Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/gLRqMg9LH0l3Bvm_1EaM6nJMhBU.roa
File: gLRqMg9LH0l3Bvm_1EaM6nJMhBU.roa (raw, json)
Hash identifier: tozY0cG4yyw1J4sRnJzdlyQ67yOL3u+re3wAKQtu0HE=
Subject key identifier: 80:B4:6A:32:0F:4B:1F:49:77:06:F9:BF:D4:46:8C:EA:72:4C:84:15
Certificate issuer: /CN=f33f2db72aab435b9daa2b1f7e1a8a32767788be
Certificate serial: 01970304C9941EFC8E14F551A2DBB5721918
Authority key identifier: F3:3F:2D:B7:2A:AB:43:5B:9D:AA:2B:1F:7E:1A:8A:32:76:77:88:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8z8ttyqrQ1udqisffhqKMnZ3iL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/gLRqMg9LH0l3Bvm_1EaM6nJMhBU.roa
Signing time: Sat 24 May 2025 15:58:54 +0000
ROA not before: Sat 24 May 2025 15:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12982
IP address blocks: 193.194.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/8z8ttyqrQ1udqisffhqKMnZ3iL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/8z8ttyqrQ1udqisffhqKMnZ3iL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/8z8ttyqrQ1udqisffhqKMnZ3iL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:04:c9:94:1e:fc:8e:14:f5:51:a2:db:b5:72:19:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f33f2db72aab435b9daa2b1f7e1a8a32767788be
Validity
Not Before: May 24 15:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80b46a320f4b1f497706f9bfd4468cea724c8415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:09:ae:ee:04:fa:fc:42:ee:1f:76:89:15:
61:b6:ea:e5:24:3c:16:dd:c5:d2:b7:73:a8:84:51:
46:2c:08:44:b3:74:c2:c6:dd:98:68:30:1e:33:78:
10:dd:c1:63:e3:d8:a1:02:59:e0:f2:05:d1:30:94:
96:e4:37:c0:00:f3:e9:38:95:e1:c1:7a:2c:00:73:
61:62:e7:f5:c4:2c:33:5a:02:d8:5d:54:cf:6c:a0:
b5:ec:01:66:96:79:db:1f:52:d3:b5:0b:34:bd:ac:
49:02:11:a6:78:43:6c:ed:75:e1:8e:66:20:76:73:
a1:21:34:3f:af:f7:da:c1:99:4c:49:c8:e5:a4:b4:
7e:e7:c8:ba:95:c0:06:e5:b0:61:62:36:3f:6e:7f:
1c:90:4c:de:34:7a:04:dd:b7:21:2c:ae:e3:69:25:
a7:b9:dd:c9:e0:b6:31:74:b2:1e:4e:7f:c1:7d:d1:
27:2b:db:b1:01:4f:43:cb:c6:1b:64:c0:05:91:1c:
fc:42:0b:2c:41:27:4a:f9:5b:06:ac:ef:ae:f5:45:
92:8c:d1:95:a6:47:c3:6e:68:30:39:8d:97:48:76:
5e:f2:b1:ae:a7:57:36:1e:ee:0c:18:de:9b:34:94:
6b:f1:d8:56:f6:02:f0:34:66:90:5b:92:69:76:b0:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B4:6A:32:0F:4B:1F:49:77:06:F9:BF:D4:46:8C:EA:72:4C:84:15
X509v3 Authority Key Identifier:
keyid:F3:3F:2D:B7:2A:AB:43:5B:9D:AA:2B:1F:7E:1A:8A:32:76:77:88:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8z8ttyqrQ1udqisffhqKMnZ3iL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/gLRqMg9LH0l3Bvm_1EaM6nJMhBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c09d9-da0b-4f5b-be21-c6c06e2b3a9f/1/8z8ttyqrQ1udqisffhqKMnZ3iL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.156.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7a:35:3f:9e:e1:ad:ca:ef:70:95:b0:a2:ac:7c:2f:f9:24:
73:c0:9d:eb:58:93:4c:93:5c:e3:34:69:46:78:5c:b3:bc:9b:
f9:50:1d:53:7f:cb:eb:af:2c:8a:60:de:98:1e:86:b7:69:cf:
f2:eb:88:4a:6d:46:79:6f:9c:83:39:34:b5:54:98:5b:57:71:
64:4e:63:f4:b5:9b:b1:e9:a3:2b:e1:93:7c:09:4f:e8:8f:7a:
5d:96:33:93:90:a6:b5:a4:7a:f0:10:31:44:89:64:ea:26:47:
bf:9d:af:f4:c2:59:95:75:51:5f:3e:c6:27:dc:0d:a0:fb:96:
b0:82:e2:b6:36:4c:e7:6d:fe:73:79:95:c8:16:0e:5b:16:d0:
32:c1:37:4e:77:8d:9a:cd:bb:71:59:43:d1:e4:a1:ed:04:0a:
49:27:3b:49:0f:3b:b2:f1:ac:0b:49:0b:64:0c:a4:9f:7b:0a:
31:a1:5a:f9:84:84:be:11:24:70:8b:26:6e:6e:64:2e:ef:25:
78:81:c2:26:71:04:6b:af:be:11:8d:a4:bc:f4:17:9a:82:d4:
04:3f:82:74:d2:93:bf:7e:ef:51:4a:9d:83:40:12:c8:32:5a:
80:b1:7a:08:88:bf:60:e7:db:0f:d8:aa:72:5a:e9:35:7b:8a:
1d:e1:3f:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcDBMmUHvyOFPVRotu1chkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzM2YyZGI3MmFhYjQzNWI5ZGFhMmIxZjdlMWE4YTMyNzY3
Nzg4YmUwHhcNMjUwNTI0MTU1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI0NmEzMjBmNGIxZjQ5NzcwNmY5YmZkNDQ2OGNlYTcyNGM4NDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn0Jru4E+vxC7h92iRVhturlJDwW
3cXSt3OohFFGLAhEs3TCxt2YaDAeM3gQ3cFj49ihAlng8gXRMJSW5DfAAPPpOJXh
wXosAHNhYuf1xCwzWgLYXVTPbKC17AFmlnnbH1LTtQs0vaxJAhGmeENs7XXhjmYg
dnOhITQ/r/fawZlMScjlpLR+58i6lcAG5bBhYjY/bn8ckEzeNHoE3bchLK7jaSWn
ud3J4LYxdLIeTn/BfdEnK9uxAU9Dy8YbZMAFkRz8QgssQSdK+VsGrO+u9UWSjNGV
pkfDbmgwOY2XSHZe8rGup1c2Hu4MGN6bNJRr8dhW9gLwNGaQW5JpdrDr2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIC0ajIPSx9Jdwb5v9RGjOpyTIQVMB8GA1UdIwQY
MBaAFPM/Lbcqq0NbnaorH34aijJ2d4i+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHo4dHR5cXJRMXVkcWlzZmZocUtNblozaUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzA5ZDktZGEwYi00ZjViLWJlMjEt
YzZjMDZlMmIzYTlmLzEvZ0xScU1nOUxIMGwzQnZtXzFFYU02bkpNaEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzA5ZDktZGEwYi00ZjViLWJlMjEtYzZjMDZlMmIzYTlm
LzEvOHo4dHR5cXJRMXVkcWlzZmZocUtNblozaUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcKcMA0G
CSqGSIb3DQEBCwUAA4IBAQBXejU/nuGtyu9wlbCirHwv+SRzwJ3rWJNMk1zjNGlG
eFyzvJv5UB1Tf8vrryyKYN6YHoa3ac/y64hKbUZ5b5yDOTS1VJhbV3FkTmP0tZux
6aMr4ZN8CU/oj3pdljOTkKa1pHrwEDFEiWTqJke/na/0wlmVdVFfPsYn3A2g+5aw
guK2Nkznbf5zeZXIFg5bFtAywTdOd42azbtxWUPR5KHtBApJJztJDzuy8awLSQtk
DKSfewoxoVr5hIS+ESRwiyZubmQu7yV4gcImcQRrr74RjaS89BeagtQEP4J00pO/
fu9RSp2DQBLIMlqAsXoIiL9g59sP2KpyWuk1e4od4T9H
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:13:10 2025 by rpki-client