Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gfZIer2_Pz0B2yLVTOutUwPXUsM.roa
File: gfZIer2_Pz0B2yLVTOutUwPXUsM.roa (raw, json)
Hash identifier: 7lsBsTgBq0pvgYjv4/FvvaakM/zRcN4sjQqGoTO3alU=
Subject key identifier: 81:F6:48:7A:BD:BF:3F:3D:01:DB:22:D5:4C:EB:AD:53:03:D7:52:C3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A46F003395C3F2369692AA9373A9B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gfZIer2_Pz0B2yLVTOutUwPXUsM.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 163.5.96.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:46:f0:03:39:5c:3f:23:69:69:2a:a9:37:3a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81f6487abdbf3f3d01db22d54cebad5303d752c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1b:6c:81:ec:0a:66:3f:e9:20:79:d4:92:0c:
6e:d8:a8:ad:fa:52:22:9a:c6:d7:e1:e3:db:af:12:
f4:46:bd:42:e2:8d:b2:5c:9d:8a:b5:8c:a5:9e:66:
c6:ec:da:e9:62:ed:cb:27:fb:15:b4:32:ef:d4:f5:
f4:7f:0f:06:cc:4a:02:e3:57:42:38:8f:2f:c2:c9:
a9:0c:3f:27:17:f8:fb:57:cf:d6:55:ec:50:35:06:
c1:27:a9:0c:a0:61:6b:e1:e7:7a:9b:7c:2d:6c:75:
b5:82:e7:cc:7e:9c:c3:c3:12:5e:d4:5b:27:d4:58:
06:aa:fa:7b:01:2d:02:99:13:8b:bc:fe:20:95:01:
ac:e8:06:a8:f8:b5:82:46:9b:b5:41:4f:e9:91:d1:
8f:c4:92:f9:51:c5:90:4e:38:bf:91:fb:47:49:29:
80:9e:75:8f:0d:9f:80:5c:8d:57:61:d8:5c:95:2e:
a6:4d:0b:04:6f:c3:b0:23:95:76:76:d3:42:7f:4d:
ff:e8:78:54:f2:f0:46:03:02:fc:10:e2:12:f9:f0:
09:3b:37:92:60:3d:91:cb:33:11:3d:33:16:50:41:
7d:0a:4e:d8:3e:c3:e9:cf:b5:85:a3:ee:79:45:04:
3d:e4:7c:fb:11:fd:a6:e9:70:0c:83:37:cd:74:e9:
e2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F6:48:7A:BD:BF:3F:3D:01:DB:22:D5:4C:EB:AD:53:03:D7:52:C3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gfZIer2_Pz0B2yLVTOutUwPXUsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.96.0/24
163.5.129.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:c0:9e:41:23:8e:c3:5f:4e:b4:12:d3:61:ac:cd:ee:b1:9e:
0e:64:38:1f:a4:6e:05:db:3b:59:b8:8a:3b:a3:91:a9:e0:36:
ff:86:b1:6b:d6:ba:cf:1c:0a:ec:9d:a1:ad:9f:61:84:16:bc:
e0:dc:02:04:aa:95:b2:11:2f:cf:ed:32:ce:b2:0d:76:5a:13:
bf:9c:b9:4e:9e:77:6f:fb:e4:4a:03:9a:80:3e:96:52:74:18:
44:6a:b4:c8:50:4e:ac:9f:0a:87:4b:b6:cd:70:bd:9b:29:2a:
d7:da:f4:76:91:fd:88:1c:65:ea:de:1e:2d:02:29:6e:d7:05:
0c:53:08:75:47:54:6e:f5:f9:b1:f7:26:04:15:0f:fc:f4:ef:
99:51:9e:2b:17:ad:48:2f:c3:c3:3a:d7:f6:d6:31:3e:e1:e5:
a8:dd:cb:aa:02:ed:46:21:97:c0:6c:98:e7:52:e9:31:c5:17:
4e:21:49:53:94:92:78:d2:4c:5a:34:9f:1a:a7:4e:74:7f:39:
26:d9:6c:51:07:19:ad:0e:96:c7:d1:e9:8f:48:24:ba:7b:32:
54:c0:46:e8:85:cf:60:cd:ee:83:d4:89:a6:0c:d4:61:62:7a:
b3:87:ce:0f:31:2c:45:e3:e1:3c:3a:ed:7b:96:a8:d9:d3:83:
ca:c2:09:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjakbwAzlcPyNpaSqpNzqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWY2NDg3YWJkYmYzZjNkMDFkYjIyZDU0Y2ViYWQ1MzAzZDc1MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBtsgewKZj/pIHnUkgxu2Kit+lIi
msbX4ePbrxL0Rr1C4o2yXJ2KtYylnmbG7NrpYu3LJ/sVtDLv1PX0fw8GzEoC41dC
OI8vwsmpDD8nF/j7V8/WVexQNQbBJ6kMoGFr4ed6m3wtbHW1gufMfpzDwxJe1Fsn
1FgGqvp7AS0CmROLvP4glQGs6Aao+LWCRpu1QU/pkdGPxJL5UcWQTji/kftHSSmA
nnWPDZ+AXI1XYdhclS6mTQsEb8OwI5V2dtNCf03/6HhU8vBGAwL8EOIS+fAJOzeS
YD2RyzMRPTMWUEF9Ck7YPsPpz7WFo+55RQQ95Hz7Ef2m6XAMgzfNdOnifwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIH2SHq9vz89Adsi1UzrrVMD11LDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ2ZaSWVyMl9QejBCMnlMVlRPdXRVd1BYVXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVgAwQA
owWBMA0GCSqGSIb3DQEBCwUAA4IBAQCuwJ5BI47DX060EtNhrM3usZ4OZDgfpG4F
2ztZuIo7o5Gp4Db/hrFr1rrPHArsnaGtn2GEFrzg3AIEqpWyES/P7TLOsg12WhO/
nLlOnndv++RKA5qAPpZSdBhEarTIUE6snwqHS7bNcL2bKSrX2vR2kf2IHGXq3h4t
Ailu1wUMUwh1R1Ru9fmx9yYEFQ/89O+ZUZ4rF61IL8PDOtf21jE+4eWo3cuqAu1G
IZfAbJjnUukxxRdOIUlTlJJ40kxaNJ8ap050fzkm2WxRBxmtDpbH0emPSCS6ezJU
wEbohc9gze6D1ImmDNRhYnqzh84PMSxF4+E8Ou17lqjZ04PKwgk+
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:40:22 2025 by rpki-client