Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/gcAJhnp75nn3OhwbSa9nzzcRaUI.roa
File: gcAJhnp75nn3OhwbSa9nzzcRaUI.roa (raw, json)
Hash identifier: Jgj60UlrGxuOFPZBlyVAd9Y49+PH7LywBsHvYG3mNks=
Subject key identifier: 81:C0:09:86:7A:7B:E6:79:F7:3A:1C:1B:49:AF:67:CF:37:11:69:42
Certificate issuer: /CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Certificate serial: 019427B6863061DE31C784B18C0E34554A6E
Authority key identifier: E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/gcAJhnp75nn3OhwbSa9nzzcRaUI.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60815
IP address blocks: 185.20.24.0/22 maxlen: 22
185.20.24.0/23 maxlen: 23
185.20.24.0/24 maxlen: 24
185.20.25.0/24 maxlen: 24
185.20.26.0/23 maxlen: 23
185.20.26.0/24 maxlen: 24
185.20.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.mft
rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:86:30:61:de:31:c7:84:b1:8c:0e:34:55:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81074e32822c8bef3a7dcb31280825bd27545c9
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81c009867a7be679f73a1c1b49af67cf37116942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d9:64:1f:a3:55:68:43:f7:f4:29:7a:21:9c:
24:c8:91:46:b5:9d:2b:5b:10:de:4e:81:7c:f9:28:
f8:43:9f:c8:30:f2:9a:9d:8f:8b:b1:b8:06:25:3b:
d4:82:9e:7a:7a:38:9d:f8:d4:6c:e1:59:62:7c:6c:
66:eb:1b:8e:71:90:d1:a7:b7:6f:d0:34:f2:54:fd:
7e:4d:19:db:25:3b:78:9f:45:e2:ba:19:bf:96:4f:
36:f1:4d:f9:23:36:73:e4:fd:ea:a0:f9:9f:41:0f:
71:9c:3b:4c:df:90:7f:92:ae:13:80:83:76:64:01:
89:70:2f:58:71:e4:69:8d:3b:76:96:f9:64:a9:32:
22:db:01:cb:96:cc:fb:89:ad:50:98:99:68:b9:2a:
1e:ed:b3:35:73:81:29:ba:c9:74:fe:1f:f0:98:a0:
34:f2:d6:6d:d7:fa:c7:d0:e8:85:79:a5:8b:96:4f:
46:02:be:c2:f4:64:2b:ae:a8:63:5b:bf:48:aa:97:
21:f3:6b:45:79:c5:a3:3e:78:83:ad:39:15:14:41:
cb:4e:91:50:c0:bf:4a:03:8c:a5:e5:58:b5:0e:0f:
05:5d:b0:95:43:66:65:52:69:27:52:0a:0e:cb:9c:
19:22:df:a9:51:8d:c9:80:26:0e:8f:88:15:c6:1a:
9a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C0:09:86:7A:7B:E6:79:F7:3A:1C:1B:49:AF:67:CF:37:11:69:42
X509v3 Authority Key Identifier:
keyid:E8:10:74:E3:28:22:C8:BE:F3:A7:DC:B3:12:80:82:5B:D2:75:45:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BB04ygiyL7zp9yzEoCCW9J1Rck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/gcAJhnp75nn3OhwbSa9nzzcRaUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/874d27-f2ac-4897-96f4-3e4e84f35cd0/1/6BB04ygiyL7zp9yzEoCCW9J1Rck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.24.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:20:2d:32:4b:4e:5e:9b:cc:23:36:ff:a7:fd:c7:71:05:25:
eb:e7:af:09:ee:07:f8:b6:33:56:ea:e2:95:75:34:85:c0:50:
5f:e6:45:06:ec:ff:61:b2:31:3e:e0:6e:23:ba:ad:e6:c6:bd:
37:5e:02:94:d3:2d:8a:89:da:4e:72:55:3c:76:d4:08:89:20:
c9:71:89:00:11:0a:c6:0f:1f:7f:ab:54:ea:6a:17:cb:a6:a0:
24:5c:b6:50:25:bd:b1:09:89:28:0d:eb:32:08:04:8d:00:02:
e9:48:f5:85:67:96:65:f3:cf:32:fa:1b:83:63:26:1b:c8:e4:
be:27:29:59:74:6e:38:87:e0:b1:98:6d:e3:10:37:8b:39:1f:
e7:57:3c:d6:c3:f4:e3:54:0e:06:0b:95:4d:1f:d3:55:0f:43:
01:5b:a6:e0:b1:4a:1d:a8:6c:2b:9c:2c:67:78:fc:58:15:6b:
8d:e6:3e:0c:8b:94:2d:93:83:65:6d:af:5d:5d:98:b5:97:18:
7e:0c:d0:1b:3d:7d:14:4c:24:2e:db:c2:18:da:c7:98:43:e4:
e8:f8:4c:e6:00:10:69:36:fd:16:77:5f:be:d3:a4:e1:6c:e6:
f8:df:0d:35:c8:5d:9e:bf:a0:72:ac:46:b9:5b:1f:8b:8d:2e:
c3:e7:e8:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntoYwYd4xx4SxjA40VUpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTA3NGUzMjgyMmM4YmVmM2E3ZGNiMzEyODA4MjViZDI3
NTQ1YzkwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMwMDk4NjdhN2JlNjc5ZjczYTFjMWI0OWFmNjdjZjM3MTE2OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdlkH6NVaEP39Cl6IZwkyJFGtZ0r
WxDeToF8+Sj4Q5/IMPKanY+LsbgGJTvUgp56ejid+NRs4VlifGxm6xuOcZDRp7dv
0DTyVP1+TRnbJTt4n0Xiuhm/lk828U35IzZz5P3qoPmfQQ9xnDtM35B/kq4TgIN2
ZAGJcC9YceRpjTt2lvlkqTIi2wHLlsz7ia1QmJlouSoe7bM1c4Epusl0/h/wmKA0
8tZt1/rH0OiFeaWLlk9GAr7C9GQrrqhjW79Iqpch82tFecWjPniDrTkVFEHLTpFQ
wL9KA4yl5Vi1Dg8FXbCVQ2ZlUmknUgoOy5wZIt+pUY3JgCYOj4gVxhqaMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHACYZ6e+Z59zocG0mvZ883EWlCMB8GA1UdIwQY
MBaAFOgQdOMoIsi+86fcsxKAglvSdUXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQt
M2U0ZTg0ZjM1Y2QwLzEvZ2NBSmhucDc1bm4zT2h3YlNhOW56emNSYVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NzRkMjctZjJhYy00ODk3LTk2ZjQtM2U0ZTg0ZjM1Y2Qw
LzEvNkJCMDR5Z2l5TDd6cDl5ekVvQ0NXOUoxUmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRQYMA0G
CSqGSIb3DQEBCwUAA4IBAQCPIC0yS05em8wjNv+n/cdxBSXr568J7gf4tjNW6uKV
dTSFwFBf5kUG7P9hsjE+4G4juq3mxr03XgKU0y2KidpOclU8dtQIiSDJcYkAEQrG
Dx9/q1TqahfLpqAkXLZQJb2xCYkoDesyCASNAALpSPWFZ5Zl888y+huDYyYbyOS+
JylZdG44h+CxmG3jEDeLOR/nVzzWw/TjVA4GC5VNH9NVD0MBW6bgsUodqGwrnCxn
ePxYFWuN5j4Mi5Qtk4Nlba9dXZi1lxh+DNAbPX0UTCQu28IY2seYQ+To+EzmABBp
Nv0Wd1++06ThbOb43w01yF2ev6ByrEa5Wx+LjS7D5+ik
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:19 2025 by rpki-client