Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/Gnl9wgih5bkZTu9f-EBtmWB57aI.roa
File: Gnl9wgih5bkZTu9f-EBtmWB57aI.roa (raw, json)
Hash identifier: zbDguLxZjG7MAjNEZMNb7jOZjg/zzl6iQmvjqk6cIOM=
Subject key identifier: 1A:79:7D:C2:08:A1:E5:B9:19:4E:EF:5F:F8:40:6D:99:60:79:ED:A2
Certificate issuer: /CN=44f56ecd3f4b1d6e8d669ead0e033fdaf0be4f40
Certificate serial: 019424B3F6B426CC366B53E9712544454341
Authority key identifier: 44:F5:6E:CD:3F:4B:1D:6E:8D:66:9E:AD:0E:03:3F:DA:F0:BE:4F:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPVuzT9LHW6NZp6tDgM_2vC-T0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/Gnl9wgih5bkZTu9f-EBtmWB57aI.roa
Signing time: Thu 02 Jan 2025 01:49:21 +0000
ROA not before: Thu 02 Jan 2025 01:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48748
IP address blocks: 91.214.132.0/22 maxlen: 22
193.107.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/RPVuzT9LHW6NZp6tDgM_2vC-T0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/RPVuzT9LHW6NZp6tDgM_2vC-T0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/RPVuzT9LHW6NZp6tDgM_2vC-T0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f6:b4:26:cc:36:6b:53:e9:71:25:44:45:43:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f56ecd3f4b1d6e8d669ead0e033fdaf0be4f40
Validity
Not Before: Jan 2 01:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a797dc208a1e5b9194eef5ff8406d996079eda2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:d9:0d:dc:6e:db:e8:f1:ea:1f:cd:98:fe:
3d:b8:43:51:0c:4a:c4:54:38:f4:98:3c:f0:00:36:
f5:01:71:3a:c4:e6:e6:53:a6:18:49:5a:fd:a4:7b:
b5:57:a2:4b:79:bf:40:d6:d4:c2:92:82:ee:44:4a:
43:de:cd:2e:02:ca:fd:81:fa:8c:ce:e0:23:72:67:
ad:6c:7b:ac:9f:41:36:ce:02:78:3e:6e:3b:5c:54:
1e:b7:b7:43:ff:f7:f1:9c:05:e8:67:c2:84:b7:ee:
33:2c:3b:33:31:d8:d3:e4:41:d4:82:90:fb:a7:96:
9d:c2:75:a1:f4:f9:b7:d0:2b:2b:f5:44:86:4e:9c:
7d:0c:f0:60:93:83:10:69:73:5b:67:56:69:29:22:
81:cc:e9:94:88:e8:65:15:e4:04:02:39:c9:7f:c1:
82:e0:4f:78:c7:37:56:4d:4f:d4:f9:73:54:5a:13:
a9:42:88:e2:59:7d:4b:e5:32:6c:a4:64:67:83:2c:
a5:6a:a5:38:d1:76:3c:f7:ad:1a:fb:70:51:22:95:
8c:46:3c:de:85:4c:b4:73:b1:e9:67:85:1d:80:b2:
44:4a:64:e1:b2:72:22:25:83:33:6c:7f:88:85:7e:
ce:0e:aa:4d:04:f9:4d:94:2c:ca:8f:d7:27:06:65:
6d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:79:7D:C2:08:A1:E5:B9:19:4E:EF:5F:F8:40:6D:99:60:79:ED:A2
X509v3 Authority Key Identifier:
keyid:44:F5:6E:CD:3F:4B:1D:6E:8D:66:9E:AD:0E:03:3F:DA:F0:BE:4F:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPVuzT9LHW6NZp6tDgM_2vC-T0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/Gnl9wgih5bkZTu9f-EBtmWB57aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/0e01de-cde3-447f-b5dc-036354a2c22f/1/RPVuzT9LHW6NZp6tDgM_2vC-T0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.132.0/22
193.107.132.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:48:de:90:6d:07:ab:4a:b9:3e:51:c8:60:c3:56:a7:96:c0:
8a:d9:6b:37:04:4a:57:21:95:43:de:41:6d:9a:7d:db:1a:5c:
6f:f0:fe:62:7f:7a:41:25:be:e2:05:ef:6b:e4:a6:a2:87:f7:
ac:41:d6:8d:52:c6:56:65:83:50:a6:47:ae:0e:5d:1a:74:4b:
0a:40:ae:71:47:4f:16:62:99:1d:fd:5a:69:ca:ca:fd:61:46:
25:47:da:e3:1c:7a:1d:cd:ee:af:61:4d:89:9a:75:cc:46:23:
bd:2d:7f:22:29:97:87:ef:63:ee:b1:57:c5:a6:8a:93:82:90:
d5:95:b0:7e:92:c8:ee:0e:a5:61:fd:00:ff:0a:c6:97:33:6b:
83:a7:04:02:1f:96:22:09:31:80:ca:a9:61:be:f8:2a:0d:c5:
38:51:48:84:15:5a:11:87:2c:cf:92:57:2e:e4:32:ce:1c:5d:
6a:b1:84:79:69:f2:61:5d:9e:01:f6:aa:ab:8d:9d:cd:b6:e8:
ed:58:e6:b2:85:00:cc:34:36:55:e5:0d:d2:6b:a6:2c:73:69:
96:e3:ff:6d:71:f7:08:01:48:dc:62:aa:8b:48:59:ec:8c:77:
31:1a:51:22:00:4d:ba:c2:fb:ce:f7:cb:ea:44:42:5e:d4:64:
e3:9e:82:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks/a0Jsw2a1PpcSVERUNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjU2ZWNkM2Y0YjFkNmU4ZDY2OWVhZDBlMDMzZmRhZjBi
ZTRmNDAwHhcNMjUwMTAyMDE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc5N2RjMjA4YTFlNWI5MTk0ZWVmNWZmODQwNmQ5OTYwNzllZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/HZDdxu2+jx6h/NmP49uENRDErE
VDj0mDzwADb1AXE6xObmU6YYSVr9pHu1V6JLeb9A1tTCkoLuREpD3s0uAsr9gfqM
zuAjcmetbHusn0E2zgJ4Pm47XFQet7dD//fxnAXoZ8KEt+4zLDszMdjT5EHUgpD7
p5adwnWh9Pm30Csr9USGTpx9DPBgk4MQaXNbZ1ZpKSKBzOmUiOhlFeQEAjnJf8GC
4E94xzdWTU/U+XNUWhOpQojiWX1L5TJspGRngyylaqU40XY8960a+3BRIpWMRjze
hUy0c7HpZ4UdgLJESmThsnIiJYMzbH+IhX7ODqpNBPlNlCzKj9cnBmVt1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBp5fcIIoeW5GU7vX/hAbZlgee2iMB8GA1UdIwQY
MBaAFET1bs0/Sx1ujWaerQ4DP9rwvk9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBWdXpUOUxIVzZOWnA2dERnTV8ydkMtVDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8wZTAxZGUtY2RlMy00NDdmLWI1ZGMt
MDM2MzU0YTJjMjJmLzEvR25sOXdnaWg1YmtaVHU5Zi1FQnRtV0I1N2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8wZTAxZGUtY2RlMy00NDdmLWI1ZGMtMDM2MzU0YTJjMjJm
LzEvUlBWdXpUOUxIVzZOWnA2dERnTV8ydkMtVDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9aEAwQC
wWuEMA0GCSqGSIb3DQEBCwUAA4IBAQCtSN6QbQerSrk+Uchgw1anlsCK2Ws3BEpX
IZVD3kFtmn3bGlxv8P5if3pBJb7iBe9r5Kaih/esQdaNUsZWZYNQpkeuDl0adEsK
QK5xR08WYpkd/Vppysr9YUYlR9rjHHodze6vYU2JmnXMRiO9LX8iKZeH72PusVfF
poqTgpDVlbB+ksjuDqVh/QD/CsaXM2uDpwQCH5YiCTGAyqlhvvgqDcU4UUiEFVoR
hyzPklcu5DLOHF1qsYR5afJhXZ4B9qqrjZ3NtujtWOayhQDMNDZV5Q3Sa6Ysc2mW
4/9tcfcIAUjcYqqLSFnsjHcxGlEiAE26wvvO98vqREJe1GTjnoI5
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:21 2025 by rpki-client