Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/tGnfBpcM9WdZcGTV2u32zJOiBt8.roa
File: tGnfBpcM9WdZcGTV2u32zJOiBt8.roa (raw, json)
Hash identifier: gFwI+sP0Z829K3A/AxDldH8I51IlzJyC6UwEbaoL6wI=
Subject key identifier: B4:69:DF:06:97:0C:F5:67:59:70:64:D5:DA:ED:F6:CC:93:A2:06:DF
Certificate issuer: /CN=18f9194d4dd7d4b7b777c920079e401d3a2533b6
Certificate serial: 01941FFA5BBC43265FB6137C8968DD55A2D3
Authority key identifier: 18:F9:19:4D:4D:D7:D4:B7:B7:77:C9:20:07:9E:40:1D:3A:25:33:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPkZTU3X1Le3d8kgB55AHTolM7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/tGnfBpcM9WdZcGTV2u32zJOiBt8.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213212
IP address blocks: 85.159.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/GPkZTU3X1Le3d8kgB55AHTolM7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/GPkZTU3X1Le3d8kgB55AHTolM7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GPkZTU3X1Le3d8kgB55AHTolM7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5b:bc:43:26:5f:b6:13:7c:89:68:dd:55:a2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f9194d4dd7d4b7b777c920079e401d3a2533b6
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b469df06970cf567597064d5daedf6cc93a206df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:61:e6:2f:5b:e9:fa:87:78:b6:c5:eb:07:5a:
be:2d:dd:1b:e2:f1:16:53:97:6a:d0:3f:61:56:46:
8c:79:04:2b:1f:90:8e:d8:c3:1f:a0:9e:ce:8a:9e:
e2:01:1e:53:c0:33:11:67:69:76:c6:ac:17:b8:16:
c2:93:8f:d0:8c:77:09:63:35:93:b4:fb:94:61:07:
c5:83:34:81:39:c7:63:94:17:46:35:0a:cd:57:5b:
fe:7c:5a:fb:cd:84:a2:43:12:0f:a8:8a:ab:27:60:
58:12:c4:5c:7d:2d:a8:79:9f:f5:dc:98:58:9e:d8:
85:55:2a:08:49:f5:d9:37:84:2c:77:fa:7c:e1:35:
53:c1:c6:3a:11:52:68:4b:8a:27:30:68:9b:ad:ec:
79:1b:ee:1f:39:ee:f4:f8:34:47:80:5c:21:1d:62:
31:92:5f:98:11:00:05:90:51:92:04:44:9e:11:4f:
29:19:47:49:a4:01:bf:bb:23:b3:56:c2:f3:5b:d3:
91:57:aa:24:d5:4f:db:8c:dc:e8:c6:96:7f:2c:1a:
39:c6:29:78:92:46:32:3d:2f:75:05:91:bf:6f:40:
ba:95:ee:22:28:4c:35:bc:31:d1:48:f2:d3:66:50:
fe:81:13:e8:90:ef:d1:5d:42:64:77:09:ff:4c:cd:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:69:DF:06:97:0C:F5:67:59:70:64:D5:DA:ED:F6:CC:93:A2:06:DF
X509v3 Authority Key Identifier:
keyid:18:F9:19:4D:4D:D7:D4:B7:B7:77:C9:20:07:9E:40:1D:3A:25:33:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPkZTU3X1Le3d8kgB55AHTolM7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/tGnfBpcM9WdZcGTV2u32zJOiBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d2c689-ec36-4edf-96f4-38995f24b1ef/1/GPkZTU3X1Le3d8kgB55AHTolM7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.117.0/24
Signature Algorithm: sha256WithRSAEncryption
37:28:0a:e7:ec:02:33:d3:eb:0d:8f:f1:e4:4f:1b:39:fc:48:
d0:52:ae:e2:3e:a7:1e:80:17:4d:dd:31:7f:ef:37:65:db:8f:
4d:81:8c:91:aa:13:b5:2f:ed:6a:62:e9:d1:8a:b6:6e:69:75:
77:cb:38:dd:69:52:d5:63:29:18:d5:c7:d5:c5:ab:8a:2f:e4:
4d:d7:b8:0d:18:ed:62:36:08:05:fa:3f:91:2e:ee:43:9a:f1:
a7:78:a5:f7:6a:18:3b:b4:91:5a:ae:6b:1e:e3:b1:94:0e:68:
c9:56:82:54:50:3a:68:9e:fb:ea:15:7e:84:03:18:f8:c9:93:
90:ee:8d:47:e2:32:21:7d:c0:2a:e8:8b:48:4d:09:00:fa:45:
55:33:b7:83:c8:64:93:46:71:75:7a:d9:9e:03:3f:0a:d8:74:
a4:35:4e:1c:11:42:e3:46:3b:49:44:42:d3:a6:b9:63:5a:64:
1a:5a:96:1a:23:dd:1e:63:d4:06:eb:e6:5b:77:7a:fc:c9:ff:
a1:d6:ff:c2:17:76:0f:8b:55:db:67:54:60:2a:e9:25:b6:8c:
f6:a4:e1:b6:f5:5f:a0:76:92:f7:57:f5:9d:69:9d:d3:91:60:
96:a4:3b:66:b6:08:c9:59:85:7d:aa:36:cc:d1:6d:ba:f8:92:
e3:7c:f3:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lu8QyZfthN8iWjdVaLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjkxOTRkNGRkN2Q0YjdiNzc3YzkyMDA3OWU0MDFkM2Ey
NTMzYjYwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY5ZGYwNjk3MGNmNTY3NTk3MDY0ZDVkYWVkZjZjYzkzYTIwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mHmL1vp+od4tsXrB1q+Ld0b4vEW
U5dq0D9hVkaMeQQrH5CO2MMfoJ7Oip7iAR5TwDMRZ2l2xqwXuBbCk4/QjHcJYzWT
tPuUYQfFgzSBOcdjlBdGNQrNV1v+fFr7zYSiQxIPqIqrJ2BYEsRcfS2oeZ/13JhY
ntiFVSoISfXZN4Qsd/p84TVTwcY6EVJoS4onMGibrex5G+4fOe70+DRHgFwhHWIx
kl+YEQAFkFGSBESeEU8pGUdJpAG/uyOzVsLzW9ORV6ok1U/bjNzoxpZ/LBo5xil4
kkYyPS91BZG/b0C6le4iKEw1vDHRSPLTZlD+gRPokO/RXUJkdwn/TM085wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRp3waXDPVnWXBk1drt9syTogbfMB8GA1UdIwQY
MBaAFBj5GU1N19S3t3fJIAeeQB06JTO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BrWlRVM1gxTGUzZDhrZ0I1NUFIVG9sTTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMmM2ODktZWMzNi00ZWRmLTk2ZjQt
Mzg5OTVmMjRiMWVmLzEvdEduZkJwY005V2RaY0dUVjJ1MzJ6Sk9pQnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMmM2ODktZWMzNi00ZWRmLTk2ZjQtMzg5OTVmMjRiMWVm
LzEvR1BrWlRVM1gxTGUzZDhrZ0I1NUFIVG9sTTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ91MA0G
CSqGSIb3DQEBCwUAA4IBAQA3KArn7AIz0+sNj/HkTxs5/EjQUq7iPqcegBdN3TF/
7zdl249NgYyRqhO1L+1qYunRirZuaXV3yzjdaVLVYykY1cfVxauKL+RN17gNGO1i
NggF+j+RLu5DmvGneKX3ahg7tJFarmse47GUDmjJVoJUUDponvvqFX6EAxj4yZOQ
7o1H4jIhfcAq6ItITQkA+kVVM7eDyGSTRnF1etmeAz8K2HSkNU4cEULjRjtJRELT
prljWmQaWpYaI90eY9QG6+Zbd3r8yf+h1v/CF3YPi1XbZ1RgKukltoz2pOG29V+g
dpL3V/WdaZ3TkWCWpDtmtgjJWYV9qjbM0W26+JLjfPM8
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:36:02 2025 by rpki-client