Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/GtTmoRT7XNVXBnXOsHZVf63eiDE.roa
File: GtTmoRT7XNVXBnXOsHZVf63eiDE.roa (raw, json)
Hash identifier: D+k5RJe28ejPSPya6Jjm6aV5eby1Bwyad8Nl2+QCWeE=
Subject key identifier: 1A:D4:E6:A1:14:FB:5C:D5:57:06:75:CE:B0:76:55:7F:AD:DE:88:31
Certificate issuer: /CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Certificate serial: 019422FC25E77DFB12AD4E27FECEA32DA372
Authority key identifier: 30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/GtTmoRT7XNVXBnXOsHZVf63eiDE.roa
Signing time: Wed 01 Jan 2025 17:48:57 +0000
ROA not before: Wed 01 Jan 2025 17:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 62.24.0.0/19 maxlen: 19
62.80.0.0/18 maxlen: 18
62.80.62.0/24 maxlen: 24
62.176.128.0/19 maxlen: 19
195.38.128.0/19 maxlen: 19
195.170.96.0/19 maxlen: 19
212.6.128.0/17 maxlen: 17
212.66.0.0/19 maxlen: 19
212.82.224.0/19 maxlen: 19
213.221.64.0/18 maxlen: 18
2a00:1798::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 20:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:25:e7:7d:fb:12:ad:4e:27:fe:ce:a3:2d:a3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Validity
Not Before: Jan 1 17:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ad4e6a114fb5cd5570675ceb076557fadde8831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f4:3c:3c:62:ea:b7:3f:9f:bf:ce:09:51:7b:
4e:2e:b7:cc:82:12:ee:64:ce:ef:df:54:84:cf:c1:
ab:56:87:e3:fd:d0:a5:6a:e3:0a:5c:92:53:33:99:
5b:9d:2f:6f:ad:27:01:f5:d3:6a:d0:74:ed:ab:4f:
2f:71:cf:91:7b:00:3c:4e:68:06:b8:6e:bc:2c:36:
75:52:08:5d:dd:a6:d2:73:66:aa:5f:36:c1:6b:5c:
b3:d5:8e:ac:99:ed:37:47:4d:ec:10:0c:f0:0b:d4:
13:28:b5:30:7e:11:8b:e9:c8:33:78:1f:df:51:3b:
19:87:b4:67:ee:e5:4c:9a:ef:15:d0:ed:38:13:b5:
5f:61:7e:31:d7:96:f0:0a:a9:a3:bb:71:a2:29:18:
34:0c:70:13:d3:3c:2a:5d:28:cb:74:58:f9:ea:bb:
d1:63:2c:db:0f:4f:78:72:bc:26:d9:a6:b1:64:9f:
38:03:ac:6e:57:9f:fe:df:36:cb:e3:29:c1:f0:42:
67:78:c3:f7:67:ea:f3:73:21:ab:8a:b9:7d:05:d6:
b8:0e:eb:f4:df:87:c5:1f:b2:26:68:e8:e7:df:08:
82:4d:e5:5d:5f:1f:29:3d:76:d7:47:f0:0a:26:66:
17:48:32:a0:8d:ef:bb:c4:e1:2d:c7:1e:76:79:f0:
59:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D4:E6:A1:14:FB:5C:D5:57:06:75:CE:B0:76:55:7F:AD:DE:88:31
X509v3 Authority Key Identifier:
keyid:30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/GtTmoRT7XNVXBnXOsHZVf63eiDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.0.0/19
62.80.0.0/18
62.176.128.0/19
195.38.128.0/19
195.170.96.0/19
212.6.128.0/17
212.66.0.0/19
212.82.224.0/19
213.221.64.0/18
IPv6:
2a00:1798::/32
Signature Algorithm: sha256WithRSAEncryption
4e:5b:c6:1c:e6:ff:04:13:30:2e:21:e2:bf:ff:16:9c:70:f7:
01:88:43:e1:67:57:09:a8:fd:84:ca:56:62:47:86:3c:cd:50:
8a:14:97:7c:6a:97:86:00:90:60:d4:40:57:95:e1:be:51:c2:
f6:1c:72:88:52:e8:1f:a4:e3:e1:28:6f:82:7c:8a:e0:92:86:
40:67:22:9f:e1:cc:53:f6:5e:95:26:ca:06:4a:f4:a9:dd:17:
92:b1:2a:6f:8f:50:37:ea:31:3b:49:52:06:1e:f0:68:de:f3:
b0:b4:8e:d2:6d:38:12:ae:d8:e0:77:1c:c0:7c:27:fd:43:bd:
e2:9d:7c:18:86:d6:c5:94:1e:8f:68:1e:2b:2b:68:71:58:f7:
fe:d4:0c:43:79:9d:87:c4:c0:08:15:0f:49:8e:66:ac:99:9a:
18:c7:c9:9f:05:83:64:33:74:42:25:87:58:02:21:7a:46:cf:
e1:ba:ef:61:40:ae:12:dd:7c:b3:f4:e2:18:ef:50:a6:6a:35:
81:db:c8:aa:07:be:30:35:29:ed:99:a2:f8:fb:d7:aa:6c:29:
78:8f:0b:44:33:99:06:b7:1e:cd:62:dd:4f:cf:8d:a5:a9:de:
32:96:56:5a:05:66:a4:be:c3:85:3f:0f:cd:71:f0:41:64:c3:
6d:4e:6c:33
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQi/CXnffsSrU4n/s6jLaNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjgzY2ZmYTA2MWYyOGE5ZTExMzVjOWZjMzAzNzZhNjQ3
NGNiZjQwHhcNMjUwMTAxMTc0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ0ZTZhMTE0ZmI1Y2Q1NTcwNjc1Y2ViMDc2NTU3ZmFkZGU4ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPQ8PGLqtz+fv84JUXtOLrfMghLu
ZM7v31SEz8GrVofj/dClauMKXJJTM5lbnS9vrScB9dNq0HTtq08vcc+RewA8TmgG
uG68LDZ1Ughd3abSc2aqXzbBa1yz1Y6sme03R03sEAzwC9QTKLUwfhGL6cgzeB/f
UTsZh7Rn7uVMmu8V0O04E7VfYX4x15bwCqmju3GiKRg0DHAT0zwqXSjLdFj56rvR
YyzbD094crwm2aaxZJ84A6xuV5/+3zbL4ynB8EJneMP3Z+rzcyGrirl9Bda4Duv0
34fFH7ImaOjn3wiCTeVdXx8pPXbXR/AKJmYXSDKgje+7xOEtxx52efBZ4wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBrU5qEU+1zVVwZ1zrB2VX+t3ogxMB8GA1UdIwQY
MBaAFDBoPP+gYfKKnhE1yfwwN2pkdMv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdnOF82Qmg4b3FlRVRYSl9EQTNhbVIweV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWY2ZWQtN2I4Ni00Zjc2LTgyOGYt
NGUxOTIzOWYwYzM1LzEvR3RUbW9SVDdYTlZYQm5YT3NIWlZmNjNlaURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWY2ZWQtN2I4Ni00Zjc2LTgyOGYtNGUxOTIzOWYwYzM1
LzEvTUdnOF82Qmg4b3FlRVRYSl9EQTNhbVIweV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFPhgAAwQG
PlAAAwQFPrCAAwQFwyaAAwQFw6pgAwQH1AaAAwQF1EIAAwQF1FLgAwQG1d1AMA0E
AgACMAcDBQAqABeYMA0GCSqGSIb3DQEBCwUAA4IBAQBOW8Yc5v8EEzAuIeK//xac
cPcBiEPhZ1cJqP2EylZiR4Y8zVCKFJd8apeGAJBg1EBXleG+UcL2HHKIUugfpOPh
KG+CfIrgkoZAZyKf4cxT9l6VJsoGSvSp3ReSsSpvj1A36jE7SVIGHvBo3vOwtI7S
bTgSrtjgdxzAfCf9Q73inXwYhtbFlB6PaB4rK2hxWPf+1AxDeZ2HxMAIFQ9Jjmas
mZoYx8mfBYNkM3RCJYdYAiF6Rs/huu9hQK4S3Xyz9OIY71CmajWB28iqB74wNSnt
maL4+9eqbCl4jwtEM5kGtx7NYt1Pz42lqd4yllZaBWakvsOFPw/NcfBBZMNtTmwz
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:10:53 2025 by rpki-client