Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GKCHcnuOeAwv2OrVrhhlx1glPKg.roa
File: GKCHcnuOeAwv2OrVrhhlx1glPKg.roa (raw, json)
Hash identifier: lsZazQ3pOXhSWOPU2R2jWTWFqUlOxcs/A3f1wvZkH2U=
Subject key identifier: 18:A0:87:72:7B:8E:78:0C:2F:D8:EA:D5:AE:18:65:C7:58:25:3C:A8
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 0194214431FECE4CE99849E18A752080D5AD
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GKCHcnuOeAwv2OrVrhhlx1glPKg.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6279
IP address blocks: 37.17.184.0/21 maxlen: 24
37.17.184.0/24 maxlen: 24
37.17.185.0/24 maxlen: 24
37.17.186.0/24 maxlen: 24
37.17.188.0/24 maxlen: 24
37.17.189.0/24 maxlen: 24
37.17.190.0/24 maxlen: 24
37.17.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:31:fe:ce:4c:e9:98:49:e1:8a:75:20:80:d5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18a087727b8e780c2fd8ead5ae1865c758253ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d7:83:14:e5:61:7c:36:d2:3e:9c:cd:c2:07:
cd:1b:79:11:81:6b:95:99:e5:10:7f:d3:a4:1e:09:
8d:f2:44:2b:97:4d:21:75:6d:19:9c:35:b5:60:f7:
c9:b3:ad:d9:15:0c:bb:be:92:ed:e7:eb:68:75:7d:
da:23:f2:a4:df:e7:cb:52:ac:2a:03:b6:a6:0c:6b:
07:d5:c1:84:24:84:c6:a6:36:ea:fd:04:a9:9d:6b:
36:75:0a:8d:fb:4e:a5:1a:26:cf:2e:b4:a4:b6:63:
f6:a8:be:19:67:3c:20:d6:70:d4:5b:b6:95:6f:78:
ce:0c:9f:96:8b:b2:85:16:19:6d:8c:2c:76:7d:b5:
a2:3c:ba:6d:ad:36:ab:6f:f5:48:c6:d3:99:ad:65:
76:fc:1b:dc:6b:9e:2a:11:4e:fd:2b:91:41:32:1f:
57:f2:cf:ca:45:0c:68:85:48:0c:3c:74:00:c7:ff:
75:77:f0:bb:b9:10:67:ac:f5:23:91:eb:74:47:ac:
97:3a:f8:ee:53:35:b5:4f:aa:75:47:d4:48:fb:b6:
3d:13:c6:f4:7d:b1:3b:bc:91:12:1f:e2:e8:a0:82:
ba:2b:70:69:22:47:5d:53:e5:f1:c3:89:0f:5d:75:
e4:56:e3:fc:f8:e1:d1:1f:18:bb:c8:11:af:55:24:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A0:87:72:7B:8E:78:0C:2F:D8:EA:D5:AE:18:65:C7:58:25:3C:A8
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GKCHcnuOeAwv2OrVrhhlx1glPKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.184.0/21
Signature Algorithm: sha256WithRSAEncryption
80:11:79:66:00:c0:12:4f:46:d6:e5:d2:2a:29:54:57:2a:56:
b5:bd:9f:53:6b:19:91:0e:c7:7b:bd:fd:d6:63:f2:ca:67:72:
b5:e7:e6:c2:b4:db:a5:47:e0:23:e8:c7:3d:d1:3b:34:77:b3:
8c:7b:a3:83:94:d3:d3:bb:7e:3b:ef:03:21:c7:87:3a:e7:74:
c6:86:52:4e:dd:31:a8:ee:f0:96:06:62:66:62:be:9b:c4:0c:
10:f8:7c:c5:50:2e:65:15:be:9d:86:87:f5:7d:eb:aa:68:67:
dd:45:1a:ed:35:92:89:bc:8d:52:97:38:ab:c3:96:c4:99:fe:
46:01:41:92:4d:1d:95:3f:fc:6a:11:8a:85:b0:26:31:49:37:
21:be:87:e9:8b:d9:8f:3e:4d:04:91:f0:84:6e:30:d2:b1:c4:
69:44:6f:b0:e3:e3:f0:6b:22:bf:8b:66:14:9d:c9:0a:26:ce:
92:d0:91:de:2d:2c:07:61:76:d0:51:ab:f8:20:c2:4d:b8:66:
cf:1a:04:4e:c0:8c:2a:36:0d:5f:8f:86:08:a5:42:2c:0e:e2:
de:5d:40:75:7e:f0:76:49:d3:72:b5:7e:1c:2e:41:15:c8:f3:
2d:7d:c2:c6:dd:e4:d1:d8:b2:ae:c9:d8:33:2f:56:4c:8a:50:
fe:c8:fa:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDH+zkzpmEnhinUggNWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDZmMDI2YjFmZTYzNmM5YTVkYTAxMWRjN2ZkNjljNTgx
ZDAyYjgwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGEwODc3MjdiOGU3ODBjMmZkOGVhZDVhZTE4NjVjNzU4MjUzY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4teDFOVhfDbSPpzNwgfNG3kRgWuV
meUQf9OkHgmN8kQrl00hdW0ZnDW1YPfJs63ZFQy7vpLt5+todX3aI/Kk3+fLUqwq
A7amDGsH1cGEJITGpjbq/QSpnWs2dQqN+06lGibPLrSktmP2qL4ZZzwg1nDUW7aV
b3jODJ+Wi7KFFhltjCx2fbWiPLptrTarb/VIxtOZrWV2/Bvca54qEU79K5FBMh9X
8s/KRQxohUgMPHQAx/91d/C7uRBnrPUjket0R6yXOvjuUzW1T6p1R9RI+7Y9E8b0
fbE7vJESH+LooIK6K3BpIkddU+Xxw4kPXXXkVuP8+OHRHxi7yBGvVSRS7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBigh3J7jngML9jq1a4YZcdYJTyoMB8GA1UdIwQY
MBaAFCkG8Cax/mNsml2gEdx/1pxYHQK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUt
ODBhOTFiZTgzZTRiLzEvR0tDSGNudU9lQXd2Mk9yVnJoaGx4MWdsUEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUtODBhOTFiZTgzZTRi
LzEvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJRG4MA0G
CSqGSIb3DQEBCwUAA4IBAQCAEXlmAMAST0bW5dIqKVRXKla1vZ9TaxmRDsd7vf3W
Y/LKZ3K15+bCtNulR+Aj6Mc90Ts0d7OMe6ODlNPTu3477wMhx4c653TGhlJO3TGo
7vCWBmJmYr6bxAwQ+HzFUC5lFb6dhof1feuqaGfdRRrtNZKJvI1Slzirw5bEmf5G
AUGSTR2VP/xqEYqFsCYxSTchvofpi9mPPk0EkfCEbjDSscRpRG+w4+PwayK/i2YU
nckKJs6S0JHeLSwHYXbQUav4IMJNuGbPGgROwIwqNg1fj4YIpUIsDuLeXUB1fvB2
SdNytX4cLkEVyPMtfcLG3eTR2LKuydgzL1ZMilD+yPrk
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:56:06 2025 by rpki-client