Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/GrkcftVthMbuFOuUmrwl5HnX76A.roa
File: GrkcftVthMbuFOuUmrwl5HnX76A.roa (raw, json)
Hash identifier: vQYdY8EKtEz2Hu89OKKocq2BRdvKpSXmSdv2pqjq+sg=
Subject key identifier: 1A:B9:1C:7E:D5:6D:84:C6:EE:14:EB:94:9A:BC:25:E4:79:D7:EF:A0
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 0194274719F12DA23A0AAE4C348B070BB74C
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/GrkcftVthMbuFOuUmrwl5HnX76A.roa
Signing time: Thu 02 Jan 2025 13:49:18 +0000
ROA not before: Thu 02 Jan 2025 13:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61072
IP address blocks: 45.154.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 13:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:19:f1:2d:a2:3a:0a:ae:4c:34:8b:07:0b:b7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Jan 2 13:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ab91c7ed56d84c6ee14eb949abc25e479d7efa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c7:77:4a:86:95:20:63:a8:4c:da:55:97:87:
49:3d:12:db:a2:9c:fa:f6:22:f9:04:94:26:5b:ff:
97:24:88:75:7e:e5:00:d3:fc:72:66:16:22:ca:8c:
8a:20:2a:77:db:b8:ba:99:93:00:52:94:41:2f:ad:
cb:c4:6a:b7:8f:e8:4a:b8:e0:c3:25:00:cc:fe:38:
22:21:f5:c8:b2:d2:7f:54:67:30:d4:78:5a:44:ae:
33:87:c2:84:51:2f:e8:35:70:bb:ff:32:c2:8f:61:
9f:43:25:0f:21:67:72:7e:d9:2b:7a:a3:96:46:b7:
51:43:e9:00:98:5c:2a:b3:bf:c6:ee:12:30:15:ec:
de:b4:1d:85:7f:40:48:37:4c:a4:a3:91:32:7e:96:
a3:46:b7:3d:d7:6f:9b:de:a8:93:54:90:79:29:76:
5d:5d:88:36:43:8a:14:03:2b:f9:02:20:9f:fc:6e:
9a:74:05:d8:ec:3a:5e:1a:06:d5:1e:ae:72:df:87:
5b:a3:54:d0:25:d9:a0:ed:b3:79:b6:2a:fd:4a:83:
f4:11:05:60:cc:a4:0f:a2:f9:64:b5:89:a7:8b:92:
bb:6c:3c:62:67:0c:37:ac:87:c8:d9:60:09:fb:f8:
4b:1d:19:10:56:a3:2e:80:37:d1:25:25:16:d7:14:
89:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B9:1C:7E:D5:6D:84:C6:EE:14:EB:94:9A:BC:25:E4:79:D7:EF:A0
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/GrkcftVthMbuFOuUmrwl5HnX76A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.252.0/24
Signature Algorithm: sha256WithRSAEncryption
14:df:9a:04:2c:a6:ad:07:29:42:6a:e8:1a:f0:b8:eb:9b:8c:
ce:d4:de:8a:8e:d3:18:63:c9:9e:31:26:af:ab:67:15:cf:fc:
e8:2f:a1:31:c2:d1:e7:a6:c8:f9:70:c9:b9:08:99:f5:13:23:
31:ae:0d:6a:09:26:ae:15:cb:6a:94:29:bd:45:20:ba:26:82:
d0:2b:87:7e:01:d4:28:4e:4c:5d:68:e9:85:6e:7b:c6:e2:79:
95:86:92:b5:00:f7:99:51:8d:0e:fb:76:bb:ca:c1:7d:1a:54:
81:0e:ba:96:9b:4b:e6:49:de:4a:d6:13:ee:66:bb:f7:36:1e:
9b:9a:fa:b5:20:19:ab:48:30:45:85:5e:2c:38:56:53:24:9f:
ea:75:61:28:3a:a2:cc:10:53:d8:a9:eb:40:bf:b9:d9:aa:f7:
21:b5:47:e3:ab:50:0a:eb:b6:e0:69:49:80:ae:05:31:9f:de:
c3:a5:e3:25:4a:3b:2f:f1:8f:18:e6:b1:25:be:41:86:4c:13:
ac:f4:37:0c:13:4a:5c:a0:7f:f1:2a:be:2c:18:92:3f:1d:2d:
d1:69:6e:e8:84:3e:c2:b6:06:c6:c9:0f:42:12:70:89:d8:10:
67:04:a3:d9:cb:4e:8b:48:e5:82:c4:bd:3f:cc:ef:62:20:bd:
cb:01:02:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRxnxLaI6Cq5MNIsHC7dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjUwMTAyMTM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI5MWM3ZWQ1NmQ4NGM2ZWUxNGViOTQ5YWJjMjVlNDc5ZDdlZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMd3SoaVIGOoTNpVl4dJPRLbopz6
9iL5BJQmW/+XJIh1fuUA0/xyZhYiyoyKICp327i6mZMAUpRBL63LxGq3j+hKuODD
JQDM/jgiIfXIstJ/VGcw1HhaRK4zh8KEUS/oNXC7/zLCj2GfQyUPIWdyftkreqOW
RrdRQ+kAmFwqs7/G7hIwFezetB2Ff0BIN0yko5EyfpajRrc912+b3qiTVJB5KXZd
XYg2Q4oUAyv5AiCf/G6adAXY7DpeGgbVHq5y34dbo1TQJdmg7bN5tir9SoP0EQVg
zKQPovlktYmni5K7bDxiZww3rIfI2WAJ+/hLHRkQVqMugDfRJSUW1xSJrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBq5HH7VbYTG7hTrlJq8JeR51++gMB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvR3JrY2Z0VnRoTWJ1Rk91VW1yd2w1SG5YNzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZr8MA0G
CSqGSIb3DQEBCwUAA4IBAQAU35oELKatBylCauga8Ljrm4zO1N6KjtMYY8meMSav
q2cVz/zoL6ExwtHnpsj5cMm5CJn1EyMxrg1qCSauFctqlCm9RSC6JoLQK4d+AdQo
TkxdaOmFbnvG4nmVhpK1APeZUY0O+3a7ysF9GlSBDrqWm0vmSd5K1hPuZrv3Nh6b
mvq1IBmrSDBFhV4sOFZTJJ/qdWEoOqLMEFPYqetAv7nZqvchtUfjq1AK67bgaUmA
rgUxn97DpeMlSjsv8Y8Y5rElvkGGTBOs9DcME0pcoH/xKr4sGJI/HS3RaW7ohD7C
tgbGyQ9CEnCJ2BBnBKPZy06LSOWCxL0/zO9iIL3LAQKc
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:12:59 2025 by rpki-client