Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gjg5BFL6iXgg-iOMiuCFwHCcjAI.roa
File: gjg5BFL6iXgg-iOMiuCFwHCcjAI.roa (raw, json)
Hash identifier: KJDwnqYbzxO2l+Ok7BEc2KAHVH8szQ4JQeziLKu1q9w=
Subject key identifier: 82:38:39:04:52:FA:89:78:20:FA:23:8C:8A:E0:85:C0:70:9C:8C:02
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01973B001FD8D00C3AE22E3C594959828A0B
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gjg5BFL6iXgg-iOMiuCFwHCcjAI.roa
Signing time: Wed 04 Jun 2025 12:52:33 +0000
ROA not before: Wed 04 Jun 2025 12:52:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60490
IP address blocks: 176.109.64.0/23 maxlen: 23
176.109.64.0/24 maxlen: 24
176.109.65.0/24 maxlen: 24
176.109.67.0/24 maxlen: 24
176.109.70.0/24 maxlen: 24
178.236.25.0/24 maxlen: 24
194.150.88.0/24 maxlen: 24
194.150.89.0/24 maxlen: 24
194.150.90.0/24 maxlen: 24
194.150.91.0/24 maxlen: 24
2a02:28:7::/48 maxlen: 48
2a02:2a:1000::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:00:1f:d8:d0:0c:3a:e2:2e:3c:59:49:59:82:8a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jun 4 12:52:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8238390452fa897820fa238c8ae085c0709c8c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c5:3b:4f:40:e7:20:a1:ee:25:18:cd:06:88:
8d:f8:67:b9:7a:9f:f9:67:e5:95:3e:88:e6:c9:20:
3a:73:be:7f:e4:b1:b1:9f:1b:8d:4d:e7:94:ab:f8:
59:92:c0:5a:f6:08:bb:4f:f3:c8:74:b2:2f:fa:ac:
8a:b1:7f:69:fe:12:06:a7:3e:3a:41:7d:88:05:4a:
9c:78:16:5d:4b:3c:f8:6f:87:bb:0e:2a:44:42:a5:
c9:40:c2:2e:0d:20:14:8b:8d:be:53:d9:69:3d:c0:
55:be:4a:68:b0:1e:5d:5c:cc:3e:6f:84:df:35:6a:
20:b1:a6:96:41:a5:c0:c2:7a:ce:21:78:ea:a7:68:
81:02:ae:89:db:05:13:03:c5:db:d6:25:d4:ee:c7:
ff:d8:3a:9f:0c:31:c8:3e:cc:70:b6:f6:f2:04:3a:
05:2d:d3:f2:16:cb:48:40:b8:0f:65:0d:dc:6a:cc:
23:54:25:e6:a2:63:81:48:37:be:99:c6:0a:5e:a2:
66:18:6d:e7:59:34:21:53:f4:2e:bd:24:3f:33:c3:
c3:31:b4:49:d0:d3:89:1f:57:f2:53:17:1d:96:b5:
db:d7:37:89:0c:2a:05:2b:bb:a6:20:02:9d:6e:1a:
41:b3:72:ec:dd:0b:89:7a:02:8d:0d:99:2e:c2:78:
b1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:38:39:04:52:FA:89:78:20:FA:23:8C:8A:E0:85:C0:70:9C:8C:02
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gjg5BFL6iXgg-iOMiuCFwHCcjAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.64.0/23
176.109.67.0/24
176.109.70.0/24
178.236.25.0/24
194.150.88.0/22
IPv6:
2a02:28:7::/48
2a02:2a:1000::/41
Signature Algorithm: sha256WithRSAEncryption
86:56:9f:96:23:39:3e:44:df:e6:04:c3:f3:9a:9b:c5:f4:e4:
bb:f5:a2:ae:03:7f:50:fc:cd:ec:73:50:51:01:7b:97:71:af:
ef:86:bc:19:61:79:db:b8:66:42:13:4d:ea:86:95:47:96:92:
b3:c4:c6:fc:22:d7:91:b1:1b:dd:55:c6:a9:7d:5b:9e:bd:bf:
2c:81:ae:f1:cc:33:5c:68:07:7b:cc:75:06:7a:2d:dc:30:a4:
1d:74:4f:f0:6d:21:0b:db:09:01:33:00:8c:94:00:e6:a7:40:
97:1f:58:1c:22:76:58:d0:8e:2b:e0:67:d9:7b:78:b8:30:57:
8a:63:93:1e:ab:f7:97:77:c5:01:8b:9b:f3:dd:09:72:89:09:
24:f5:5f:42:d1:be:c7:ee:23:7b:62:d5:2d:59:53:f9:30:49:
62:f1:c6:5d:89:0d:dc:e4:4f:2d:34:11:e2:d2:e2:e3:dd:59:
b1:94:99:4e:b6:14:89:52:60:c0:8d:a3:a9:7b:3d:cd:ab:a3:
66:e4:53:1f:3b:d8:d3:a6:ba:d9:d5:63:b7:ba:1a:24:2f:86:
3c:e6:88:1e:41:0d:9b:53:6d:ff:f3:1c:4b:d7:2b:51:18:16:
d7:f4:98:e1:d9:e0:d7:88:7b:6b:72:88:be:21:98:7d:37:b8:
c6:79:f3:b9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZc7AB/Y0Aw64i48WUlZgooLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwNjA0MTI1MjMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM4MzkwNDUyZmE4OTc4MjBmYTIzOGM4YWUwODVjMDcwOWM4YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMU7T0DnIKHuJRjNBoiN+Ge5ep/5
Z+WVPojmySA6c75/5LGxnxuNTeeUq/hZksBa9gi7T/PIdLIv+qyKsX9p/hIGpz46
QX2IBUqceBZdSzz4b4e7DipEQqXJQMIuDSAUi42+U9lpPcBVvkposB5dXMw+b4Tf
NWogsaaWQaXAwnrOIXjqp2iBAq6J2wUTA8Xb1iXU7sf/2DqfDDHIPsxwtvbyBDoF
LdPyFstIQLgPZQ3caswjVCXmomOBSDe+mcYKXqJmGG3nWTQhU/QuvSQ/M8PDMbRJ
0NOJH1fyUxcdlrXb1zeJDCoFK7umIAKdbhpBs3Ls3QuJegKNDZkuwnix3wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFII4OQRS+ol4IPojjIrghcBwnIwCMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvZ2pnNUJGTDZpWGdnLWlPTWl1Q0Z3SENjakFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQBsG1AAwQA
sG1DAwQAsG1GAwQAsuwZAwQCwpZYMBgEAgACMBIDBwAqAgAoAAcDBwcqAgAqEAAw
DQYJKoZIhvcNAQELBQADggEBAIZWn5YjOT5E3+YEw/Oam8X05Lv1oq4Df1D8zexz
UFEBe5dxr++GvBlhedu4ZkITTeqGlUeWkrPExvwi15GxG91Vxql9W569vyyBrvHM
M1xoB3vMdQZ6LdwwpB10T/BtIQvbCQEzAIyUAOanQJcfWBwidljQjivgZ9l7eLgw
V4pjkx6r95d3xQGLm/PdCXKJCST1X0LRvsfuI3ti1S1ZU/kwSWLxxl2JDdzkTy00
EeLS4uPdWbGUmU62FIlSYMCNo6l7Pc2ro2bkUx872NOmutnVY7e6GiQvhjzmiB5B
DZtTbf/zHEvXK1EYFtf0mOHZ4NeIe2tyiL4hmH03uMZ587k=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:23:33 2025 by rpki-client