Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gktrPpar80Yj3HO_xTl6-8tholk.roa
File: gktrPpar80Yj3HO_xTl6-8tholk.roa (raw, json)
Hash identifier: 5YMgCwZjSTpe0kk7pnZdD0CkFN0NmRFgfWE0skj33rw=
Subject key identifier: 82:4B:6B:3E:96:AB:F3:46:23:DC:73:BF:C5:39:7A:FB:CB:61:A2:59
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 01942369FB93A06561E329211692B27D5FD9
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gktrPpar80Yj3HO_xTl6-8tholk.roa
Signing time: Wed 01 Jan 2025 19:48:55 +0000
ROA not before: Wed 01 Jan 2025 19:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59655
IP address blocks: 176.97.156.0/23 maxlen: 23
176.97.156.0/24 maxlen: 24
176.97.157.0/24 maxlen: 24
178.255.200.0/22 maxlen: 22
178.255.201.0/24 maxlen: 24
178.255.202.0/23 maxlen: 23
178.255.202.0/24 maxlen: 24
178.255.203.0/24 maxlen: 24
178.255.204.0/23 maxlen: 23
178.255.204.0/24 maxlen: 24
178.255.205.0/24 maxlen: 24
178.255.206.0/23 maxlen: 23
185.199.12.0/24 maxlen: 24
185.199.13.0/24 maxlen: 24
185.199.14.0/24 maxlen: 24
185.199.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 10:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fb:93:a0:65:61:e3:29:21:16:92:b2:7d:5f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Jan 1 19:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=824b6b3e96abf34623dc73bfc5397afbcb61a259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:3b:31:90:25:12:8d:b6:e7:a2:56:18:f6:
6b:30:3c:1c:e7:03:d0:60:b5:1d:bb:8f:cc:35:c4:
39:9a:8f:49:94:93:6c:f0:18:5a:b4:aa:b5:5c:e4:
54:b1:c0:7c:3a:9d:a5:f4:35:80:e9:36:49:6a:89:
05:5a:8f:43:be:df:52:3c:3c:fa:88:19:20:5d:09:
84:b4:85:c3:97:9f:1a:dd:01:7d:04:f2:bf:d3:3d:
7e:c8:35:a5:a7:30:23:1e:e3:b5:e8:65:cf:06:2b:
8e:5c:a8:cd:f4:ea:03:13:18:e2:9b:2d:21:af:35:
47:7e:30:e2:95:f3:2c:88:d5:cc:5c:6b:ac:16:a9:
63:c4:d8:bb:c8:79:c9:20:da:b4:71:85:00:8f:da:
d3:eb:0c:a1:59:30:af:d3:8d:64:44:ed:c4:6e:c3:
5a:3d:30:a9:ff:72:29:10:39:17:fc:77:1e:8b:3c:
57:3c:7b:58:c0:fb:ba:cb:6b:b0:87:7e:aa:f2:c5:
c9:2c:f2:ad:71:7f:15:0b:11:6e:96:38:0f:fa:b9:
e7:10:12:c4:7a:68:da:d5:35:af:d6:d6:a0:06:66:
fa:91:11:23:0c:86:58:1d:ec:b5:7f:1a:08:ae:79:
83:57:b5:6a:05:73:91:62:18:bb:ae:0e:9b:31:b1:
d4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4B:6B:3E:96:AB:F3:46:23:DC:73:BF:C5:39:7A:FB:CB:61:A2:59
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gktrPpar80Yj3HO_xTl6-8tholk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.156.0/23
178.255.200.0/21
185.199.12.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:d1:11:fe:b7:21:40:d9:18:4d:7d:38:da:da:75:8b:21:47:
5e:d9:44:4d:c9:4a:e2:37:24:b9:cd:10:c0:01:0b:79:9d:78:
64:77:fc:cd:93:94:75:2a:e7:56:57:0f:3a:c0:80:46:ad:db:
0a:a0:42:96:45:fa:a9:59:1b:99:d8:34:71:92:ff:b9:b7:a7:
b5:5a:4a:20:64:9f:72:81:7a:23:49:1e:5b:12:20:31:82:80:
e9:dd:4f:f4:78:8f:57:c3:62:d3:a1:c5:4e:0f:1a:88:ce:89:
ad:c7:81:3f:c6:14:00:12:6f:65:c4:cc:69:98:4d:ea:a5:e5:
35:e3:3b:c5:a8:0e:59:48:0b:ce:52:c6:48:af:3a:53:43:24:
e4:24:b4:f4:65:ea:c1:60:d5:47:24:ca:16:70:0b:1a:38:48:
25:ef:ed:9a:e9:8b:11:90:62:4e:c5:a5:a6:4b:4a:ea:22:12:
f7:59:db:6a:b4:f5:5e:f1:4b:27:0f:11:8e:18:ea:4e:62:1b:
75:d4:1e:79:cd:c0:fa:70:dd:bf:39:39:7b:f4:1b:bc:fc:7f:
c2:97:ba:5c:1f:a9:0d:76:93:64:d3:cd:f2:35:05:38:c4:f0:
e1:be:61:2b:1c:4c:e2:ef:92:b5:ff:a8:88:67:9f:1f:78:66:
a7:2a:be:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjafuToGVh4ykhFpKyfV/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjUwMTAxMTk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRiNmIzZTk2YWJmMzQ2MjNkYzczYmZjNTM5N2FmYmNiNjFhMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor87MZAlEo2256JWGPZrMDwc5wPQ
YLUdu4/MNcQ5mo9JlJNs8BhatKq1XORUscB8Op2l9DWA6TZJaokFWo9Dvt9SPDz6
iBkgXQmEtIXDl58a3QF9BPK/0z1+yDWlpzAjHuO16GXPBiuOXKjN9OoDExjimy0h
rzVHfjDilfMsiNXMXGusFqljxNi7yHnJINq0cYUAj9rT6wyhWTCv041kRO3EbsNa
PTCp/3IpEDkX/HceizxXPHtYwPu6y2uwh36q8sXJLPKtcX8VCxFuljgP+rnnEBLE
emja1TWv1tagBmb6kREjDIZYHey1fxoIrnmDV7VqBXORYhi7rg6bMbHU+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJLaz6Wq/NGI9xzv8U5evvLYaJZMB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvZ2t0clBwYXI4MFlqM0hPX3hUbDYtOHRob2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBsGGcAwQD
sv/IAwQCuccMMA0GCSqGSIb3DQEBCwUAA4IBAQB90RH+tyFA2RhNfTja2nWLIUde
2URNyUriNyS5zRDAAQt5nXhkd/zNk5R1KudWVw86wIBGrdsKoEKWRfqpWRuZ2DRx
kv+5t6e1WkogZJ9ygXojSR5bEiAxgoDp3U/0eI9Xw2LTocVODxqIzomtx4E/xhQA
Em9lxMxpmE3qpeU14zvFqA5ZSAvOUsZIrzpTQyTkJLT0ZerBYNVHJMoWcAsaOEgl
7+2a6YsRkGJOxaWmS0rqIhL3WdtqtPVe8UsnDxGOGOpOYht11B55zcD6cN2/OTl7
9Bu8/H/Cl7pcH6kNdpNk083yNQU4xPDhvmErHEzi75K1/6iIZ58feGanKr6M
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:06:02 2025 by rpki-client