Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/sGDVRpDcbpuSElpzOrLFjkgXHEk.roa
File: sGDVRpDcbpuSElpzOrLFjkgXHEk.roa (raw, json)
Hash identifier: NUCurmhcPlWXWolm+kOjRUe4ntTvuPzcU9fd7aLcLVk=
Subject key identifier: B0:60:D5:46:90:DC:6E:9B:92:12:5A:73:3A:B2:C5:8E:48:17:1C:49
Certificate issuer: /CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Certificate serial: 018CC86FC8D832192181DD7DEC05D289E32A
Authority key identifier: 1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/sGDVRpDcbpuSElpzOrLFjkgXHEk.roa
Signing time: Tue 02 Jan 2024 04:30:18 +0000
ROA not before: Tue 02 Jan 2024 04:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398642
IP address blocks: 144.57.48.0/21 maxlen: 21
144.57.48.0/24 maxlen: 24
144.57.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Glyq86CZO3auE-EZE22_AGlpiRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Glyq86CZO3auE-EZE22_AGlpiRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c8:d8:32:19:21:81:dd:7d:ec:05:d2:89:e3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5caaf3a0993b76ae13e119136dbf0069698911
Validity
Not Before: Jan 2 04:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b060d54690dc6e9b92125a733ab2c58e48171c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:cc:0c:ee:0f:86:b6:9c:15:be:49:a7:df:
a9:6f:45:a7:09:cc:d6:60:d4:cf:a2:ae:5e:e1:c0:
e8:9d:99:d7:95:9b:46:f6:eb:a4:66:36:79:42:3d:
a6:f0:f1:22:8c:96:89:62:f1:0e:19:ab:c2:ca:fb:
ad:e7:e2:9f:8d:02:90:f2:f4:12:48:22:d0:14:e3:
c5:43:31:45:dd:c4:2e:1e:3c:b6:34:7c:7c:9f:22:
23:bb:7b:27:12:39:97:87:fb:a5:3a:1e:90:2e:e1:
e8:e1:0a:28:36:1b:1d:1a:2e:20:5a:03:cc:85:e5:
51:48:0b:ac:42:5e:71:25:71:40:38:c0:c4:65:c5:
d4:96:33:99:1d:73:dd:23:fc:fd:41:78:6a:c9:41:
8c:d1:8a:41:49:03:85:4c:b7:5d:f7:d2:c4:3b:80:
d1:07:2b:86:29:7a:97:89:32:df:91:6e:67:90:46:
90:f3:11:7f:8c:5e:e1:2d:f4:95:79:0d:fa:e3:89:
aa:49:7e:39:3d:87:ea:b3:f0:83:ea:82:dd:66:49:
0c:18:2a:7e:a9:f1:7f:14:f3:87:9c:e7:eb:31:ce:
59:ff:2a:e8:e7:ba:3b:b9:73:86:b8:d7:7b:f3:19:
ba:d0:79:1b:03:5c:33:94:19:d8:85:7b:cf:22:04:
cf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:60:D5:46:90:DC:6E:9B:92:12:5A:73:3A:B2:C5:8E:48:17:1C:49
X509v3 Authority Key Identifier:
keyid:1A:5C:AA:F3:A0:99:3B:76:AE:13:E1:19:13:6D:BF:00:69:69:89:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Glyq86CZO3auE-EZE22_AGlpiRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/sGDVRpDcbpuSElpzOrLFjkgXHEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94cdb2-9399-450b-a82e-7c590bcf981a/1/Glyq86CZO3auE-EZE22_AGlpiRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.48.0/21
Signature Algorithm: sha256WithRSAEncryption
a5:e7:ae:cd:e3:b4:a1:c7:bd:cb:39:f8:e1:0f:b9:79:91:c5:
68:54:88:fb:ea:ca:e6:98:8f:8f:5f:4b:17:38:68:64:8a:94:
cb:25:50:c0:1f:32:ae:4a:15:09:77:d0:cf:74:71:54:08:d2:
bc:34:27:98:65:3b:6e:43:81:14:82:6a:f7:ba:bb:71:d7:07:
96:f5:08:66:6e:ca:00:1d:7e:4e:8f:d2:df:06:bb:e8:d1:27:
7c:85:cc:c4:2f:72:01:67:7d:ce:e9:bc:25:06:70:ec:a3:56:
2c:5a:f3:a2:d2:39:0d:8d:5d:6f:31:a3:a5:f3:29:df:bb:4c:
ec:08:80:d0:bd:0f:51:09:d5:a3:1c:d9:32:22:a2:ce:7b:14:
0a:40:ea:6d:5f:33:52:7c:6a:80:44:82:83:27:3f:71:78:40:
67:58:0c:4e:bb:bc:87:29:e1:fb:bf:dc:2f:6f:e0:2d:a7:b4:
ce:cd:38:be:49:b8:7a:b1:78:6b:00:f3:d2:ac:67:04:7f:97:
15:da:f2:50:63:85:11:7e:67:b8:57:5d:6c:ae:c1:80:00:e6:
12:a7:6a:50:cf:6c:3c:55:8c:c3:52:6a:37:46:49:8c:1a:c9:
e0:e1:b0:8c:f8:8c:19:31:22:f6:bb:6d:b4:74:f5:8a:6f:27:
c1:84:7f:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb8jYMhkhgd197AXSieMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWNhYWYzYTA5OTNiNzZhZTEzZTExOTEzNmRiZjAwNjk2
OTg5MTEwHhcNMjQwMTAyMDQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYwZDU0NjkwZGM2ZTliOTIxMjVhNzMzYWIyYzU4ZTQ4MTcxYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn27MDO4PhracFb5Jp9+pb0WnCczW
YNTPoq5e4cDonZnXlZtG9uukZjZ5Qj2m8PEijJaJYvEOGavCyvut5+KfjQKQ8vQS
SCLQFOPFQzFF3cQuHjy2NHx8nyIju3snEjmXh/ulOh6QLuHo4QooNhsdGi4gWgPM
heVRSAusQl5xJXFAOMDEZcXUljOZHXPdI/z9QXhqyUGM0YpBSQOFTLdd99LEO4DR
ByuGKXqXiTLfkW5nkEaQ8xF/jF7hLfSVeQ3644mqSX45PYfqs/CD6oLdZkkMGCp+
qfF/FPOHnOfrMc5Z/yro57o7uXOGuNd78xm60HkbA1wzlBnYhXvPIgTP1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBg1UaQ3G6bkhJaczqyxY5IFxxJMB8GA1UdIwQY
MBaAFBpcqvOgmTt2rhPhGRNtvwBpaYkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUt
N2M1OTBiY2Y5ODFhLzEvc0dEVlJwRGNicHVTRWxwek9yTEZqa2dYSEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NGNkYjItOTM5OS00NTBiLWE4MmUtN2M1OTBiY2Y5ODFh
LzEvR2x5cTg2Q1pPM2F1RS1FWkUyMl9BR2xwaVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkDkwMA0G
CSqGSIb3DQEBCwUAA4IBAQCl567N47Shx73LOfjhD7l5kcVoVIj76srmmI+PX0sX
OGhkipTLJVDAHzKuShUJd9DPdHFUCNK8NCeYZTtuQ4EUgmr3urtx1weW9QhmbsoA
HX5Oj9LfBrvo0Sd8hczEL3IBZ33O6bwlBnDso1YsWvOi0jkNjV1vMaOl8ynfu0zs
CIDQvQ9RCdWjHNkyIqLOexQKQOptXzNSfGqARIKDJz9xeEBnWAxOu7yHKeH7v9wv
b+Atp7TOzTi+Sbh6sXhrAPPSrGcEf5cV2vJQY4URfme4V11srsGAAOYSp2pQz2w8
VYzDUmo3RkmMGsng4bCM+IwZMSL2u220dPWKbyfBhH/g
-----END CERTIFICATE-----
Generated at Thu May 2 17:49:11 2024 by rpki-client on console-ams.rpki-client.org