Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/GE_VINn07eeSJYTvZIuo88WEV3U.roa
File: GE_VINn07eeSJYTvZIuo88WEV3U.roa (raw, json)
Hash identifier: 7RURCigC0zQY7NED6IrTycMVsCozhn/RUtlNFgdIpNw=
Subject key identifier: 18:4F:D5:20:D9:F4:ED:E7:92:25:84:EF:64:8B:A8:F3:C5:84:57:75
Certificate issuer: /CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Certificate serial: 0194228D7EDAA825E0671988731AC3164F8E
Authority key identifier: 20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/GE_VINn07eeSJYTvZIuo88WEV3U.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201434
IP address blocks: 91.194.138.0/24 maxlen: 24
146.255.190.0/24 maxlen: 24
185.75.36.0/22 maxlen: 22
193.29.207.0/24 maxlen: 24
194.126.238.0/24 maxlen: 24
2a03:4620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7e:da:a8:25:e0:67:19:88:73:1a:c3:16:4f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=184fd520d9f4ede7922584ef648ba8f3c5845775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:bf:f3:8f:ed:56:6a:c5:67:03:28:ca:c4:
d2:a3:e3:8b:57:fa:f3:5a:c2:3c:cd:9c:e7:b3:9a:
98:b0:af:69:cb:65:30:e5:c2:4d:f8:20:2b:5a:dc:
b7:3e:11:59:4e:0b:39:c1:d4:db:49:fc:f6:91:4c:
8b:c6:96:ac:6c:ad:32:e7:84:f0:63:9b:99:c4:a1:
5d:b6:a5:2c:4f:18:8f:f5:71:87:45:ea:02:a5:75:
d7:ad:23:a1:ea:49:ec:3b:e8:a7:26:93:16:54:e1:
ad:d9:1d:41:67:01:f1:8c:b4:06:55:d3:6b:d6:81:
5e:46:7f:f3:3c:cc:1d:c2:32:ac:76:0a:77:18:f1:
ec:c4:5c:ab:be:26:f2:75:f0:2c:73:2f:58:25:b4:
75:c1:2f:3d:b7:3c:23:77:cf:bf:eb:b2:8f:e9:af:
2c:f2:18:a0:29:57:ff:93:78:fd:e3:4f:a6:eb:2f:
c8:4f:08:fa:e9:91:6e:36:63:b8:a9:cd:c6:81:b9:
ef:b2:99:a8:20:ca:e9:c6:25:b7:96:93:62:d8:75:
13:fc:67:03:ec:d9:0e:7f:c9:98:9a:98:da:26:6b:
76:73:fa:f4:d6:d1:b3:5a:05:ac:ea:4a:de:19:9a:
71:69:9e:d8:61:1c:f5:ed:20:96:07:7a:2c:c8:fe:
6b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4F:D5:20:D9:F4:ED:E7:92:25:84:EF:64:8B:A8:F3:C5:84:57:75
X509v3 Authority Key Identifier:
keyid:20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/GE_VINn07eeSJYTvZIuo88WEV3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.138.0/24
146.255.190.0/24
185.75.36.0/22
193.29.207.0/24
194.126.238.0/24
IPv6:
2a03:4620::/32
Signature Algorithm: sha256WithRSAEncryption
0f:f5:e7:45:2e:f0:1b:c2:e0:88:d2:f3:00:89:e2:ac:88:c2:
94:7c:5b:fb:fe:6d:47:3f:a4:3d:48:33:c3:d6:19:9c:22:c7:
f3:5a:48:47:66:d8:ef:13:dc:c3:46:54:42:07:b0:29:cc:c8:
89:1f:c9:b6:12:1e:01:c8:61:d7:ad:a4:b0:84:f8:32:71:ff:
ac:6f:54:87:b7:f0:f9:c1:68:66:b8:3b:ed:4d:8e:65:da:ae:
7a:b4:5e:34:31:e9:2b:30:42:ca:bf:42:46:8a:a4:87:8f:75:
b8:84:a5:43:8d:ee:58:b0:94:e3:4d:ef:7a:b9:79:86:67:a9:
f2:e5:a8:32:ab:f3:2a:10:4c:4e:41:4a:38:7f:b6:e4:2b:69:
74:39:46:ad:26:82:41:cf:1d:3c:83:00:0b:b7:59:6e:29:66:
6a:fb:fe:7e:fd:34:e5:3c:56:89:d8:65:49:39:b3:02:96:85:
83:52:fa:4c:cf:18:6e:c3:bc:68:29:65:f5:c7:f4:a2:5f:ab:
3a:2b:6c:1c:de:f9:be:e2:33:1f:fa:f1:fe:61:62:4f:c1:86:
ad:7a:e9:fc:da:2d:5d:55:6b:7b:56:e5:dc:f8:0e:02:6c:4c:
5f:6b:5e:bb:9e:18:af:27:01:49:20:c7:0b:40:34:9f:83:7e:
90:a0:4e:81
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQijX7aqCXgZxmIcxrDFk+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOTFhNzdmN2M0MjRlOTEyNzM5ODQ3M2JmYTNhMmI5NzI3
ZWJiNDUwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRmZDUyMGQ5ZjRlZGU3OTIyNTg0ZWY2NDhiYThmM2M1ODQ1Nzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9y/84/tVmrFZwMoysTSo+OLV/rz
WsI8zZzns5qYsK9py2Uw5cJN+CArWty3PhFZTgs5wdTbSfz2kUyLxpasbK0y54Tw
Y5uZxKFdtqUsTxiP9XGHReoCpXXXrSOh6knsO+inJpMWVOGt2R1BZwHxjLQGVdNr
1oFeRn/zPMwdwjKsdgp3GPHsxFyrvibydfAscy9YJbR1wS89tzwjd8+/67KP6a8s
8higKVf/k3j940+m6y/ITwj66ZFuNmO4qc3GgbnvspmoIMrpxiW3lpNi2HUT/GcD
7NkOf8mYmpjaJmt2c/r01tGzWgWs6kreGZpxaZ7YYRz17SCWB3osyP5rAQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBhP1SDZ9O3nkiWE72SLqPPFhFd1MB8GA1UdIwQY
MBaAFCCRp398Qk6RJzmEc7+jorlyfrtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMt
OWEyMjk3ODBlMGJlLzEvR0VfVklObjA3ZWVTSllUdlpJdW84OFdFVjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMtOWEyMjk3ODBlMGJl
LzEvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8KKAwQA
kv++AwQCuUskAwQAwR3PAwQAwn7uMA0EAgACMAcDBQAqA0YgMA0GCSqGSIb3DQEB
CwUAA4IBAQAP9edFLvAbwuCI0vMAieKsiMKUfFv7/m1HP6Q9SDPD1hmcIsfzWkhH
ZtjvE9zDRlRCB7ApzMiJH8m2Eh4ByGHXraSwhPgycf+sb1SHt/D5wWhmuDvtTY5l
2q56tF40MekrMELKv0JGiqSHj3W4hKVDje5YsJTjTe96uXmGZ6ny5agyq/MqEExO
QUo4f7bkK2l0OUatJoJBzx08gwALt1luKWZq+/5+/TTlPFaJ2GVJObMCloWDUvpM
zxhuw7xoKWX1x/SiX6s6K2wc3vm+4jMf+vH+YWJPwYateun82i1dVWt7VuXc+A4C
bExfa167nhivJwFJIMcLQDSfg36QoE6B
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:20:51 2025 by rpki-client