Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gjkS15XW90Ff_HbAT0YPEyNSBcU.roa
File: gjkS15XW90Ff_HbAT0YPEyNSBcU.roa (raw, json)
Hash identifier: iraIRFQNHL6nFy5X7kuluw7o8tQMsKxgcPmCtUd4Ypc=
Subject key identifier: 82:39:12:D7:95:D6:F7:41:5F:FC:76:C0:4F:46:0F:13:23:52:05:C5
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018DC17A6BA3F6943616B7DDEEC86A208993
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gjkS15XW90Ff_HbAT0YPEyNSBcU.roa
Signing time: Mon 19 Feb 2024 13:07:22 +0000
ROA not before: Mon 19 Feb 2024 13:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31479
IP address blocks: 185.28.48.0/23 maxlen: 23
201.77.58.0/24 maxlen: 24
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:7a:6b:a3:f6:94:36:16:b7:dd:ee:c8:6a:20:89:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 19 13:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=823912d795d6f7415ffc76c04f460f13235205c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:34:f2:51:40:07:e1:2f:72:9f:95:2a:d7:96:
bb:37:d5:7c:f7:a3:2b:82:40:cd:6b:40:7d:e3:0e:
6d:fc:94:cd:5b:77:a7:6a:ad:d9:25:e0:bf:5f:2d:
0a:33:c2:31:5e:a8:98:5f:03:66:5e:ca:ba:67:d0:
dc:98:8d:68:d3:94:0b:a0:b4:1d:1e:a0:e7:5a:d3:
47:d1:a9:1d:a9:9d:3b:f6:9e:32:03:70:e8:51:2b:
44:6d:6b:90:67:b2:75:da:20:4e:23:13:62:e5:ec:
10:7b:3f:a7:da:05:91:74:10:32:fd:82:2f:e0:80:
7a:1d:07:4a:16:a2:e2:a9:e7:c3:ac:f3:c8:79:e5:
46:cd:56:7b:7b:cf:93:fe:70:72:6e:ed:ce:02:9c:
80:3c:3d:65:0e:9f:25:68:d5:2c:82:74:0a:27:70:
02:30:3b:29:a5:6b:35:08:ae:7f:82:24:17:8e:3e:
67:d9:00:e8:e8:59:59:92:c5:62:82:c8:6d:48:f4:
a8:2c:05:a2:75:56:3a:2e:6b:cc:d2:55:f3:8a:20:
8d:fa:77:ce:a1:19:bc:02:79:11:4b:d8:ed:5c:c6:
cc:aa:c7:b7:c3:55:bf:ca:c9:d1:8d:19:bd:99:9a:
9c:d4:48:e0:c6:69:9b:a3:2d:67:b4:da:f5:b3:20:
93:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:39:12:D7:95:D6:F7:41:5F:FC:76:C0:4F:46:0F:13:23:52:05:C5
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gjkS15XW90Ff_HbAT0YPEyNSBcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.48.0/23
201.77.58.0/24
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
15:25:67:ac:59:a0:b6:b7:7e:94:c3:57:e4:32:85:fa:fb:90:
20:21:ca:f5:23:51:a8:68:bb:6b:4b:be:d4:9f:e1:26:4a:96:
66:f4:6f:34:92:e7:f8:c8:82:18:da:58:03:40:06:89:3a:2f:
45:2e:c8:38:6f:0a:24:1c:a5:e8:7c:a5:26:7f:58:86:9b:a2:
fb:6a:c7:ce:11:51:1a:52:4f:e5:43:da:fb:9e:cc:3d:a7:39:
81:dc:c4:2e:f7:f0:9f:f8:41:b4:e0:a1:a9:c0:8f:f1:18:47:
36:6a:1d:68:c3:ab:d9:91:f7:0d:98:d6:68:4a:46:fe:c7:6e:
7f:87:c8:07:0a:57:0e:40:5a:fb:93:05:77:85:0b:32:85:08:
46:be:38:58:42:c2:5c:44:37:bd:86:01:18:dc:1c:f1:e4:3e:
cd:1f:d4:b1:23:51:ab:9e:b2:23:fe:42:d5:2f:5e:52:d7:a9:
7b:57:c9:19:73:8c:ff:a3:63:f8:58:3f:c8:b8:fb:35:3f:5c:
ec:45:07:9c:4e:94:2f:8f:95:29:56:57:e6:f3:a1:91:b3:2b:
cd:04:9c:3a:b1:83:9b:96:9b:0d:27:56:53:c7:4a:4c:ff:18:
bc:b8:33:e7:db:0b:b6:df:f9:54:e9:07:d5:26:c7:af:6e:21:
a3:ba:a6:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3Bemuj9pQ2Frfd7shqIImTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMjE5MTMwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM5MTJkNzk1ZDZmNzQxNWZmYzc2YzA0ZjQ2MGYxMzIzNTIwNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzTyUUAH4S9yn5Uq15a7N9V896Mr
gkDNa0B94w5t/JTNW3enaq3ZJeC/Xy0KM8IxXqiYXwNmXsq6Z9DcmI1o05QLoLQd
HqDnWtNH0akdqZ079p4yA3DoUStEbWuQZ7J12iBOIxNi5ewQez+n2gWRdBAy/YIv
4IB6HQdKFqLiqefDrPPIeeVGzVZ7e8+T/nBybu3OApyAPD1lDp8laNUsgnQKJ3AC
MDsppWs1CK5/giQXjj5n2QDo6FlZksVigshtSPSoLAWidVY6LmvM0lXziiCN+nfO
oRm8AnkRS9jtXMbMqse3w1W/ysnRjRm9mZqc1Ejgxmmboy1ntNr1syCTcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFII5EteV1vdBX/x2wE9GDxMjUgXFMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZ2prUzE1WFc5MEZmX0hiQVQwWVBFeU5TQmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuRwwAwQA
yU06MA0EAgACMAcDBQAgAUAwMA0GCSqGSIb3DQEBCwUAA4IBAQAVJWesWaC2t36U
w1fkMoX6+5AgIcr1I1GoaLtrS77Un+EmSpZm9G80kuf4yIIY2lgDQAaJOi9FLsg4
bwokHKXofKUmf1iGm6L7asfOEVEaUk/lQ9r7nsw9pzmB3MQu9/Cf+EG04KGpwI/x
GEc2ah1ow6vZkfcNmNZoSkb+x25/h8gHClcOQFr7kwV3hQsyhQhGvjhYQsJcRDe9
hgEY3Bzx5D7NH9SxI1GrnrIj/kLVL15S16l7V8kZc4z/o2P4WD/IuPs1P1zsRQec
TpQvj5UpVlfm86GRsyvNBJw6sYOblpsNJ1ZTx0pM/xi8uDPn2wu23/lU6QfVJsev
biGjuqaU
-----END CERTIFICATE-----
Generated at Fri May 3 05:34:15 2024 by rpki-client on console-ams.rpki-client.org