Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/GF6qwIhn7BKx8zVT1r1ZzDDltcs.roa
File: GF6qwIhn7BKx8zVT1r1ZzDDltcs.roa (raw, json)
Hash identifier: oGf8wMfqUF8JdbLvtQMA0kJ00Y8rIVvgSBkLwNEB5B4=
Subject key identifier: 18:5E:AA:C0:88:67:EC:12:B1:F3:35:53:D6:BD:59:CC:30:E5:B5:CB
Certificate issuer: /CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Certificate serial: 01941FFA55779A4C97A68811C7A6AC82D22A
Authority key identifier: 8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/GF6qwIhn7BKx8zVT1r1ZzDDltcs.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202038
IP address blocks: 94.199.232.0/21 maxlen: 24
109.234.224.0/21 maxlen: 24
185.78.216.0/22 maxlen: 24
185.108.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:55:77:9a:4c:97:a6:88:11:c7:a6:ac:82:d2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=185eaac08867ec12b1f33553d6bd59cc30e5b5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:31:0c:35:e4:29:25:8c:c6:a5:dc:9c:b3:b9:
ff:a7:45:fc:18:f8:e5:37:f0:13:22:f1:32:26:d7:
f4:39:9c:38:bd:43:6f:5d:85:d9:c1:ee:e6:97:c0:
cd:36:c3:07:55:58:19:f8:d8:52:3d:e3:54:94:e8:
f3:08:d5:fc:d9:7b:09:80:04:66:97:f1:e7:16:f4:
86:2c:4c:25:87:39:7e:48:26:cb:4f:84:3f:c8:61:
cd:7b:54:97:66:60:c2:72:85:90:bd:db:a4:87:fe:
d2:2f:dc:70:c7:a0:8a:02:ce:05:a7:b1:d6:65:01:
ac:90:ab:6e:d6:e5:c4:0e:db:dd:aa:ec:83:e6:7b:
2a:60:20:b4:d0:f7:b0:86:97:a9:45:ef:70:c4:1a:
27:a8:8e:3b:0e:c8:40:56:18:85:1c:cc:3e:76:eb:
be:24:bc:69:f4:95:00:32:ef:8f:72:e5:69:ee:10:
52:89:09:fa:ef:f0:4d:e7:38:78:ad:15:4e:82:12:
dd:bb:cc:78:ec:cf:22:6a:25:db:0c:c9:9c:a6:59:
e9:ea:b8:e7:ef:a4:e7:4b:26:b8:c5:e2:95:f3:bf:
9a:9c:ef:92:9a:09:ce:db:7e:37:68:78:f5:f3:9c:
45:bf:55:55:f8:e8:d1:9a:b6:bc:a6:6f:f0:23:f8:
bb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5E:AA:C0:88:67:EC:12:B1:F3:35:53:D6:BD:59:CC:30:E5:B5:CB
X509v3 Authority Key Identifier:
keyid:8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/GF6qwIhn7BKx8zVT1r1ZzDDltcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.232.0/21
109.234.224.0/21
185.78.216.0/22
185.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
24:6d:90:5b:48:0b:ea:8f:a3:e8:4e:32:27:e7:c4:bb:f6:a0:
62:3a:30:60:a3:28:e5:d6:e8:50:fd:ea:ea:2d:11:bd:42:9c:
d4:b5:e3:12:83:c3:e8:e2:60:78:06:f9:10:04:77:a2:6b:85:
81:dc:96:ef:a2:05:5d:1e:99:6f:29:5a:fb:45:d7:00:ce:ec:
62:cd:d6:f5:4a:18:44:15:df:f4:0c:be:67:32:6e:7c:cc:42:
e1:40:21:71:5e:79:bd:a0:0d:ca:82:d4:d6:94:5c:2d:f8:09:
80:1a:03:21:0c:63:8a:a7:cd:fc:70:84:e8:27:a4:a9:19:bb:
fa:65:83:2d:dd:53:8a:09:2b:e7:ec:0a:00:46:2e:9d:cc:f3:
3a:5c:21:30:1f:91:12:b0:2c:86:47:d4:24:dc:90:84:c9:05:
a7:76:13:60:4b:89:67:77:33:87:f6:32:aa:db:0a:3b:88:19:
98:da:bb:27:db:60:5c:f4:85:99:8f:52:2d:69:9d:df:52:54:
f8:d0:1f:46:91:65:01:38:9f:ca:55:58:35:1e:28:84:f9:23:
3d:bd:61:81:cb:5e:8a:c0:b2:58:e3:6e:2e:1f:db:37:8d:93:
df:18:07:ad:6c:99:f6:77:01:24:75:86:ec:b7:56:57:6b:79:
30:73:f7:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+lV3mkyXpogRx6asgtIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzQ1ODczMzVjMjkwZmY4ZjJiMzc0ZGYyNGFiZTIzMzNi
Y2VkNWUwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVlYWFjMDg4NjdlYzEyYjFmMzM1NTNkNmJkNTljYzMwZTViNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzEMNeQpJYzGpdycs7n/p0X8GPjl
N/ATIvEyJtf0OZw4vUNvXYXZwe7ml8DNNsMHVVgZ+NhSPeNUlOjzCNX82XsJgARm
l/HnFvSGLEwlhzl+SCbLT4Q/yGHNe1SXZmDCcoWQvdukh/7SL9xwx6CKAs4Fp7HW
ZQGskKtu1uXEDtvdquyD5nsqYCC00PewhpepRe9wxBonqI47DshAVhiFHMw+duu+
JLxp9JUAMu+PcuVp7hBSiQn67/BN5zh4rRVOghLdu8x47M8iaiXbDMmcplnp6rjn
76TnSya4xeKV87+anO+SmgnO2343aHj185xFv1VV+OjRmra8pm/wI/i7sQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBheqsCIZ+wSsfM1U9a9Wcww5bXLMB8GA1UdIwQY
MBaAFI3EWHM1wpD/jys3TfJKviMzvO1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYt
ZDYwNmQ5OTI1YWI3LzEvR0Y2cXdJaG43Qkt4OHpWVDFyMVp6RERsdGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYtZDYwNmQ5OTI1YWI3
LzEvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXsfoAwQD
bergAwQCuU7YAwQCuWxcMA0GCSqGSIb3DQEBCwUAA4IBAQAkbZBbSAvqj6PoTjIn
58S79qBiOjBgoyjl1uhQ/erqLRG9QpzUteMSg8Po4mB4BvkQBHeia4WB3JbvogVd
HplvKVr7RdcAzuxizdb1ShhEFd/0DL5nMm58zELhQCFxXnm9oA3KgtTWlFwt+AmA
GgMhDGOKp838cIToJ6SpGbv6ZYMt3VOKCSvn7AoARi6dzPM6XCEwH5ESsCyGR9Qk
3JCEyQWndhNgS4lndzOH9jKq2wo7iBmY2rsn22Bc9IWZj1ItaZ3fUlT40B9GkWUB
OJ/KVVg1HiiE+SM9vWGBy16KwLJY424uH9s3jZPfGAetbJn2dwEkdYbst1ZXa3kw
c/c+
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:20 2025 by rpki-client