:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGt325VsCt274XGqu+NgE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YxOTM4ZWU3ZTU2YjM0NjIzY2YxNDBhYmFiNTY0YTJmOWI2YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL1eD9roaujLltWspNovpmzC3wP+
tYuwzr+dTX3eAKwKyXuHkLXD0e28yD/Xs3bS/HVheKfHTzsaGwxqu06OZHfnJS9/
TxP0w4tRJUChZqUnGM6akQxGUeEYtSy5xDa0pwlbpBKzF6G6neSfAMXwrga3TKBU
dTOldKVrj/DWkD5wEMbupJgM//Zb6mAN3gSr57FR77fCmC1htH2FRSVcfBRC02QI
o5HW/btvJtkxDHc/lrN8WeqQJ6hByMMK+PwZiCwODn2w7vGrYglpr82ZXOABLXZ2
DH3mmfXGfOgG8GaUv2faWF39n9JflHHa2/XjOIa8nXSO2xQKafHDIAAXuwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLfxk47n5Ws0YjzxQKurVkovm2rHMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvdF9HVGp1ZmxhelJpUFBGQXE2dFdTaS1iYXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCW8W4AwQA
ueHEMBYEAgACMBADBwAgAQZ8FdgDBQMqDV0AMA0GCSqGSIb3DQEBCwUAA4IBAQBY
okk/o6BKitTHOQpcxo3u0hiHgpDExCoDIHiaX+/IaXlR2EsF63W51qngR9ovjl7R
p4z7kbOe6UeM+wrXzrUgpu1ESQjwXt9bs33sX0zvseoKQbgKWwUyB7QpxOjTGdQf
mEeywHch7IsMmQ4BBSif9nc6W7okZiHFfFXUpq/RPajPRjQb7oMZxmGEMPB8kzW8
34UvTShX1oBmn+Tua2/sO20F8KTlyF5txBDuFHhJOM9ikCqifqqUVxex3VMzCqw7
0HSlsKivIE+TUBb9bRcJTcdbedepN0AAKj8XWaFtV0VVhZPprVeebmuHLjmxW8a4
f6AsRqS3cCrJUaEk6UtM
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:32:17 2024 by rpki-client on console-ams.rpki-client.org