Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/i_g5q7-hPStlEv1O5n0OZOzfR60.roa
File: i_g5q7-hPStlEv1O5n0OZOzfR60.roa (raw, json)
Hash identifier: m3x1cS4XhcesKKNznb1VTlqwdh2lVHJU/PvB8L7dB+M=
Subject key identifier: 8B:F8:39:AB:BF:A1:3D:2B:65:12:FD:4E:E6:7D:0E:64:EC:DF:47:AD
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 019615902B314F5F7322F525605B7E06C39F
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/i_g5q7-hPStlEv1O5n0OZOzfR60.roa
Signing time: Tue 08 Apr 2025 13:21:31 +0000
ROA not before: Tue 08 Apr 2025 13:21:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202552
IP address blocks: 81.200.128.0/23 maxlen: 23
185.156.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:90:2b:31:4f:5f:73:22:f5:25:60:5b:7e:06:c3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Apr 8 13:21:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bf839abbfa13d2b6512fd4ee67d0e64ecdf47ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1c:d8:b9:d6:c5:d4:28:c1:36:8a:fa:c2:b8:
3c:be:e0:46:5a:8a:e6:15:66:4a:26:22:9b:2f:3d:
44:88:a5:5b:86:d6:ee:88:90:37:dd:07:49:9c:7b:
89:fe:70:44:0d:60:45:37:5a:be:9c:5c:28:47:5e:
af:63:35:28:bb:a3:2a:92:06:27:d2:cf:a9:0b:97:
58:9c:2b:f3:a7:ad:03:17:3f:af:82:0e:8a:55:b7:
a6:0e:3c:16:3e:ca:16:4e:cf:8a:a7:47:6f:cd:b6:
1b:7b:a7:a0:d2:18:28:99:e4:cb:c8:d3:fc:90:4f:
cf:63:7e:b8:6d:6c:2c:86:2d:f9:14:c7:d6:31:3c:
29:80:8c:c5:ce:e1:50:c2:48:df:27:81:27:e3:84:
e1:b5:b4:8e:8c:96:0c:b7:97:af:19:a1:65:69:af:
e0:c7:35:2f:5b:79:ff:b4:ba:8c:b1:16:7a:2c:b0:
71:43:2b:30:5f:74:b8:91:86:9c:8f:3a:0b:ad:30:
e6:90:fc:28:c6:5f:6a:09:f8:5d:01:d7:90:c5:50:
a2:e8:bb:8f:5b:5a:77:de:0d:6c:28:39:e8:f6:0f:
bf:3d:26:c0:2e:71:aa:e0:02:b7:2e:1f:83:9b:e9:
27:9d:6d:ca:19:ab:53:d8:73:7f:48:41:43:a0:51:
cc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F8:39:AB:BF:A1:3D:2B:65:12:FD:4E:E6:7D:0E:64:EC:DF:47:AD
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/i_g5q7-hPStlEv1O5n0OZOzfR60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.128.0/23
185.156.150.0/24
Signature Algorithm: sha256WithRSAEncryption
35:91:6c:36:ad:31:d7:58:c7:39:8f:d8:e6:d2:37:d1:11:3f:
b7:4e:b5:dc:0f:b3:e3:47:81:f5:1e:af:bb:00:31:3f:4b:fb:
a7:07:1a:24:91:5b:39:89:0a:96:08:4b:1b:a5:bf:e0:68:9d:
a0:61:a5:7c:45:59:15:4e:56:44:2d:c7:29:62:78:4e:99:3d:
21:c6:5d:7e:c1:9d:72:da:25:2b:6c:a1:1d:ab:eb:a7:9f:b8:
ab:9a:30:65:29:e8:86:14:da:74:11:36:8e:90:29:e7:bd:c2:
a4:17:97:65:fa:78:18:19:44:24:3d:8f:b7:d8:bb:68:b5:b4:
91:99:58:98:81:ea:51:40:2d:28:08:62:f7:f4:7f:c2:8b:a7:
cd:d9:fc:f2:60:22:89:3b:60:79:69:57:c4:54:72:93:c4:4c:
29:3f:a7:6f:8e:d3:1b:54:6b:33:b4:c7:c2:ae:cc:7a:49:17:
e1:cc:02:95:af:13:da:bd:ef:90:3e:3b:bc:ff:73:3c:2d:5b:
3a:72:14:ab:03:38:92:7f:a1:0f:ef:6a:a2:3d:9b:ee:9a:eb:
b2:12:5d:67:5d:3b:d5:51:9e:a5:b5:85:3f:e3:58:fd:c1:1e:
ad:80:9d:81:c9:84:79:2d:87:0d:26:99:04:d1:60:84:0f:c2:
68:1a:7c:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYVkCsxT19zIvUlYFt+BsOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjUwNDA4MTMyMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY4MzlhYmJmYTEzZDJiNjUxMmZkNGVlNjdkMGU2NGVjZGY0N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxzYudbF1CjBNor6wrg8vuBGWorm
FWZKJiKbLz1EiKVbhtbuiJA33QdJnHuJ/nBEDWBFN1q+nFwoR16vYzUou6MqkgYn
0s+pC5dYnCvzp60DFz+vgg6KVbemDjwWPsoWTs+Kp0dvzbYbe6eg0hgomeTLyNP8
kE/PY364bWwshi35FMfWMTwpgIzFzuFQwkjfJ4En44ThtbSOjJYMt5evGaFlaa/g
xzUvW3n/tLqMsRZ6LLBxQyswX3S4kYacjzoLrTDmkPwoxl9qCfhdAdeQxVCi6LuP
W1p33g1sKDno9g+/PSbALnGq4AK3Lh+Dm+knnW3KGatT2HN/SEFDoFHMdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIv4Oau/oT0rZRL9TuZ9DmTs30etMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvaV9nNXE3LWhQU3RsRXYxTzVuME9aT3pmUjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUciAAwQA
uZyWMA0GCSqGSIb3DQEBCwUAA4IBAQA1kWw2rTHXWMc5j9jm0jfRET+3TrXcD7Pj
R4H1Hq+7ADE/S/unBxokkVs5iQqWCEsbpb/gaJ2gYaV8RVkVTlZELccpYnhOmT0h
xl1+wZ1y2iUrbKEdq+unn7irmjBlKeiGFNp0ETaOkCnnvcKkF5dl+ngYGUQkPY+3
2LtotbSRmViYgepRQC0oCGL39H/Ci6fN2fzyYCKJO2B5aVfEVHKTxEwpP6dvjtMb
VGsztMfCrsx6SRfhzAKVrxPave+QPju8/3M8LVs6chSrAziSf6EP72qiPZvumuuy
El1nXTvVUZ6ltYU/41j9wR6tgJ2ByYR5LYcNJpkE0WCED8JoGnwq
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:22:04 2025 by rpki-client