Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/GjL9gwLKb-oKSYTlHtFQE_CZaJs.roa
File: GjL9gwLKb-oKSYTlHtFQE_CZaJs.roa (raw, json)
Hash identifier: mCVCuaWcX9YvC2fV3yIwbRSQDcC/PmXYfMHTWio0d9k=
Subject key identifier: 1A:32:FD:83:02:CA:6F:EA:0A:49:84:E5:1E:D1:50:13:F0:99:68:9B
Certificate issuer: /CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Certificate serial: 019427B48153CF81ECB46E9F3E1DA9D7A031
Authority key identifier: 42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/GjL9gwLKb-oKSYTlHtFQE_CZaJs.roa
Signing time: Thu 02 Jan 2025 15:48:48 +0000
ROA not before: Thu 02 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49129
IP address blocks: 31.192.0.0/20 maxlen: 20
31.192.16.0/20 maxlen: 20
31.192.32.0/20 maxlen: 20
31.192.48.0/20 maxlen: 20
77.242.48.0/20 maxlen: 20
80.77.48.0/20 maxlen: 20
178.236.48.0/20 maxlen: 20
185.110.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:81:53:cf:81:ec:b4:6e:9f:3e:1d:a9:d7:a0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Validity
Not Before: Jan 2 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a32fd8302ca6fea0a4984e51ed15013f099689b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:54:c5:a6:61:3e:30:09:26:a6:0a:75:9a:
61:b5:2d:d1:1b:34:db:b7:12:90:b9:e7:8e:5d:88:
a1:66:b4:6c:e2:71:a8:d1:e3:5a:31:62:14:93:e1:
ab:80:dd:63:c0:ff:71:08:7f:24:18:43:ef:5d:54:
ce:7a:8f:e5:1c:ee:83:5d:a4:2d:ae:6f:58:66:61:
69:44:f5:30:71:53:82:c4:68:b6:1e:4c:43:22:0b:
d7:20:44:c7:b2:e2:a1:a3:e8:a5:fa:29:6b:96:24:
47:35:86:bc:2d:36:79:d5:e4:a1:bd:c0:b4:50:d1:
f4:31:f2:b3:d4:75:73:de:f1:9b:ab:eb:49:94:83:
19:7d:d2:a2:53:05:5b:6e:2b:f0:e6:a4:42:47:97:
16:dd:c0:1f:88:4f:5f:e4:e6:ef:84:33:56:9a:93:
e6:49:f3:98:70:a2:fd:fa:45:8d:e8:88:95:f8:f5:
f2:6f:a8:c3:02:8d:43:fd:82:7d:96:a9:79:c7:23:
c2:d0:69:09:da:f0:9f:bc:77:b9:f6:ba:67:36:34:
5e:57:1a:6e:62:19:eb:a4:b2:4a:93:18:03:7e:ab:
bf:19:8e:97:3a:7d:5d:24:92:b3:41:92:3b:a9:cb:
3c:c5:a9:4a:da:1d:06:a0:1c:f2:8c:8a:f1:31:47:
b6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:32:FD:83:02:CA:6F:EA:0A:49:84:E5:1E:D1:50:13:F0:99:68:9B
X509v3 Authority Key Identifier:
keyid:42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/GjL9gwLKb-oKSYTlHtFQE_CZaJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.0.0/18
77.242.48.0/20
80.77.48.0/20
178.236.48.0/20
185.110.164.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:3b:8c:73:f6:22:76:f3:e7:d4:2a:f4:72:fe:60:dd:cc:2b:
0a:b8:93:5b:0c:f6:f6:fd:89:cb:94:2d:be:6c:f7:7b:90:ce:
1b:e0:38:ec:e7:9a:19:59:2d:cf:59:cd:87:32:12:a5:84:33:
24:53:d6:b8:8e:d6:cc:43:52:7c:f9:47:00:2a:80:6e:d2:bc:
00:32:17:13:6a:df:0e:e3:e1:53:e9:4b:6e:3f:84:33:83:e0:
d8:69:6d:12:27:fa:e8:1f:61:f7:4e:55:67:97:9b:22:0c:68:
2e:36:0d:0a:2a:63:97:99:ff:be:65:d1:fd:cf:ab:20:18:b6:
56:5a:67:b3:24:1f:1a:cb:a4:e9:8e:03:08:69:9e:d2:e4:df:
30:a4:0f:31:e1:3c:bf:aa:ce:bd:bf:a6:c3:3d:41:eb:06:ab:
3a:6b:0c:ca:e6:2f:61:ac:a8:ed:c7:f4:af:e8:4d:87:5a:aa:
fa:fd:51:dc:25:13:55:d7:73:42:dd:7c:49:27:de:e7:59:72:
0e:a8:e1:fc:01:60:d0:e5:bd:30:56:5b:1f:8e:9b:0a:fd:74:
90:7a:b8:48:bd:bc:7f:70:24:97:04:74:2b:9e:f1:aa:69:e5:
9d:bb:a0:a1:05:b8:c3:0a:a4:cb:73:9b:d5:15:41:e1:85:3e:
ff:19:c2:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntIFTz4HstG6fPh2p16AxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGUyN2ZhODg3OTA1ZTBjOWMxZjUzZjY3ZjIzZjI5NmQw
NDVmMGUwHhcNMjUwMTAyMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTMyZmQ4MzAyY2E2ZmVhMGE0OTg0ZTUxZWQxNTAxM2YwOTk2ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJNUxaZhPjAJJqYKdZphtS3RGzTb
txKQueeOXYihZrRs4nGo0eNaMWIUk+GrgN1jwP9xCH8kGEPvXVTOeo/lHO6DXaQt
rm9YZmFpRPUwcVOCxGi2HkxDIgvXIETHsuKho+il+ilrliRHNYa8LTZ51eShvcC0
UNH0MfKz1HVz3vGbq+tJlIMZfdKiUwVbbivw5qRCR5cW3cAfiE9f5ObvhDNWmpPm
SfOYcKL9+kWN6IiV+PXyb6jDAo1D/YJ9lql5xyPC0GkJ2vCfvHe59rpnNjReVxpu
YhnrpLJKkxgDfqu/GY6XOn1dJJKzQZI7qcs8xalK2h0GoBzyjIrxMUe26wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBoy/YMCym/qCkmE5R7RUBPwmWibMB8GA1UdIwQY
MBaAFELeJ/qIeQXgycH1P2fyPyltBF8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQt
ZDI5YjdkNDc4NjMxLzEvR2pMOWd3TEtiLW9LU1lUbEh0RlFFX0NaYUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQtZDI5YjdkNDc4NjMx
LzEvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGH8AAAwQE
TfIwAwQEUE0wAwQEsuwwAwQCuW6kMA0GCSqGSIb3DQEBCwUAA4IBAQBeO4xz9iJ2
8+fUKvRy/mDdzCsKuJNbDPb2/YnLlC2+bPd7kM4b4Djs55oZWS3PWc2HMhKlhDMk
U9a4jtbMQ1J8+UcAKoBu0rwAMhcTat8O4+FT6UtuP4Qzg+DYaW0SJ/roH2H3TlVn
l5siDGguNg0KKmOXmf++ZdH9z6sgGLZWWmezJB8ay6TpjgMIaZ7S5N8wpA8x4Ty/
qs69v6bDPUHrBqs6awzK5i9hrKjtx/Sv6E2HWqr6/VHcJRNV13NC3XxJJ97nWXIO
qOH8AWDQ5b0wVlsfjpsK/XSQerhIvbx/cCSXBHQrnvGqaeWdu6ChBbjDCqTLc5vV
FUHhhT7/GcKF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:09 2025 by rpki-client