Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/GNZ9lBNN0fk-FlzHbPwEofqpIU0.roa
File: GNZ9lBNN0fk-FlzHbPwEofqpIU0.roa (raw, json)
Hash identifier: oRn/UPDhfLUG50LiJX38JC+BFkpO2/98l4Oq5gRIEuM=
Subject key identifier: 18:D6:7D:94:13:4D:D1:F9:3E:16:5C:C7:6C:FC:04:A1:FA:A9:21:4D
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 018CC26D8173A28E34C074ED2B87BC09CBA8
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/GNZ9lBNN0fk-FlzHbPwEofqpIU0.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 146.19.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:81:73:a2:8e:34:c0:74:ed:2b:87:bc:09:cb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d67d94134dd1f93e165cc76cfc04a1faa9214d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:74:d8:f3:1d:4f:25:72:51:91:cc:97:ec:
0a:01:5c:16:7b:0f:33:53:0d:f2:9e:d2:08:18:dc:
cb:6a:20:b2:84:6a:75:a7:2f:7d:58:1f:7e:a1:f3:
46:76:e3:d7:88:1b:88:6a:a2:57:82:25:1d:be:66:
c1:7d:6e:50:45:8c:5b:35:a5:4b:b6:55:db:a8:5f:
fc:a9:e1:13:9b:93:6c:ea:8e:1f:bd:ce:58:73:d2:
00:f9:8a:19:fc:3e:10:8e:7a:5b:2d:08:8c:01:f8:
19:44:9d:15:fa:92:9e:c5:0d:62:e5:9f:7d:43:01:
3a:48:65:e9:dd:27:ef:d9:fe:b4:97:83:a9:1c:8a:
7a:52:43:9f:83:2d:65:d0:15:14:76:c5:bd:f8:84:
e9:ee:ef:ec:e5:33:38:6b:f4:1b:e9:04:7d:52:46:
99:cd:ea:60:80:d6:51:68:ca:6f:2b:78:d4:08:ba:
d2:13:18:fc:f4:8d:80:a5:51:39:0d:6b:ba:78:2e:
61:c2:18:9a:83:67:97:3f:79:f1:3a:4c:89:85:a1:
79:70:96:d4:f7:09:94:b5:ae:96:03:f2:1a:80:d1:
c1:ea:71:b9:85:e6:cb:9c:5d:42:7e:17:e3:42:0d:
04:f4:fd:46:fc:77:4b:c3:7a:00:00:95:ee:b1:f5:
64:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D6:7D:94:13:4D:D1:F9:3E:16:5C:C7:6C:FC:04:A1:FA:A9:21:4D
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/GNZ9lBNN0fk-FlzHbPwEofqpIU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.193.0/24
Signature Algorithm: sha256WithRSAEncryption
53:35:8c:ea:0b:7b:95:80:14:a2:59:bf:9a:45:e1:1f:32:01:
70:6f:a4:fe:eb:9e:6f:b5:31:97:94:d5:89:ea:db:4d:b4:83:
3d:f0:22:0a:f7:a1:8d:80:4f:43:01:f7:fa:cf:48:bd:c0:d8:
f7:5d:11:5e:14:ba:66:8e:33:0a:b0:99:26:51:42:7b:5f:f1:
68:44:69:74:bb:95:63:df:bb:62:fb:60:75:e0:d4:97:63:44:
e6:d7:f7:26:1d:18:88:d7:03:8c:53:a5:6c:8b:eb:c4:71:38:
72:4e:3e:e9:2b:f3:8f:a0:db:ef:9f:da:82:8e:1c:76:c9:25:
14:ef:ff:29:d8:32:50:1c:1f:b4:b7:89:83:0e:d9:93:36:e9:
2b:42:c9:5c:90:80:6d:f8:49:c3:ba:2d:40:f7:f9:63:32:9a:
39:1e:84:33:47:5e:37:09:17:5e:b5:aa:f7:02:5f:a8:42:29:
33:4d:65:bf:1e:2c:59:8a:9f:9d:17:69:da:0f:ec:96:89:4e:
db:2a:91:eb:f6:cb:5e:d4:00:65:fa:27:19:9e:d3:2c:21:f5:
ed:0f:e0:6c:3d:ff:6c:48:98:dd:c3:ff:88:50:93:8d:b6:cb:
06:a6:95:45:3a:17:42:30:73:66:bd:8b:1b:1d:a1:65:69:4e:
fe:4e:6d:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbYFzoo40wHTtK4e8CcuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ2N2Q5NDEzNGRkMWY5M2UxNjVjYzc2Y2ZjMDRhMWZhYTkyMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtl02PMdTyVyUZHMl+wKAVwWew8z
Uw3yntIIGNzLaiCyhGp1py99WB9+ofNGduPXiBuIaqJXgiUdvmbBfW5QRYxbNaVL
tlXbqF/8qeETm5Ns6o4fvc5Yc9IA+YoZ/D4QjnpbLQiMAfgZRJ0V+pKexQ1i5Z99
QwE6SGXp3Sfv2f60l4OpHIp6UkOfgy1l0BUUdsW9+ITp7u/s5TM4a/Qb6QR9UkaZ
zepggNZRaMpvK3jUCLrSExj89I2ApVE5DWu6eC5hwhiag2eXP3nxOkyJhaF5cJbU
9wmUta6WA/IagNHB6nG5hebLnF1CfhfjQg0E9P1G/HdLw3oAAJXusfVkowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjWfZQTTdH5PhZcx2z8BKH6qSFNMB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvR05aOWxCTk4wZmstRmx6SGJQd0VvZnFwSVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPBMA0G
CSqGSIb3DQEBCwUAA4IBAQBTNYzqC3uVgBSiWb+aReEfMgFwb6T+655vtTGXlNWJ
6ttNtIM98CIK96GNgE9DAff6z0i9wNj3XRFeFLpmjjMKsJkmUUJ7X/FoRGl0u5Vj
37ti+2B14NSXY0Tm1/cmHRiI1wOMU6Vsi+vEcThyTj7pK/OPoNvvn9qCjhx2ySUU
7/8p2DJQHB+0t4mDDtmTNukrQslckIBt+EnDui1A9/ljMpo5HoQzR143CRdetar3
Al+oQikzTWW/HixZip+dF2naD+yWiU7bKpHr9ste1ABl+icZntMsIfXtD+BsPf9s
SJjdw/+IUJONtssGppVFOhdCMHNmvYsbHaFlaU7+Tm0i
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:29 2024 by rpki-client on console-fra.rpki-client.org