Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/GX0hRHwpO_GFAf_Dl8eMW3z_248.roa
File: GX0hRHwpO_GFAf_Dl8eMW3z_248.roa (raw, json)
Hash identifier: HctIB8ovJUFcdq28I1mZn+xQVZZMOfz92Vt9MrUaS78=
Subject key identifier: 19:7D:21:44:7C:29:3B:F1:85:01:FF:C3:97:C7:8C:5B:7C:FF:DB:8F
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 0194F4BF90E20535DAA0A1052E17FDE9406D
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/GX0hRHwpO_GFAf_Dl8eMW3z_248.roa
Signing time: Tue 11 Feb 2025 11:23:02 +0000
ROA not before: Tue 11 Feb 2025 11:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31480
IP address blocks: 91.196.32.0/22 maxlen: 22
185.59.136.0/24 maxlen: 24
193.151.108.0/22 maxlen: 22
193.151.108.0/24 maxlen: 24
193.151.110.0/24 maxlen: 24
2a0c:1d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:bf:90:e2:05:35:da:a0:a1:05:2e:17:fd:e9:40:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Feb 11 11:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=197d21447c293bf18501ffc397c78c5b7cffdb8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d4:91:e2:ab:e1:9c:d3:60:38:fe:a7:30:3a:
58:28:8b:0d:f0:2e:43:36:f1:04:bc:bb:d4:5b:c1:
7d:5c:29:51:87:ce:79:34:e1:05:52:ff:3e:d6:13:
28:ba:e0:aa:03:c2:2d:96:d0:36:b3:be:b2:45:9e:
44:ca:0c:0b:39:3e:50:46:51:b7:b5:1f:ea:2b:95:
ab:9d:40:94:ee:4a:e4:79:00:7b:d4:8e:4e:73:73:
8d:bf:71:3e:af:ca:84:35:af:ae:bc:ee:c6:3e:5a:
fc:ed:d2:af:30:02:18:6f:c8:39:2d:53:58:25:c3:
22:de:e1:aa:64:7f:0a:2f:24:50:b3:c5:42:12:d8:
b8:06:c2:7e:79:4d:f7:2e:ca:b3:5e:73:32:e7:f3:
e3:7d:ca:1d:83:03:cb:53:18:7b:ae:cd:a8:f7:1f:
f3:8d:bd:ca:69:34:2e:bb:8d:db:fb:8a:7f:30:1a:
9e:ef:20:85:6b:2f:42:33:15:bd:7c:a1:f4:cd:5d:
84:a1:11:1a:ce:c6:be:66:a4:25:5f:8c:20:41:19:
d1:c4:47:bc:f9:96:bc:53:ff:25:10:6b:35:c2:f7:
53:c1:e5:ae:74:f1:71:36:1a:34:d9:9a:1f:18:55:
12:0e:29:9e:e7:2f:47:9c:00:64:b7:22:51:a9:59:
5b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7D:21:44:7C:29:3B:F1:85:01:FF:C3:97:C7:8C:5B:7C:FF:DB:8F
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/GX0hRHwpO_GFAf_Dl8eMW3z_248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
185.59.136.0/24
193.151.108.0/22
IPv6:
2a0c:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
7e:e5:b9:dc:aa:84:d7:f0:18:72:c4:76:65:2d:c7:ce:7f:16:
74:05:4d:60:68:4d:3f:5c:01:db:63:8a:27:d1:98:be:62:29:
2c:40:7e:60:21:bc:d5:f0:25:97:b1:09:ac:63:89:be:b1:70:
d3:e7:ee:ce:a9:a6:ae:04:0c:8d:ef:65:a7:06:5f:da:57:8a:
94:76:b8:fb:2e:95:dd:37:29:04:e0:67:e8:ba:6b:4c:d7:3d:
e7:3e:a5:b1:e7:74:34:23:29:bb:9e:c8:6c:66:fd:99:47:22:
31:63:22:70:ea:76:28:68:0d:fe:19:5c:c1:6c:c3:59:ee:14:
ab:60:24:b7:42:30:81:d3:66:a8:23:73:ad:79:f3:75:46:86:
c8:d5:a0:40:58:bd:e6:f9:ac:17:b3:2b:ac:d5:0d:29:f8:68:
ad:eb:e0:38:54:9d:4a:da:96:74:7f:42:81:8f:90:ac:0a:c6:
74:86:4f:76:5c:10:38:5c:34:25:bb:8a:82:da:1c:e1:1f:b4:
24:60:e9:ca:aa:99:9b:4e:64:75:74:3a:7c:a6:86:44:d2:64:
a6:c2:97:3e:15:24:30:a3:16:e8:fa:6e:76:4b:ba:43:26:08:
f2:eb:0d:31:9c:25:ff:ea:d7:72:ba:f0:96:d8:cd:11:92:a7:
ab:b7:16:9d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZT0v5DiBTXaoKEFLhf96UBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjUwMjExMTEyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdkMjE0NDdjMjkzYmYxODUwMWZmYzM5N2M3OGM1YjdjZmZkYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodSR4qvhnNNgOP6nMDpYKIsN8C5D
NvEEvLvUW8F9XClRh855NOEFUv8+1hMouuCqA8ItltA2s76yRZ5EygwLOT5QRlG3
tR/qK5WrnUCU7krkeQB71I5Oc3ONv3E+r8qENa+uvO7GPlr87dKvMAIYb8g5LVNY
JcMi3uGqZH8KLyRQs8VCEti4BsJ+eU33LsqzXnMy5/PjfcodgwPLUxh7rs2o9x/z
jb3KaTQuu43b+4p/MBqe7yCFay9CMxW9fKH0zV2EoREazsa+ZqQlX4wgQRnRxEe8
+Za8U/8lEGs1wvdTweWudPFxNho02ZofGFUSDime5y9HnABktyJRqVlbxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBl9IUR8KTvxhQH/w5fHjFt8/9uPMB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvR1gwaFJId3BPX0dGQWZfRGw4ZU1XM3pfMjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQB+5bnc
qoTX8BhyxHZlLcfOfxZ0BU1gaE0/XAHbY4on0Zi+YiksQH5gIbzV8CWXsQmsY4m+
sXDT5+7OqaauBAyN72WnBl/aV4qUdrj7LpXdNykE4GfoumtM1z3nPqWx53Q0Iym7
nshsZv2ZRyIxYyJw6nYoaA3+GVzBbMNZ7hSrYCS3QjCB02aoI3OtefN1RobI1aBA
WL3m+awXsyus1Q0p+Git6+A4VJ1K2pZ0f0KBj5CsCsZ0hk92XBA4XDQlu4qC2hzh
H7QkYOnKqpmbTmR1dDp8poZE0mSmwpc+FSQwoxbo+m52S7pDJgjy6w0xnCX/6tdy
uvCW2M0Rkqertxad
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:39:04 2025 by rpki-client