Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/GUBBBIZzQRA8Rpx6D-DAmvZqRxI.roa
File: GUBBBIZzQRA8Rpx6D-DAmvZqRxI.roa (raw, json)
Hash identifier: 8w9Tzb8nkNmN5RxEfA3KAEABZ/o+zJ/ZAM04AV1B08g=
Subject key identifier: 19:40:41:04:86:73:41:10:3C:46:9C:7A:0F:E0:C0:9A:F6:6A:47:12
Certificate issuer: /CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Certificate serial: 018CC94ADCB611C408EED8E1995A73E858E3
Authority key identifier: 40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/GUBBBIZzQRA8Rpx6D-DAmvZqRxI.roa
Signing time: Tue 02 Jan 2024 08:29:35 +0000
ROA not before: Tue 02 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58264
IP address blocks: 94.143.64.0/21 maxlen: 21
185.246.228.0/22 maxlen: 22
2a06:b140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:dc:b6:11:c4:08:ee:d8:e1:99:5a:73:e8:58:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Validity
Not Before: Jan 2 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19404104867341103c469c7a0fe0c09af66a4712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:bb:46:e8:2a:ee:76:4d:2e:c9:52:17:7c:
22:0a:39:92:90:41:20:ec:1f:f6:9d:62:52:0c:ee:
05:6f:88:c8:89:a9:96:99:10:cc:9e:69:df:53:07:
f3:3f:0d:7c:d1:59:70:32:03:1b:6d:e1:61:82:da:
fe:d7:1b:99:56:7c:73:97:f2:46:06:6f:59:1c:45:
e8:b8:7b:7b:d0:d8:ab:08:af:da:96:6a:fc:5f:b2:
0c:ff:ca:c5:55:25:12:5d:ec:db:29:b5:71:b9:17:
e1:1c:1d:14:90:a9:9c:14:b3:f9:7d:60:30:e5:29:
43:6f:5d:a7:4e:0b:8f:b2:b2:6f:30:3c:6d:a9:a5:
e6:b4:9d:f5:3a:86:07:ef:53:51:a6:60:20:4b:83:
74:0c:65:c9:19:c9:9f:2e:9d:67:f0:ba:8e:87:f0:
c8:2e:81:c3:ae:28:26:10:dd:67:74:96:f9:b3:8d:
51:aa:f5:ba:25:26:80:04:ec:d1:a8:11:27:c7:98:
5c:b0:4b:db:32:b7:95:fa:19:ba:64:95:15:36:54:
3f:a3:3b:d9:46:45:ef:bd:c9:07:17:72:25:31:f3:
02:08:36:e7:bf:3f:75:6a:8b:e2:d3:04:2d:bd:08:
0a:f3:30:18:a7:b5:30:be:bc:15:30:f7:3a:05:f5:
32:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:40:41:04:86:73:41:10:3C:46:9C:7A:0F:E0:C0:9A:F6:6A:47:12
X509v3 Authority Key Identifier:
keyid:40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/GUBBBIZzQRA8Rpx6D-DAmvZqRxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.64.0/21
185.246.228.0/22
IPv6:
2a06:b140::/29
Signature Algorithm: sha256WithRSAEncryption
7f:5d:3f:8d:be:7d:69:13:c6:00:26:44:5a:64:04:a1:98:1a:
a3:96:b4:17:71:ff:9c:f5:1a:c3:15:8a:0a:10:6a:02:97:8c:
69:4e:cc:5a:a9:04:a1:38:b5:f0:d0:81:cc:27:32:68:b6:ce:
cf:7f:ba:c3:92:d8:e1:9c:28:32:fc:0f:41:92:a1:75:1b:df:
38:f5:3a:da:75:e9:cd:6c:dd:21:d4:dc:d8:49:21:c7:85:75:
f4:24:6e:85:e0:1e:a4:dc:f0:29:05:3a:72:c5:49:5e:19:d2:
c2:b4:7a:17:10:c0:27:87:5b:2c:92:27:da:94:1e:a2:09:00:
c2:b7:4d:a7:06:02:0e:16:89:46:f5:1d:96:b0:4d:fc:54:23:
ff:8d:b3:69:0d:27:68:03:04:f5:69:2e:d5:fc:70:32:79:fb:
dc:81:60:ad:0e:72:1a:45:cd:82:fe:22:35:e5:39:cb:92:16:
24:23:00:97:7a:b6:1e:59:41:bd:a3:ae:60:90:4e:4b:d0:08:
74:86:5c:9d:f9:63:a8:e9:17:29:35:03:99:07:b8:3e:29:01:
08:a0:44:cd:09:aa:70:99:fa:89:34:53:c3:ff:e1:20:49:d1:
77:11:95:22:2e:d8:f9:5d:42:ff:39:55:a6:79:f2:48:a4:c9:
76:86:31:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJSty2EcQI7tjhmVpz6FjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU2MTBiZGNkMjNiYWQyYjExOTJiZDQ1Y2E4YTk3NmQz
ODU1ZGEwHhcNMjQwMTAyMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQwNDEwNDg2NzM0MTEwM2M0NjljN2EwZmUwYzA5YWY2NmE0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSy7Rugq7nZNLslSF3wiCjmSkEEg
7B/2nWJSDO4Fb4jIiamWmRDMnmnfUwfzPw180VlwMgMbbeFhgtr+1xuZVnxzl/JG
Bm9ZHEXouHt70NirCK/almr8X7IM/8rFVSUSXezbKbVxuRfhHB0UkKmcFLP5fWAw
5SlDb12nTguPsrJvMDxtqaXmtJ31OoYH71NRpmAgS4N0DGXJGcmfLp1n8LqOh/DI
LoHDrigmEN1ndJb5s41RqvW6JSaABOzRqBEnx5hcsEvbMreV+hm6ZJUVNlQ/ozvZ
RkXvvckHF3IlMfMCCDbnvz91aovi0wQtvQgK8zAYp7UwvrwVMPc6BfUy/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBlAQQSGc0EQPEaceg/gwJr2akcSMB8GA1UdIwQY
MBaAFEDuYQvc0jutKxGSvUXKipdtOFXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYt
YTZjMTdjZTgyZDc3LzEvR1VCQkJJWnpRUkE4UnB4NkQtREFtdlpxUnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYtYTZjMTdjZTgyZDc3
LzEvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo9AAwQC
ufbkMA0EAgACMAcDBQMqBrFAMA0GCSqGSIb3DQEBCwUAA4IBAQB/XT+Nvn1pE8YA
JkRaZAShmBqjlrQXcf+c9RrDFYoKEGoCl4xpTsxaqQShOLXw0IHMJzJots7Pf7rD
ktjhnCgy/A9BkqF1G9849TradenNbN0h1NzYSSHHhXX0JG6F4B6k3PApBTpyxUle
GdLCtHoXEMAnh1sskifalB6iCQDCt02nBgIOFolG9R2WsE38VCP/jbNpDSdoAwT1
aS7V/HAyefvcgWCtDnIaRc2C/iI15TnLkhYkIwCXerYeWUG9o65gkE5L0Ah0hlyd
+WOo6RcpNQOZB7g+KQEIoETNCapwmfqJNFPD/+EgSdF3EZUiLtj5XUL/OVWmefJI
pMl2hjEl
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:36 2024 by rpki-client on console-ams.rpki-client.org