Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/GqOUJDMk-IFQdrsD-fU9eu4Qyek.roa
File: GqOUJDMk-IFQdrsD-fU9eu4Qyek.roa (raw, json)
Hash identifier: pmdKsVvhyhUrb6RefnEOlCVulb4+abNUam2FCZO1InY=
Subject key identifier: 1A:A3:94:24:33:24:F8:81:50:76:BB:03:F9:F5:3D:7A:EE:10:C9:E9
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 0194266C350F025C56410BD4CC757A163659
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/GqOUJDMk-IFQdrsD-fU9eu4Qyek.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43350
IP address blocks: 185.167.204.0/24 maxlen: 24
185.167.205.0/24 maxlen: 24
185.167.206.0/24 maxlen: 24
2a0b:b600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:35:0f:02:5c:56:41:0b:d4:cc:75:7a:16:36:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1aa394243324f8815076bb03f9f53d7aee10c9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:55:20:79:48:26:de:d0:3c:e6:05:46:3c:2d:
59:d8:eb:55:21:d4:bf:4a:80:c9:df:6c:e7:1e:cf:
73:4a:65:5c:99:54:c5:d9:dc:62:0a:7a:3d:4a:4b:
d1:2d:37:fa:2d:87:59:51:3f:4b:7f:1e:ad:cb:34:
ae:ca:f4:1b:cd:bc:4a:0e:9c:e8:49:b7:67:aa:aa:
d0:85:e1:bf:d1:d3:61:5a:2a:2f:65:6f:0b:4b:25:
90:d0:28:df:ad:a5:73:50:75:c2:d4:1b:c8:bd:34:
24:2c:07:eb:b3:29:ce:c1:a4:f7:fa:d8:89:b3:6a:
77:3b:b6:d5:a8:be:cf:48:fd:a5:10:84:9d:4b:0f:
71:fa:5e:2a:3b:9f:21:d4:17:4e:75:bf:17:76:96:
45:ba:8e:8a:ea:60:ce:24:0d:f0:fb:5e:4e:65:e3:
c8:99:65:09:fd:bf:ae:bd:16:8d:ca:aa:2b:e9:a4:
d7:b8:9c:cf:74:34:17:fe:9a:b2:a1:f2:05:30:ba:
df:af:92:6a:17:4b:ad:22:f0:02:d2:53:f8:d5:89:
f4:b4:55:ee:88:e4:11:ca:a5:d5:5f:c1:dc:a8:45:
71:d5:82:98:a0:4a:89:5e:3c:9a:7b:b0:d7:23:40:
03:3b:dd:54:60:7c:79:da:1b:71:32:d8:80:92:cc:
f8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A3:94:24:33:24:F8:81:50:76:BB:03:F9:F5:3D:7A:EE:10:C9:E9
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/GqOUJDMk-IFQdrsD-fU9eu4Qyek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.204.0-185.167.206.255
IPv6:
2a0b:b600::/48
Signature Algorithm: sha256WithRSAEncryption
56:9d:1b:48:b9:5f:79:2d:83:af:c7:e9:b6:f8:f1:d3:3d:d6:
ba:7f:a3:5d:1f:77:da:18:a1:ef:6e:1d:be:87:3f:95:c2:86:
7d:e6:f6:3a:06:cc:8f:36:1d:f4:9c:c2:5d:98:8c:2d:55:33:
8e:0b:97:a2:c3:ee:9f:fc:f2:03:6d:d2:54:d2:8d:2b:2b:0c:
6d:45:3f:15:4c:03:7f:a7:39:0e:74:ab:a0:72:09:3e:72:e2:
68:9e:44:5c:db:b4:ef:ad:b0:39:66:e5:dd:ce:f1:da:a0:56:
76:7f:8c:b3:b9:15:fe:01:ea:ad:8d:b2:23:a4:bf:7a:d7:f7:
52:61:f2:0f:6c:a3:28:44:07:9e:d2:ed:da:bd:e4:f7:6b:4a:
87:e2:5e:85:1f:fe:32:aa:26:e0:69:91:3b:bf:ea:40:3b:6d:
8e:2c:06:26:81:2b:1c:31:e1:ba:a9:76:e5:44:93:d9:2d:d2:
7f:28:08:ca:8e:cc:ea:22:3a:6d:05:4a:be:1f:e6:85:2b:d6:
3a:a6:b3:65:c4:93:f5:40:52:f4:a5:40:7c:31:a4:51:de:b0:
6b:1b:10:4d:31:d2:58:8d:37:76:70:a5:ec:2f:e0:65:ef:7c:
dd:6b:8b:51:9b:10:93:da:cf:15:97:23:b1:94:7e:9f:e9:0f:
df:f4:fb:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQmbDUPAlxWQQvUzHV6FjZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEzOTQyNDMzMjRmODgxNTA3NmJiMDNmOWY1M2Q3YWVlMTBjOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFUgeUgm3tA85gVGPC1Z2OtVIdS/
SoDJ32znHs9zSmVcmVTF2dxiCno9SkvRLTf6LYdZUT9Lfx6tyzSuyvQbzbxKDpzo
SbdnqqrQheG/0dNhWiovZW8LSyWQ0CjfraVzUHXC1BvIvTQkLAfrsynOwaT3+tiJ
s2p3O7bVqL7PSP2lEISdSw9x+l4qO58h1BdOdb8XdpZFuo6K6mDOJA3w+15OZePI
mWUJ/b+uvRaNyqor6aTXuJzPdDQX/pqyofIFMLrfr5JqF0utIvAC0lP41Yn0tFXu
iOQRyqXVX8HcqEVx1YKYoEqJXjyae7DXI0ADO91UYHx52htxMtiAksz4jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqjlCQzJPiBUHa7A/n1PXruEMnpMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvR3FPVUpETWstSUZRZHJzRC1mVTlldTRReWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAK5p8wD
BAC5p84wDwQCAAIwCQMHACoLtgAAADANBgkqhkiG9w0BAQsFAAOCAQEAVp0bSLlf
eS2Dr8fptvjx0z3Wun+jXR932hih724dvoc/lcKGfeb2OgbMjzYd9JzCXZiMLVUz
jguXosPun/zyA23SVNKNKysMbUU/FUwDf6c5DnSroHIJPnLiaJ5EXNu0762wOWbl
3c7x2qBWdn+Ms7kV/gHqrY2yI6S/etf3UmHyD2yjKEQHntLt2r3k92tKh+JehR/+
Mqom4GmRO7/qQDttjiwGJoErHDHhuql25UST2S3SfygIyo7M6iI6bQVKvh/mhSvW
OqazZcST9UBS9KVAfDGkUd6waxsQTTHSWI03dnCl7C/gZe983WuLUZsQk9rPFZcj
sZR+n+kP3/T7Jw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:25:04 2025 by rpki-client