Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GjlKVlFPplb6lKYm5t3O7BMVCgE.roa
File: GjlKVlFPplb6lKYm5t3O7BMVCgE.roa (raw, json)
Hash identifier: /SgweMivLy9RHeYak2ttBx6Bu/s83ohepRF6MeZrMeU=
Subject key identifier: 1A:39:4A:56:51:4F:A6:56:FA:94:A6:26:E6:DD:CE:EC:13:15:0A:01
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196CF3973E1394BF444875D421F4B19E427
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GjlKVlFPplb6lKYm5t3O7BMVCgE.roa
Signing time: Wed 14 May 2025 14:36:10 +0000
ROA not before: Wed 14 May 2025 14:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9028
IP address blocks: 45.144.155.0/24 maxlen: 24
87.121.54.0/24 maxlen: 24
93.123.16.0/24 maxlen: 24
93.123.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:39:73:e1:39:4b:f4:44:87:5d:42:1f:4b:19:e4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 14 14:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a394a56514fa656fa94a626e6ddceec13150a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bf:a7:56:9a:c3:69:b8:e5:67:d8:a0:45:82:
27:88:19:14:36:e1:6a:26:64:89:51:21:e1:af:68:
6d:f4:16:3d:9d:80:50:f6:2d:3f:ae:0f:92:0e:b6:
17:e1:1a:f5:4f:9b:a4:da:5c:0a:f7:60:11:39:1c:
89:92:75:00:6e:0b:c2:e1:b8:9a:95:d5:12:14:fb:
be:8b:3e:01:4c:03:c4:2d:17:94:54:20:51:ed:23:
2e:af:af:d7:e8:f3:c7:bb:94:0a:c3:f9:54:01:cc:
a3:49:f9:14:31:bf:26:a7:ce:4f:61:21:eb:07:c6:
3b:af:2c:9d:58:cf:5b:5b:18:68:e2:82:fa:72:f7:
42:4c:e3:17:97:20:01:0a:24:f2:1d:3d:0a:6d:74:
7d:2e:63:f2:57:f0:3e:84:d9:df:ee:29:ed:24:bc:
2f:9b:c7:dc:7d:1c:e0:d1:05:49:16:1f:9c:a0:3a:
86:c2:3e:9d:21:b7:17:76:e2:c6:80:fb:8b:f3:77:
e4:ec:2b:27:e8:18:06:a8:38:d5:87:22:4b:8b:f1:
47:ac:33:68:a8:56:4d:ba:d8:a4:89:95:2e:25:4c:
92:ab:a4:24:55:20:5d:71:57:04:55:c8:98:bf:de:
57:47:da:b7:31:9a:97:1f:17:7e:84:cf:1c:a4:73:
4e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:39:4A:56:51:4F:A6:56:FA:94:A6:26:E6:DD:CE:EC:13:15:0A:01
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GjlKVlFPplb6lKYm5t3O7BMVCgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.155.0/24
87.121.54.0/24
93.123.16.0/24
93.123.22.0/24
Signature Algorithm: sha256WithRSAEncryption
60:e7:1e:3b:e0:29:99:3c:fc:3b:31:d1:dc:cd:39:b8:7f:83:
5e:b2:c0:b1:ed:b3:40:29:61:77:55:68:12:0a:ed:9a:bd:8c:
41:3a:4c:60:44:7b:2e:8a:6f:68:4e:74:a0:ea:6d:4d:34:2e:
f4:91:d6:62:e6:14:02:3e:09:de:be:fb:3e:03:bf:5b:f7:3c:
bf:23:7f:2b:8f:3d:2e:f3:cc:30:0c:ee:e5:b7:52:09:87:16:
c0:b0:f5:e0:cc:70:2a:7b:6e:f2:b6:4e:2d:dc:4e:f8:85:ee:
df:19:a8:e2:19:99:42:ca:a4:8a:fc:34:f6:f2:19:00:ad:8d:
25:4c:94:62:68:71:9e:01:3b:0e:7f:23:67:ac:92:76:e7:2a:
5e:09:20:12:dc:f8:13:fe:aa:f4:4d:c3:df:07:95:98:1c:27:
2a:f9:f2:1e:76:c5:0d:3d:27:15:c7:1f:be:de:c4:3f:d5:76:
2f:0a:93:bf:06:bb:b2:04:5a:bc:5f:ec:f1:20:18:62:a6:b8:
d3:b2:21:39:6f:7f:52:14:c0:7a:d3:af:7f:6c:ca:74:1f:5a:
fd:db:de:2d:db:2c:4f:90:f6:cf:dd:97:95:c9:8c:9d:36:7c:
27:05:d8:9d:f7:a0:2a:40:d2:52:69:97:53:14:58:62:67:2e:
0b:48:32:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbPOXPhOUv0RIddQh9LGeQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTE0MTQzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM5NGE1NjUxNGZhNjU2ZmE5NGE2MjZlNmRkY2VlYzEzMTUwYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb+nVprDabjlZ9igRYIniBkUNuFq
JmSJUSHhr2ht9BY9nYBQ9i0/rg+SDrYX4Rr1T5uk2lwK92ARORyJknUAbgvC4bia
ldUSFPu+iz4BTAPELReUVCBR7SMur6/X6PPHu5QKw/lUAcyjSfkUMb8mp85PYSHr
B8Y7ryydWM9bWxho4oL6cvdCTOMXlyABCiTyHT0KbXR9LmPyV/A+hNnf7intJLwv
m8fcfRzg0QVJFh+coDqGwj6dIbcXduLGgPuL83fk7Csn6BgGqDjVhyJLi/FHrDNo
qFZNutikiZUuJUySq6QkVSBdcVcEVciYv95XR9q3MZqXHxd+hM8cpHNOdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBo5SlZRT6ZW+pSmJubdzuwTFQoBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR2psS1ZsRlBwbGI2bEtZbTV0M083Qk1WQ2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZCbAwQA
V3k2AwQAXXsQAwQAXXsWMA0GCSqGSIb3DQEBCwUAA4IBAQBg5x474CmZPPw7MdHc
zTm4f4NessCx7bNAKWF3VWgSCu2avYxBOkxgRHsuim9oTnSg6m1NNC70kdZi5hQC
Pgnevvs+A79b9zy/I38rjz0u88wwDO7lt1IJhxbAsPXgzHAqe27ytk4t3E74he7f
GajiGZlCyqSK/DT28hkArY0lTJRiaHGeATsOfyNnrJJ25ypeCSAS3PgT/qr0TcPf
B5WYHCcq+fIedsUNPScVxx++3sQ/1XYvCpO/BruyBFq8X+zxIBhiprjTsiE5b39S
FMB6069/bMp0H1r9294t2yxPkPbP3ZeVyYydNnwnBdid96AqQNJSaZdTFFhiZy4L
SDJo
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:47:09 2025 by rpki-client