Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/GJoKWxqXVe9byJ7vEN4O3FsAPbw.roa
File: GJoKWxqXVe9byJ7vEN4O3FsAPbw.roa (raw, json)
Hash identifier: 3INb6wymsZxncaYsZTd/NPz0kxdapcCp+SJMbjM8l0Y=
Subject key identifier: 18:9A:0A:5B:1A:97:55:EF:5B:C8:9E:EF:10:DE:0E:DC:5B:00:3D:BC
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019513CB43040A710929F271F424C0D68B61
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/GJoKWxqXVe9byJ7vEN4O3FsAPbw.roa
Signing time: Mon 17 Feb 2025 12:04:02 +0000
ROA not before: Mon 17 Feb 2025 12:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
195.250.30.0/24 maxlen: 24
195.250.31.0/24 maxlen: 24
198.38.81.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
198.38.84.0/24 maxlen: 24
198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:cb:43:04:0a:71:09:29:f2:71:f4:24:c0:d6:8b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Feb 17 12:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=189a0a5b1a9755ef5bc89eef10de0edc5b003dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:f9:b3:9c:f8:11:bf:cc:d5:e9:9d:a2:dc:
53:3d:c3:98:69:a9:aa:7f:4a:20:2f:c5:70:c7:e6:
0b:30:cb:9e:e1:3d:84:e4:11:8d:44:3e:f1:92:6a:
0a:96:d5:12:71:c2:db:89:3b:9b:bb:55:42:db:4c:
9f:d8:2a:50:34:23:5c:da:fc:0e:67:9f:8e:3b:cd:
c4:6b:72:b9:32:65:07:1b:f3:2a:08:a8:3e:66:0d:
0b:dc:b4:6c:e0:b6:8d:7b:ab:b0:02:b4:da:f5:34:
27:48:30:38:ec:ca:9a:64:58:86:65:45:e3:d5:b6:
f8:1a:dc:ea:d5:74:dd:c1:c4:fa:cf:d4:a0:c8:90:
e6:d4:73:a3:6a:2b:b3:a8:f5:e4:92:19:ba:6c:8b:
bf:4f:00:5e:91:fd:32:f8:71:13:19:aa:99:73:70:
90:71:f8:b1:27:f1:c3:98:5a:03:6a:b5:a8:8a:13:
f6:10:0b:a5:3f:5a:3a:f6:5a:a9:10:92:ac:7d:8f:
c1:a1:9b:be:71:9e:5f:ef:92:25:26:df:3a:47:60:
33:54:9a:e2:d5:98:d5:f7:de:2a:0d:1e:37:63:b5:
81:e9:33:74:c7:fe:bc:c0:e8:97:a2:24:7e:35:fd:
4a:9a:fa:96:3b:28:62:ef:19:60:ba:49:79:9d:1a:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9A:0A:5B:1A:97:55:EF:5B:C8:9E:EF:10:DE:0E:DC:5B:00:3D:BC
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/GJoKWxqXVe9byJ7vEN4O3FsAPbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0-195.250.22.255
195.250.30.0/23
198.38.81.0/24
198.38.83.0-198.38.89.255
Signature Algorithm: sha256WithRSAEncryption
4d:2b:f1:88:2c:8b:8d:68:6b:a1:76:2a:a6:a5:ab:ea:86:22:
af:53:ac:2e:61:1f:dc:a1:5c:38:98:d3:f1:00:2c:22:1b:fc:
09:48:0c:99:3e:3b:67:17:7f:b9:fd:d3:11:a5:44:4c:a5:61:
7d:e0:cf:a7:79:67:a9:25:25:f6:1d:6e:aa:8a:06:0e:45:42:
7b:69:ff:3b:ad:44:84:ea:3b:96:45:a0:62:b0:c9:a0:06:9c:
b8:48:bd:d3:f4:90:ca:b1:a3:7c:2c:fe:68:1b:c5:9c:7e:3c:
3f:d9:7d:3f:b4:93:d7:69:d1:f0:4d:35:f3:8f:bf:19:7b:91:
51:bc:ef:94:44:12:ac:56:3d:ef:ab:8e:19:f7:9e:38:7a:83:
5d:2c:aa:b8:05:38:2c:50:89:42:8d:60:9a:b2:30:28:ed:48:
ce:9f:44:90:35:a6:af:5f:77:64:d2:05:60:04:b3:1f:40:96:
70:89:d6:dd:95:19:d1:71:23:eb:d6:d0:e9:d6:67:43:56:83:
76:0e:1d:27:58:e8:b5:d6:b4:53:7e:36:52:3f:e7:b9:96:d7:
86:ed:e9:b9:dc:94:97:9f:a1:a9:3e:ff:09:b1:c7:3b:4c:62:
ee:7d:dc:41:db:63:8f:1c:a2:da:78:21:6b:8d:85:56:bc:90:
97:bc:23:5c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZUTy0MECnEJKfJx9CTA1othMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMjE3MTIwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODlhMGE1YjFhOTc1NWVmNWJjODllZWYxMGRlMGVkYzViMDAzZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNL5s5z4Eb/M1emdotxTPcOYaamq
f0ogL8Vwx+YLMMue4T2E5BGNRD7xkmoKltUSccLbiTubu1VC20yf2CpQNCNc2vwO
Z5+OO83Ea3K5MmUHG/MqCKg+Zg0L3LRs4LaNe6uwArTa9TQnSDA47MqaZFiGZUXj
1bb4Gtzq1XTdwcT6z9SgyJDm1HOjaiuzqPXkkhm6bIu/TwBekf0y+HETGaqZc3CQ
cfixJ/HDmFoDarWoihP2EAulP1o69lqpEJKsfY/BoZu+cZ5f75IlJt86R2AzVJri
1ZjV994qDR43Y7WB6TN0x/68wOiXoiR+Nf1KmvqWOyhi7xlgukl5nRqh1QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBiaClsal1XvW8ie7xDeDtxbAD28MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvR0pvS1d4cVhWZTlieUo3dkVONE8zRnNBUGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQARTmsAwQB
vlyuMAwDBALD+hQDBADD+hYDBAHD+h4DBADGJlEwDAMEAMYmUwMEAcYmWDANBgkq
hkiG9w0BAQsFAAOCAQEATSvxiCyLjWhroXYqpqWr6oYir1OsLmEf3KFcOJjT8QAs
Ihv8CUgMmT47Zxd/uf3TEaVETKVhfeDPp3lnqSUl9h1uqooGDkVCe2n/O61EhOo7
lkWgYrDJoAacuEi90/SQyrGjfCz+aBvFnH48P9l9P7ST12nR8E0184+/GXuRUbzv
lEQSrFY976uOGfeeOHqDXSyquAU4LFCJQo1gmrIwKO1Izp9EkDWmr193ZNIFYASz
H0CWcInW3ZUZ0XEj69bQ6dZnQ1aDdg4dJ1jotda0U342Uj/nuZbXhu3pudyUl5+h
qT7/CbHHO0xi7n3cQdtjjxyi2ngha42FVryQl7wjXA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:15 2025 by rpki-client