Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/bge-I_W1NXO4wXcUD8wO2q8GORE.roa
File: bge-I_W1NXO4wXcUD8wO2q8GORE.roa (raw, json)
Hash identifier: QczRVPNbfyo75luxG1p381iR6nIvpAPPLqlT8W5S9ag=
Subject key identifier: 6E:07:BE:23:F5:B5:35:73:B8:C1:77:14:0F:CC:0E:DA:AF:06:39:11
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 019423D7715139B00F2501948BF1E66E4318
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/bge-I_W1NXO4wXcUD8wO2q8GORE.roa
Signing time: Wed 01 Jan 2025 21:48:29 +0000
ROA not before: Wed 01 Jan 2025 21:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203088
IP address blocks: 46.172.80.0/24 maxlen: 24
46.172.86.0/24 maxlen: 24
46.172.87.0/24 maxlen: 24
46.172.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:71:51:39:b0:0f:25:01:94:8b:f1:e6:6e:43:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 1 21:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e07be23f5b53573b8c177140fcc0edaaf063911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cf:0e:5c:94:47:20:e8:59:89:91:53:33:c0:
4d:e4:b2:95:ea:a1:34:e8:87:4c:0c:9d:db:70:e2:
7c:b7:ef:2b:bb:ae:57:87:51:39:d1:99:91:44:01:
dd:32:a7:44:36:f9:44:cf:0d:40:78:bb:e4:49:f3:
c1:7b:da:e4:43:69:6c:8c:8f:18:44:39:f2:3b:c4:
4d:48:e4:b3:d9:1b:04:d1:3f:78:cb:b3:90:bd:00:
e1:73:d7:b1:f0:6f:6b:90:7e:f2:88:01:d0:2b:2a:
17:06:66:64:c7:8a:39:8a:0a:d2:d4:26:6a:38:93:
e8:70:83:cc:d6:89:be:96:ca:fc:78:c6:9c:2b:1c:
be:bb:6c:de:22:fc:2d:5d:6b:58:ed:49:64:61:30:
52:b1:85:25:71:f3:ce:07:18:bf:4e:42:3e:b9:26:
1b:19:84:0e:f3:ae:f1:6f:90:e4:37:46:58:89:7c:
ed:e0:9a:bc:69:bf:e0:c1:1f:68:2d:a8:25:ce:dd:
c0:b5:44:3e:1a:75:82:b2:a0:d5:a0:14:1b:a7:ac:
3e:85:97:9b:db:75:74:cc:41:31:c0:cc:98:a7:fd:
2d:da:e6:0a:83:c9:f6:66:47:3e:c2:8e:43:7b:64:
d6:b3:9c:d5:cf:21:c1:e6:f7:e9:1b:fe:d2:59:6b:
71:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:BE:23:F5:B5:35:73:B8:C1:77:14:0F:CC:0E:DA:AF:06:39:11
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/bge-I_W1NXO4wXcUD8wO2q8GORE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.80.0/24
46.172.86.0/23
46.172.94.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c5:66:b9:76:d0:87:a1:98:73:3e:57:c2:e1:d7:a0:c3:d4:
a5:ec:ec:b4:e5:66:66:9d:ed:78:b8:37:81:68:6b:61:68:89:
17:6c:33:b2:dc:27:66:76:1c:2d:03:38:5a:a0:84:b2:c8:6d:
7c:e4:b8:7a:b7:ce:02:5e:29:b2:52:b8:f5:43:ac:b1:ca:3d:
a9:0d:8d:90:98:e8:8d:c1:75:3d:05:bb:f0:7b:80:b7:65:88:
a4:b3:53:88:7a:71:66:53:ee:ee:b5:34:42:a1:37:bd:71:bc:
0f:30:08:43:a5:a8:44:45:e0:5d:9a:f9:50:eb:33:9a:7c:33:
75:a3:9d:0e:be:bd:cc:6e:4c:ae:d8:ee:b9:00:00:7e:f2:f8:
68:26:6d:c2:84:2a:b6:ee:19:3a:a9:0e:46:4e:81:06:ca:06:
02:42:6a:76:12:3b:a5:66:e2:9c:95:f9:57:ac:f8:66:3e:00:
90:fb:a1:0d:b1:9d:59:07:9e:00:e3:8b:e4:67:f6:9b:8f:93:
65:74:80:b7:b0:68:fd:25:6f:b8:af:61:00:ea:93:9c:49:5f:
ec:b6:b2:78:21:5d:f7:d1:01:47:6e:d5:9b:49:80:6a:8e:d1:
05:d9:47:fb:5a:11:85:85:55:d7:64:62:53:26:62:7c:3b:62:
15:83:2d:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj13FRObAPJQGUi/HmbkMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjUwMTAxMjE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA3YmUyM2Y1YjUzNTczYjhjMTc3MTQwZmNjMGVkYWFmMDYzOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs8OXJRHIOhZiZFTM8BN5LKV6qE0
6IdMDJ3bcOJ8t+8ru65Xh1E50ZmRRAHdMqdENvlEzw1AeLvkSfPBe9rkQ2lsjI8Y
RDnyO8RNSOSz2RsE0T94y7OQvQDhc9ex8G9rkH7yiAHQKyoXBmZkx4o5igrS1CZq
OJPocIPM1om+lsr8eMacKxy+u2zeIvwtXWtY7UlkYTBSsYUlcfPOBxi/TkI+uSYb
GYQO867xb5DkN0ZYiXzt4Jq8ab/gwR9oLaglzt3AtUQ+GnWCsqDVoBQbp6w+hZeb
23V0zEExwMyYp/0t2uYKg8n2Zkc+wo5De2TWs5zVzyHB5vfpG/7SWWtxcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG4HviP1tTVzuMF3FA/MDtqvBjkRMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvYmdlLUlfVzFOWE80d1hjVUQ4d08ycThHT1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALqxQAwQB
LqxWAwQALqxeMA0GCSqGSIb3DQEBCwUAA4IBAQBNxWa5dtCHoZhzPlfC4degw9Sl
7Oy05WZmne14uDeBaGthaIkXbDOy3CdmdhwtAzhaoISyyG185Lh6t84CXimyUrj1
Q6yxyj2pDY2QmOiNwXU9Bbvwe4C3ZYiks1OIenFmU+7utTRCoTe9cbwPMAhDpahE
ReBdmvlQ6zOafDN1o50Ovr3Mbkyu2O65AAB+8vhoJm3ChCq27hk6qQ5GToEGygYC
Qmp2EjulZuKclflXrPhmPgCQ+6ENsZ1ZB54A44vkZ/abj5NldIC3sGj9JW+4r2EA
6pOcSV/strJ4IV330QFHbtWbSYBqjtEF2Uf7WhGFhVXXZGJTJmJ8O2IVgy2m
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:41:37 2025 by rpki-client