Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/GuUirRr9ro-L5RKFTZKdMaDKgns.roa
File: GuUirRr9ro-L5RKFTZKdMaDKgns.roa (raw, json)
Hash identifier: NvRMMLXBvbp7pw+Uz90pD+5NQdj8A+dO10OEOgDxb80=
Subject key identifier: 1A:E5:22:AD:1A:FD:AE:8F:8B:E5:12:85:4D:92:9D:31:A0:CA:82:7B
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016842799BE6EBC9BA01060ED54869
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/GuUirRr9ro-L5RKFTZKdMaDKgns.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 139.156.0.0/16 maxlen: 16
213.162.160.0/19 maxlen: 19
145.54.0.0/16 maxlen: 16
195.190.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:68:42:79:9b:e6:eb:c9:ba:01:06:0e:d5:48:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ae522ad1afdae8f8be512854d929d31a0ca827b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f0:72:46:e9:fc:1a:78:25:8c:32:1f:35:ab:
ac:f0:a3:67:8f:68:46:4e:ed:3f:5a:e6:f8:96:68:
88:a8:27:1c:99:eb:1e:93:7f:29:d4:87:77:3e:78:
2e:c2:40:b5:9c:16:54:1a:ac:f6:bf:d3:bc:e6:6d:
69:6b:15:fc:13:08:dc:9a:92:ab:c8:06:37:c1:f8:
8f:6b:b1:8d:e7:34:57:35:49:78:4e:f5:60:31:04:
17:a8:01:c6:82:5a:2e:de:8c:fd:fe:f1:f9:bc:b4:
78:b0:f9:90:3e:b7:80:91:13:43:2e:a3:f2:26:8e:
36:0c:6b:bd:36:e4:fb:2b:75:f8:cc:5a:40:89:4b:
09:9f:a8:05:57:d6:e0:65:93:ec:1d:b8:3a:62:28:
e8:2f:24:01:ac:19:16:d0:81:2b:a5:b3:6e:d3:8a:
20:3e:e6:50:a9:d0:53:67:42:26:d4:01:ed:4a:4e:
82:f4:83:cd:cc:f3:be:2c:aa:d2:e1:87:ce:0e:38:
25:ad:28:43:3e:3e:30:cf:3a:21:37:e7:7a:b4:80:
17:e2:ef:20:21:7e:9e:8f:f8:64:a5:fa:6b:7a:3c:
fc:36:04:84:66:00:2a:5d:81:34:6a:f6:47:86:de:
10:2a:84:c5:e2:5f:6d:22:19:f2:d3:6b:f9:bd:3d:
54:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E5:22:AD:1A:FD:AE:8F:8B:E5:12:85:4D:92:9D:31:A0:CA:82:7B
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/GuUirRr9ro-L5RKFTZKdMaDKgns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.156.0.0/16
145.54.0.0/16
195.190.224.0/19
213.162.160.0/19
Signature Algorithm: sha256WithRSAEncryption
23:bf:4e:b5:69:a0:cf:8c:ed:c3:b8:34:3d:0b:ee:49:4f:b0:
97:46:cd:3d:05:ad:63:06:f3:f6:ad:ee:e3:39:d4:75:d9:33:
f7:e6:32:93:06:70:45:bf:ee:10:e2:01:ab:6f:fa:94:b7:16:
ac:17:d7:9d:b1:b0:cf:9a:a7:15:9b:fa:92:46:1d:a7:f2:e1:
6f:6e:f0:00:9e:99:d4:4b:e7:e9:6f:7b:70:6f:ce:65:1d:e8:
67:ea:7c:06:e9:17:b7:f8:0d:b2:d8:b2:6f:99:8d:33:46:4c:
b3:59:5f:06:72:d8:b6:8a:64:b0:92:d8:66:d4:14:5c:ff:a3:
42:fd:ac:dd:ac:fe:d6:92:75:e2:36:6f:f7:c4:70:c2:0e:cd:
36:f2:3b:3f:d5:51:04:14:b3:98:19:1d:94:27:64:c6:90:d7:
97:d4:9b:b4:e2:31:0f:51:67:1f:e8:00:2f:7a:bd:02:e3:53:
5b:36:c8:dc:22:3c:54:93:b1:4f:37:90:34:70:0c:24:6b:db:
28:42:6f:3c:51:ef:12:15:a6:b3:39:af:c4:3f:d9:82:39:11:
f1:4b:3f:bd:6c:b6:24:d6:8a:09:6e:9b:3a:92:0f:2f:51:02:
e7:84:ca:a8:31:fc:03:45:87:1b:0f:d0:b8:66:37:3d:cb:f5:
1a:81:af:39
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIAWhCeZvm68m6AQYO1UhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU1MjJhZDFhZmRhZThmOGJlNTEyODU0ZDkyOWQzMWEwY2E4MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvByRun8GngljDIfNaus8KNnj2hG
Tu0/Wub4lmiIqCccmesek38p1Id3PnguwkC1nBZUGqz2v9O85m1paxX8EwjcmpKr
yAY3wfiPa7GN5zRXNUl4TvVgMQQXqAHGglou3oz9/vH5vLR4sPmQPreAkRNDLqPy
Jo42DGu9NuT7K3X4zFpAiUsJn6gFV9bgZZPsHbg6YijoLyQBrBkW0IErpbNu04og
PuZQqdBTZ0Im1AHtSk6C9IPNzPO+LKrS4YfODjglrShDPj4wzzohN+d6tIAX4u8g
IX6ej/hkpfprejz8NgSEZgAqXYE0avZHht4QKoTF4l9tIhny02v5vT1UPQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBrlIq0a/a6Pi+UShU2SnTGgyoJ7MB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvR3VVaXJScjlyby1MNVJLRlRaS2RNYURLZ25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMAi5wDAwCR
NgMEBcO+4AMEBdWioDANBgkqhkiG9w0BAQsFAAOCAQEAI79OtWmgz4ztw7g0PQvu
SU+wl0bNPQWtYwbz9q3u4znUddkz9+YykwZwRb/uEOIBq2/6lLcWrBfXnbGwz5qn
FZv6kkYdp/Lhb27wAJ6Z1Evn6W97cG/OZR3oZ+p8BukXt/gNstiyb5mNM0ZMs1lf
BnLYtopksJLYZtQUXP+jQv2s3az+1pJ14jZv98Rwwg7NNvI7P9VRBBSzmBkdlCdk
xpDXl9SbtOIxD1FnH+gAL3q9AuNTWzbI3CI8VJOxTzeQNHAMJGvbKEJvPFHvEhWm
szmvxD/ZgjkR8Us/vWy2JNaKCW6bOpIPL1EC54TKqDH8A0WHGw/QuGY3Pcv1GoGv
OQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:05:55 2024 by rpki-client on console-ams.rpki-client.org