Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GlQUBzcNJmw0558H72JeNJOtGUQ.roa
File: GlQUBzcNJmw0558H72JeNJOtGUQ.roa (raw, json)
Hash identifier: OAZrKZei1mukwSf7KdhyGGJ75nXzfwov+lRUskVC4AA=
Subject key identifier: 1A:54:14:07:37:0D:26:6C:34:E7:9F:07:EF:62:5E:34:93:AD:19:44
Certificate issuer: /CN=c11d08186433903069b5d6bb652f98428f53c808
Certificate serial: 0194AF1E4F4F6A08AC857F3A4E31A3C0648A
Authority key identifier: C1:1D:08:18:64:33:90:30:69:B5:D6:BB:65:2F:98:42:8F:53:C8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GlQUBzcNJmw0558H72JeNJOtGUQ.roa
Signing time: Tue 28 Jan 2025 22:53:06 +0000
ROA not before: Tue 28 Jan 2025 22:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196826
IP address blocks: 91.215.44.0/23 maxlen: 23
91.215.46.0/24 maxlen: 24
195.60.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:af:1e:4f:4f:6a:08:ac:85:7f:3a:4e:31:a3:c0:64:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c11d08186433903069b5d6bb652f98428f53c808
Validity
Not Before: Jan 28 22:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a541407370d266c34e79f07ef625e3493ad1944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a3:d9:a6:f1:91:59:35:4c:bd:63:9f:3f:a9:
ec:5e:29:3b:63:1b:8f:52:78:98:77:64:85:c1:0b:
4d:3d:1a:3a:1a:14:8d:7b:4d:33:1a:51:90:ae:97:
89:a1:d5:76:80:3a:bb:55:c5:a7:0d:ad:bc:47:36:
8c:50:a9:73:5d:73:c5:26:81:4a:4b:18:58:3a:05:
12:36:54:05:71:d2:e4:92:d7:de:2a:0e:67:a8:db:
db:d0:48:c0:4e:2b:7a:4f:fa:4a:5a:1b:c1:eb:61:
c3:22:fd:18:85:b6:9e:3a:53:93:aa:f4:2a:e1:7c:
f3:7f:11:88:18:4d:d6:87:47:70:f4:a6:e6:96:73:
46:4f:86:2b:ca:ad:13:d3:ff:1a:43:0c:0f:12:c4:
5a:38:82:65:34:83:26:6c:89:6a:e7:d3:23:32:9b:
ee:3e:6e:e1:25:c3:55:c3:70:60:73:1e:aa:99:1c:
c5:36:1a:22:0c:4c:83:b1:f1:63:25:4a:4d:c2:b4:
be:a1:1d:28:a6:0c:c0:f9:c5:1b:9a:e7:6a:b6:a8:
f4:00:31:f7:d3:da:0a:61:ed:31:aa:69:67:e2:5a:
50:2c:6d:e9:45:24:01:3c:32:41:f7:e3:e9:cc:5b:
a4:e2:9b:78:3a:3a:94:76:16:02:48:fb:8d:5a:5f:
7d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:54:14:07:37:0D:26:6C:34:E7:9F:07:EF:62:5E:34:93:AD:19:44
X509v3 Authority Key Identifier:
keyid:C1:1D:08:18:64:33:90:30:69:B5:D6:BB:65:2F:98:42:8F:53:C8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GlQUBzcNJmw0558H72JeNJOtGUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.44.0-91.215.46.255
195.60.64.0/23
Signature Algorithm: sha256WithRSAEncryption
30:1d:38:1e:b3:18:e6:6d:ee:53:86:8b:01:ed:6e:a0:6b:00:
75:eb:3c:04:9b:c0:ea:b0:87:39:95:29:72:77:cf:91:29:37:
0f:cb:21:74:58:05:a5:0d:01:cf:44:f1:03:6a:2b:40:06:68:
a3:3b:40:dd:10:3b:66:7c:f8:93:e7:b5:13:8a:51:16:54:b3:
ce:f2:53:d5:a5:25:ef:91:60:c8:bd:d6:b1:18:a3:5d:f6:ad:
bd:92:bf:cb:7f:fa:65:99:eb:47:5c:9a:f3:b4:b0:31:4d:b5:
c5:2a:e3:b6:08:08:82:3d:4a:80:f1:01:7f:b2:fb:e0:19:e8:
fa:c0:a8:ee:04:99:44:03:9a:ce:bb:32:78:ac:95:be:38:77:
74:bc:83:17:f9:93:7a:05:33:7a:5c:04:de:13:53:d2:73:e3:
38:1d:3c:e8:ec:e2:a5:2b:49:01:44:5a:64:17:a7:50:94:82:
07:90:98:6a:49:d8:72:9d:70:01:12:9c:a1:8c:38:33:ba:ff:
7f:3c:3f:c1:d6:9f:8c:a0:fa:88:48:7d:43:c6:d1:57:e3:76:
71:b0:96:4e:18:67:46:5d:c9:15:84:b2:c3:32:45:7a:05:38:
fd:c6:ec:2c:1f:3d:4d:37:8a:89:70:0e:4e:81:fe:59:35:bf:
7b:b7:fc:5b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZSvHk9PagishX86TjGjwGSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMWQwODE4NjQzMzkwMzA2OWI1ZDZiYjY1MmY5ODQyOGY1
M2M4MDgwHhcNMjUwMTI4MjI1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU0MTQwNzM3MGQyNjZjMzRlNzlmMDdlZjYyNWUzNDkzYWQxOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qPZpvGRWTVMvWOfP6nsXik7YxuP
UniYd2SFwQtNPRo6GhSNe00zGlGQrpeJodV2gDq7VcWnDa28RzaMUKlzXXPFJoFK
SxhYOgUSNlQFcdLkktfeKg5nqNvb0EjATit6T/pKWhvB62HDIv0YhbaeOlOTqvQq
4XzzfxGIGE3Wh0dw9KbmlnNGT4Yryq0T0/8aQwwPEsRaOIJlNIMmbIlq59MjMpvu
Pm7hJcNVw3Bgcx6qmRzFNhoiDEyDsfFjJUpNwrS+oR0opgzA+cUbmudqtqj0ADH3
09oKYe0xqmln4lpQLG3pRSQBPDJB9+PpzFuk4pt4OjqUdhYCSPuNWl999wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBpUFAc3DSZsNOefB+9iXjSTrRlEMB8GA1UdIwQY
MBaAFMEdCBhkM5AwabXWu2UvmEKPU8gIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1IwSUdHUXprREJwdGRhN1pTLVlRbzlUeUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNjMzNTItODA4OC00ZjViLWE2MjAt
YWViNWNkOGRlMTVkLzEvR2xRVUJ6Y05KbXcwNTU4SDcySmVOSk90R1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNjMzNTItODA4OC00ZjViLWE2MjAtYWViNWNkOGRlMTVk
LzEvd1IwSUdHUXprREJwdGRhN1pTLVlRbzlUeUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJb1ywD
BABb1y4DBAHDPEAwDQYJKoZIhvcNAQELBQADggEBADAdOB6zGOZt7lOGiwHtbqBr
AHXrPASbwOqwhzmVKXJ3z5EpNw/LIXRYBaUNAc9E8QNqK0AGaKM7QN0QO2Z8+JPn
tROKURZUs87yU9WlJe+RYMi91rEYo132rb2Sv8t/+mWZ60dcmvO0sDFNtcUq47YI
CII9SoDxAX+y++AZ6PrAqO4EmUQDms67Mnislb44d3S8gxf5k3oFM3pcBN4TU9Jz
4zgdPOjs4qUrSQFEWmQXp1CUggeQmGpJ2HKdcAESnKGMODO6/388P8HWn4yg+ohI
fUPG0VfjdnGwlk4YZ0ZdyRWEssMyRXoFOP3G7CwfPU03iolwDk6B/lk1v3u3/Fs=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:53 2025 by rpki-client