Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/GmCNeOikZE0wS6KKxhe03_DltNA.roa
File: GmCNeOikZE0wS6KKxhe03_DltNA.roa (raw, json)
Hash identifier: eIHuOi8/aZYhglG7UFc7i9m+hk88ZXcrvgiMPIsu/Fc=
Subject key identifier: 1A:60:8D:78:E8:A4:64:4D:30:4B:A2:8A:C6:17:B4:DF:F0:E5:B4:D0
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0196D860C2462CFC5B6BF77849BC1F9300ED
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/GmCNeOikZE0wS6KKxhe03_DltNA.roa
Signing time: Fri 16 May 2025 09:15:41 +0000
ROA not before: Fri 16 May 2025 09:15:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 03:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:60:c2:46:2c:fc:5b:6b:f7:78:49:bc:1f:93:00:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: May 16 09:15:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a608d78e8a4644d304ba28ac617b4dff0e5b4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f6:48:24:c5:7e:d5:31:db:a6:b4:37:6f:49:
45:fa:6b:4f:ec:5c:2a:ca:1b:c8:7d:1f:aa:28:57:
bd:09:78:bb:f7:87:b8:60:da:b7:d4:21:88:66:2b:
6b:2d:6b:73:f9:db:49:ac:7c:92:1f:73:0c:bf:63:
66:a8:09:9d:b2:c9:40:00:a1:eb:64:ab:a5:96:17:
5c:d6:32:7e:0c:01:64:42:f5:7f:c6:78:52:f4:1f:
59:21:e7:b3:96:51:85:36:61:d9:7d:4f:d0:57:2b:
28:a3:b8:46:a0:f3:50:cf:2e:c6:90:4f:dd:56:91:
37:f6:c2:33:15:4e:62:60:20:ce:30:b9:95:ca:9d:
8a:f9:56:42:8c:e7:2c:cb:a5:4a:e0:3f:0e:dc:5f:
97:51:35:78:dd:7a:84:09:f7:12:da:66:2d:5c:40:
69:e6:e8:c4:b4:02:0a:f5:b8:47:ad:8e:1d:42:ef:
e7:dc:fe:91:10:f1:3b:90:c7:a5:e7:a9:5f:c0:62:
6a:14:4f:4b:82:4a:0c:91:c5:10:3c:17:27:a3:ab:
41:cd:18:cb:03:c0:05:66:78:ce:ea:d8:9f:14:f2:
4a:b3:7e:ef:78:e8:e8:8b:4d:ac:ba:d2:54:d9:58:
dd:5e:16:a7:a1:cb:3f:30:56:a3:5e:33:2e:a0:74:
18:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:60:8D:78:E8:A4:64:4D:30:4B:A2:8A:C6:17:B4:DF:F0:E5:B4:D0
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/GmCNeOikZE0wS6KKxhe03_DltNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:ed:e9:05:92:86:39:c2:7f:67:a9:48:4b:a3:ee:76:37:46:
e7:0f:56:e6:6c:d1:e3:2c:f1:e7:48:f0:05:57:1d:9b:07:75:
b9:03:be:41:03:50:51:19:c1:77:3f:87:89:ec:30:f5:75:d0:
ac:f1:41:31:79:cd:3f:eb:92:eb:6e:db:b7:19:e3:f9:55:95:
3e:8c:aa:54:dc:42:19:e2:fb:07:7c:c2:5a:54:5d:57:d9:84:
bb:06:ff:f8:56:b8:2f:82:1d:2e:60:01:a6:59:f2:c7:18:b0:
1f:ff:89:9f:25:7c:49:e7:2f:34:e7:d5:a9:4b:e3:35:d4:fd:
ff:4b:83:4a:2e:0c:93:ea:c0:f0:5b:63:b5:2d:d3:ac:6b:dd:
2b:69:b2:1d:76:ad:0d:cb:07:8a:9a:6c:0f:6f:0f:2c:75:8f:
5f:04:90:a0:bd:5c:f4:ef:f8:df:4b:c5:60:f2:8e:3c:58:6b:
5e:26:17:23:e7:a2:d4:33:c2:73:f3:7b:66:68:66:77:b5:1c:
54:8f:84:4e:ba:7c:2d:03:0c:b7:81:80:38:c1:20:01:3f:c3:
17:84:5a:ab:af:9a:11:71:07:eb:7a:da:d6:c5:39:e2:5b:c5:
ea:ed:74:9f:39:47:b9:3a:e4:bc:e1:af:25:05:47:11:ad:0c:
3b:0c:a4:d6
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAZbYYMJGLPxba/d4SbwfkwDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNTE2MDkxNTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTYwOGQ3OGU4YTQ2NDRkMzA0YmEyOGFjNjE3YjRkZmYwZTViNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvZIJMV+1THbprQ3b0lF+mtP7Fwq
yhvIfR+qKFe9CXi794e4YNq31CGIZitrLWtz+dtJrHySH3MMv2NmqAmdsslAAKHr
ZKullhdc1jJ+DAFkQvV/xnhS9B9ZIeezllGFNmHZfU/QVysoo7hGoPNQzy7GkE/d
VpE39sIzFU5iYCDOMLmVyp2K+VZCjOcsy6VK4D8O3F+XUTV43XqECfcS2mYtXEBp
5ujEtAIK9bhHrY4dQu/n3P6REPE7kMel56lfwGJqFE9LgkoMkcUQPBcno6tBzRjL
A8AFZnjO6tifFPJKs37veOjoi02sutJU2VjdXhanocs/MFajXjMuoHQYswIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFBpgjXjopGRNMEuiisYXtN/w5bTQMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvR21DTmVPaWtaRTB3UzZLS3hoZTAzX0RsdE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTB+BAIAATB4AwQC
AjikAwQABbYwAwQCLVEUAwQCLYzcAwQCTVPwAwQATmzZAwQCU490AwQCVcqgAwQC
Wb6cAwQCstqQAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQAwR8eAwQCwSJMAwQC
wd3AAwQCwjIQAwQCwjjgAwQC1GsMMIGWBAIAAjCBjwMHBCoLC4IAADAPAwUCKgsL
hAMGASoLC4YAAwcEKgsLhv/wAwcAKgsLh/8SAwcAKgsLh/+0AwcEKgsLh//AAwcA
KgsLh//SAwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYq
C3CAAAADBwQqC3CG//ADBwQqC3CH//ADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IB
AQC37ekFkoY5wn9nqUhLo+52N0bnD1bmbNHjLPHnSPAFVx2bB3W5A75BA1BRGcF3
P4eJ7DD1ddCs8UExec0/65Lrbtu3GeP5VZU+jKpU3EIZ4vsHfMJaVF1X2YS7Bv/4
Vrgvgh0uYAGmWfLHGLAf/4mfJXxJ5y8059WpS+M11P3/S4NKLgyT6sDwW2O1LdOs
a90rabIddq0NyweKmmwPbw8sdY9fBJCgvVz07/jfS8Vg8o48WGteJhcj56LUM8Jz
83tmaGZ3tRxUj4ROunwtAwy3gYA4wSABP8MXhFqrr5oRcQfretrWxTniW8Xq7XSf
OUe5OuS84a8lBUcRrQw7DKTW
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:34:52 2025 by rpki-client