Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/GlW6zMLj6EttAmWKHy7iwfBhWZE.roa
File: GlW6zMLj6EttAmWKHy7iwfBhWZE.roa (raw, json)
Hash identifier: ABJiNZOFb+afM+eJQ3jwpevUgACzN0c5eNSdwc405sQ=
Subject key identifier: 1A:55:BA:CC:C2:E3:E8:4B:6D:02:65:8A:1F:2E:E2:C1:F0:61:59:91
Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Certificate serial: 019831F0416940FAEBD2FE20CE81A452CA51
Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/GlW6zMLj6EttAmWKHy7iwfBhWZE.roa
Signing time: Tue 22 Jul 2025 11:41:25 +0000
ROA not before: Tue 22 Jul 2025 11:41:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8315
IP address blocks: 145.131.0.0/20 maxlen: 20
145.131.5.0/24 maxlen: 24
145.131.16.0/20 maxlen: 20
145.131.32.0/20 maxlen: 20
2001:678:76c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:f0:41:69:40:fa:eb:d2:fe:20:ce:81:a4:52:ca:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Validity
Not Before: Jul 22 11:41:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a55baccc2e3e84b6d02658a1f2ee2c1f0615991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:d9:9d:75:cf:20:27:4d:21:b7:73:19:eb:
23:8c:1f:ff:bb:8f:90:e5:26:8a:ef:8f:b1:53:20:
fb:bf:59:ef:bb:44:5b:d8:26:9d:80:9e:ec:eb:c8:
0e:24:a3:56:34:d2:6f:ce:ae:38:77:09:0b:1c:cd:
3d:8f:3a:73:db:c3:f6:cc:d6:50:9c:b9:d6:3d:50:
dd:89:c3:4d:a6:8c:c5:e7:7f:8c:fe:1e:7b:07:74:
29:0e:f9:52:93:5b:14:13:35:0f:52:19:01:99:a3:
e2:48:c9:cf:4e:eb:23:81:89:0e:c3:08:50:aa:79:
4c:1b:e8:fd:e5:d8:f5:ed:70:13:e0:cf:9d:da:10:
5e:25:72:58:40:f7:a3:42:7a:45:98:21:e2:bd:11:
59:bf:8c:22:fe:98:ad:af:19:32:b7:cf:be:d0:a5:
3b:46:c6:1f:eb:ad:2d:b5:6e:92:51:08:08:53:22:
6d:da:44:b5:d2:a7:53:c7:40:dd:f5:63:b8:44:4b:
15:90:da:6f:6c:20:0f:c1:31:96:5d:37:75:6e:cf:
f7:c0:6d:ef:da:47:cc:f1:da:de:85:67:66:c2:25:
d5:38:6d:a6:c6:89:e4:23:c8:9f:11:97:c0:89:bb:
39:ff:c3:44:a1:c2:bf:29:d1:69:c8:77:84:8b:7d:
06:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:55:BA:CC:C2:E3:E8:4B:6D:02:65:8A:1F:2E:E2:C1:F0:61:59:91
X509v3 Authority Key Identifier:
keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/GlW6zMLj6EttAmWKHy7iwfBhWZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.131.0.0-145.131.47.255
IPv6:
2001:678:76c::/48
Signature Algorithm: sha256WithRSAEncryption
63:99:b8:c6:69:86:a3:c7:73:61:70:c6:2c:8d:50:a8:a4:8a:
e8:71:15:e0:a4:1d:47:d4:16:09:aa:14:4c:15:d8:fb:d9:d0:
e3:8b:42:6a:94:50:cf:f0:96:21:5b:b0:46:44:78:ed:cf:6b:
af:3a:20:66:c7:94:de:f8:25:72:d4:2a:a6:4f:9f:9b:4f:51:
35:b6:f2:78:24:33:f1:ce:8f:7b:ed:be:5a:09:6d:b3:af:65:
1a:dd:98:10:6b:99:7a:98:89:15:d6:e6:07:11:39:7e:0c:1f:
45:42:5d:03:79:21:3d:2e:b1:6b:1b:9b:bb:01:d6:aa:74:a0:
56:ad:73:93:92:4c:d2:c2:b3:68:8f:df:83:19:ea:18:19:d2:
e0:06:4f:d2:2e:cd:e8:83:4a:74:a7:16:ec:09:ed:0e:9b:fe:
5f:2f:55:e2:da:04:91:f0:45:e4:90:f3:d7:f2:78:a7:46:d6:
77:77:b7:fd:68:a9:b5:0d:28:ad:16:12:c9:03:9a:36:5a:fd:
f4:92:f8:fc:e8:29:e8:e7:97:b6:db:70:aa:ae:17:ee:62:2e:
fd:77:81:72:f8:0b:8d:32:b3:3c:e9:3d:06:a9:15:6b:94:ee:
ca:7e:b6:2b:d8:04:91:80:40:5f:d1:cd:fb:ee:7d:3a:45:8d:
be:e6:f1:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgx8EFpQPrr0v4gzoGkUspRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4
NGU4YzYwHhcNMjUwNzIyMTE0MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU1YmFjY2MyZTNlODRiNmQwMjY1OGExZjJlZTJjMWYwNjE1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTjZnXXPICdNIbdzGesjjB//u4+Q
5SaK74+xUyD7v1nvu0Rb2CadgJ7s68gOJKNWNNJvzq44dwkLHM09jzpz28P2zNZQ
nLnWPVDdicNNpozF53+M/h57B3QpDvlSk1sUEzUPUhkBmaPiSMnPTusjgYkOwwhQ
qnlMG+j95dj17XAT4M+d2hBeJXJYQPejQnpFmCHivRFZv4wi/pitrxkyt8++0KU7
RsYf660ttW6SUQgIUyJt2kS10qdTx0Dd9WO4REsVkNpvbCAPwTGWXTd1bs/3wG3v
2kfM8drehWdmwiXVOG2mxonkI8ifEZfAibs5/8NEocK/KdFpyHeEi30G0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBpVuszC4+hLbQJlih8u4sHwYVmRMB8GA1UdIwQY
MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt
YjBkNzJlOTEwZWZlLzEvR2xXNnpNTGo2RXR0QW1XS0h5N2l3ZkJoV1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl
LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjATBAIAATANMAsDAwCRgwME
BJGDIDAPBAIAAjAJAwcAIAEGeAdsMA0GCSqGSIb3DQEBCwUAA4IBAQBjmbjGaYaj
x3NhcMYsjVCopIrocRXgpB1H1BYJqhRMFdj72dDji0JqlFDP8JYhW7BGRHjtz2uv
OiBmx5Te+CVy1CqmT5+bT1E1tvJ4JDPxzo977b5aCW2zr2Ua3ZgQa5l6mIkV1uYH
ETl+DB9FQl0DeSE9LrFrG5u7AdaqdKBWrXOTkkzSwrNoj9+DGeoYGdLgBk/SLs3o
g0p0pxbsCe0Om/5fL1Xi2gSR8EXkkPPX8ninRtZ3d7f9aKm1DSitFhLJA5o2Wv30
kvj86Cno55e223CqrhfuYi79d4Fy+AuNMrM86T0GqRVrlO7KfrYr2ASRgEBf0c37
7n06RY2+5vH8
-----END CERTIFICATE-----
Generated at Fri Jul 25 14:39:07 2025 by rpki-client