Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/GTcKsjra2fZftzpJo8DppCQTzHE.roa
File: GTcKsjra2fZftzpJo8DppCQTzHE.roa (raw, json)
Hash identifier: xYFM2ySik8Fn2C4A9DBu1P2TBgzMFRsO3pVgQTU2YYI=
Subject key identifier: 19:37:0A:B2:3A:DA:D9:F6:5F:B7:3A:49:A3:C0:E9:A4:24:13:CC:71
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 018CC6B931010E71F157442F891DB5A7B842
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/GTcKsjra2fZftzpJo8DppCQTzHE.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33869
IP address blocks: 217.113.128.0/20 maxlen: 20
194.116.138.0/23 maxlen: 23
194.114.148.0/22 maxlen: 22
194.150.206.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:31:01:0e:71:f1:57:44:2f:89:1d:b5:a7:b8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19370ab23adad9f65fb73a49a3c0e9a42413cc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:7d:06:53:41:46:3d:e7:5d:93:05:91:80:
fc:64:f8:d3:2a:e7:d5:81:b7:21:83:d1:cc:4e:f2:
26:91:bf:64:75:c3:b7:e0:96:b6:14:ae:dd:05:68:
33:0d:f1:36:89:b4:e2:b1:41:39:a8:47:d5:86:f0:
72:98:35:c7:fe:aa:b2:01:b4:c0:3d:8c:0e:0f:1a:
6f:76:f7:11:7e:a8:2e:4a:6d:c9:92:85:8c:5c:99:
ef:a9:59:05:02:97:96:65:ca:c6:24:16:9f:8e:ec:
68:19:a9:9f:b3:6a:08:f8:79:05:99:8b:00:3d:45:
ac:c1:90:48:a2:f3:f1:5e:ce:e5:f1:52:08:1b:c0:
b7:1a:bc:58:19:91:1e:bf:44:dd:a3:dc:3a:61:3c:
0b:6c:ef:a2:a2:1a:9d:7d:22:f8:1d:d2:cf:68:d1:
5f:88:ef:ac:c9:48:bb:2e:f0:4d:5f:7b:f8:2a:fd:
1c:41:11:cf:90:ce:2c:e4:6e:41:28:6a:05:35:0a:
2c:20:68:f2:84:cb:ee:59:26:36:8b:47:19:1e:f8:
95:4e:6d:23:2e:2e:6c:18:3c:70:63:e0:87:e2:c9:
a9:6f:8f:69:cf:ab:98:a7:d2:f4:f2:fd:54:eb:e6:
29:2e:08:03:f7:6a:8f:71:47:f8:a9:72:cd:74:ba:
67:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:37:0A:B2:3A:DA:D9:F6:5F:B7:3A:49:A3:C0:E9:A4:24:13:CC:71
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/GTcKsjra2fZftzpJo8DppCQTzHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.114.148.0/22
194.116.138.0/23
194.150.206.0/23
217.113.128.0/20
Signature Algorithm: sha256WithRSAEncryption
d0:27:27:4a:bc:12:2b:a5:81:19:fd:77:47:78:c8:99:27:68:
e9:b3:0a:dc:42:8a:eb:5a:80:94:82:33:51:ad:75:71:17:e2:
8c:27:c8:9b:ce:fc:5a:e2:a5:1c:a5:d8:a2:fc:01:26:9b:89:
7c:6b:d1:0e:6b:7d:bb:05:3a:8e:e5:83:38:b0:33:85:4b:a5:
bc:cb:ce:b9:6c:e5:4c:0a:bf:a2:0e:89:72:f1:6a:85:d4:4a:
55:05:bb:9d:7a:12:7a:b4:9a:25:99:4a:9a:71:29:05:4d:5e:
72:bd:a7:f4:8e:46:b1:b9:7a:54:9d:fa:18:61:5f:70:09:e7:
74:18:b5:70:e9:aa:b5:42:e3:ca:e2:19:3d:48:ad:74:1c:50:
b5:bb:4b:f3:6c:37:07:06:f7:50:02:09:c0:54:9e:55:0a:45:
86:da:ae:a8:20:a5:a9:ab:e4:c9:5d:43:90:a7:14:e7:00:a3:
00:2d:b2:7e:8e:01:93:9e:35:76:45:39:01:a6:e2:fc:31:bf:
53:4f:f4:5f:63:19:1e:84:11:2a:76:66:48:8e:4d:09:86:79:
20:2d:14:9c:c1:ff:c0:82:75:38:39:50:89:e1:c8:af:b5:b9:
59:26:95:f3:52:c8:08:c6:cd:17:35:13:da:26:99:03:d9:03:
dd:28:e1:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuTEBDnHxV0QviR21p7hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM3MGFiMjNhZGFkOWY2NWZiNzNhNDlhM2MwZTlhNDI0MTNjYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhV9BlNBRj3nXZMFkYD8ZPjTKufV
gbchg9HMTvImkb9kdcO34Ja2FK7dBWgzDfE2ibTisUE5qEfVhvBymDXH/qqyAbTA
PYwODxpvdvcRfqguSm3JkoWMXJnvqVkFApeWZcrGJBafjuxoGamfs2oI+HkFmYsA
PUWswZBIovPxXs7l8VIIG8C3GrxYGZEev0Tdo9w6YTwLbO+iohqdfSL4HdLPaNFf
iO+syUi7LvBNX3v4Kv0cQRHPkM4s5G5BKGoFNQosIGjyhMvuWSY2i0cZHviVTm0j
Li5sGDxwY+CH4smpb49pz6uYp9L08v1U6+YpLggD92qPcUf4qXLNdLpnEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBk3CrI62tn2X7c6SaPA6aQkE8xxMB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvR1RjS3NqcmEyZlpmdHpwSm84RHBwQ1FUekhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwnKUAwQB
wnSKAwQBwpbOAwQE2XGAMA0GCSqGSIb3DQEBCwUAA4IBAQDQJydKvBIrpYEZ/XdH
eMiZJ2jpswrcQorrWoCUgjNRrXVxF+KMJ8ibzvxa4qUcpdii/AEmm4l8a9EOa327
BTqO5YM4sDOFS6W8y865bOVMCr+iDoly8WqF1EpVBbudehJ6tJolmUqacSkFTV5y
vaf0jkaxuXpUnfoYYV9wCed0GLVw6aq1QuPK4hk9SK10HFC1u0vzbDcHBvdQAgnA
VJ5VCkWG2q6oIKWpq+TJXUOQpxTnAKMALbJ+jgGTnjV2RTkBpuL8Mb9TT/RfYxke
hBEqdmZIjk0JhnkgLRScwf/AgnU4OVCJ4civtblZJpXzUsgIxs0XNRPaJpkD2QPd
KOF/
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:48 2024 by rpki-client on console-ams.rpki-client.org