Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/GdhJf3HoY_u0PeGVqS4KptbEqf4.roa
File: GdhJf3HoY_u0PeGVqS4KptbEqf4.roa (raw, json)
Hash identifier: xtcOOYTemNKZRvBhp2Ch+jc7TYfVbK+JDVCRBNQIEfY=
Subject key identifier: 19:D8:49:7F:71:E8:63:FB:B4:3D:E1:95:A9:2E:0A:A6:D6:C4:A9:FE
Certificate issuer: /CN=9a754c71d62cb23948d9119eda772fde38e67b67
Certificate serial: 019424B39EA772AE68D856AE311E5B11B9D1
Authority key identifier: 9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/GdhJf3HoY_u0PeGVqS4KptbEqf4.roa
Signing time: Thu 02 Jan 2025 01:48:58 +0000
ROA not before: Thu 02 Jan 2025 01:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199286
IP address blocks: 185.12.136.0/22 maxlen: 22
185.12.136.0/24 maxlen: 24
185.12.137.0/24 maxlen: 24
185.12.138.0/24 maxlen: 24
185.12.139.0/24 maxlen: 24
185.122.68.0/22 maxlen: 22
185.122.68.0/24 maxlen: 24
185.122.69.0/24 maxlen: 24
185.122.70.0/24 maxlen: 24
185.122.71.0/24 maxlen: 24
194.110.74.0/24 maxlen: 24
194.110.117.0/24 maxlen: 24
194.110.132.0/24 maxlen: 24
194.110.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9e:a7:72:ae:68:d8:56:ae:31:1e:5b:11:b9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a754c71d62cb23948d9119eda772fde38e67b67
Validity
Not Before: Jan 2 01:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19d8497f71e863fbb43de195a92e0aa6d6c4a9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e8:dd:cc:ee:c1:c0:72:88:13:6c:7e:6a:7b:
25:19:89:1e:35:a0:f2:75:05:74:49:88:5d:21:d3:
a1:68:15:ff:4d:eb:92:0a:d2:90:70:2a:1c:f2:6e:
a5:4d:8e:37:19:f4:dd:01:f6:4e:34:2b:76:68:66:
dc:ca:22:6d:d8:84:c7:5b:92:9e:ed:d0:ea:a7:c7:
a4:f8:57:26:56:5c:2e:0e:f2:e1:a6:c7:62:18:e4:
5d:16:51:77:70:6a:bd:bb:22:13:2d:ba:75:40:43:
74:1a:13:98:9a:3b:c2:18:43:ec:a3:3c:f1:55:6e:
90:36:f6:60:91:f0:e2:be:f2:a0:06:e3:b6:18:9c:
f0:d7:31:3f:cb:d8:3d:ab:d9:ff:04:12:39:1d:2d:
0a:78:d8:82:94:ef:57:e9:31:e5:36:de:59:32:9c:
28:19:96:6c:1c:ba:cc:e2:62:95:85:49:16:34:31:
0b:ed:b5:0b:7e:ef:7e:22:f7:9f:51:bc:39:7b:74:
37:ff:78:df:b4:66:6c:ed:ba:f9:d3:95:b1:aa:f3:
7b:af:0d:23:7d:ea:b7:8c:71:36:93:08:82:a9:fc:
a5:34:3a:c5:73:90:85:ec:18:91:2a:83:9d:c0:aa:
e7:ec:f7:7d:dd:87:64:d2:07:5f:5f:b4:a7:dc:45:
6a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D8:49:7F:71:E8:63:FB:B4:3D:E1:95:A9:2E:0A:A6:D6:C4:A9:FE
X509v3 Authority Key Identifier:
keyid:9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/GdhJf3HoY_u0PeGVqS4KptbEqf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.136.0/22
185.122.68.0/22
194.110.74.0/24
194.110.117.0/24
194.110.132.0/24
194.110.137.0/24
Signature Algorithm: sha256WithRSAEncryption
29:83:59:10:55:ea:68:76:d0:d5:d5:c9:5e:f3:c5:bd:a1:37:
38:f7:c1:87:5f:24:6b:66:5e:66:bf:8f:0c:45:df:fe:26:92:
e5:17:33:b0:76:da:f8:d8:20:0a:a1:ad:92:a1:83:a1:34:25:
c1:af:f7:20:66:ef:cd:f4:bc:47:cc:aa:7f:a2:2c:ce:1e:13:
90:cb:4b:ad:c6:86:3d:65:44:45:76:38:36:86:45:7f:d8:31:
b6:dd:39:e4:e5:e1:fe:00:60:71:31:0b:2b:a3:89:a5:cf:47:
f8:08:25:e6:9f:c1:a1:07:5c:be:ab:22:b7:56:de:16:cf:1c:
63:e2:6a:bd:21:d7:95:9d:36:ef:31:8c:75:89:dc:57:aa:8f:
8b:8f:a7:5c:95:29:21:b5:26:78:f7:28:14:1c:2d:31:79:26:
90:07:3a:7b:63:65:a8:3d:5f:27:85:b0:a6:6a:77:fb:09:a8:
c0:59:4e:e4:fa:ce:94:d1:e3:3b:d4:44:36:b0:9c:e9:27:41:
f7:e7:8e:d3:77:59:e1:70:3c:1f:31:04:ec:cf:6b:ac:8e:2a:
8e:3f:0d:c2:81:ee:f1:c0:f8:e1:32:62:5f:5e:4c:f9:4c:59:
80:7f:33:d3:45:b1:66:63:ec:48:20:0a:be:f2:95:a2:2c:87:
23:5d:ee:6b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQks56ncq5o2FauMR5bEbnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzU0YzcxZDYyY2IyMzk0OGQ5MTE5ZWRhNzcyZmRlMzhl
NjdiNjcwHhcNMjUwMTAyMDE0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ4NDk3ZjcxZTg2M2ZiYjQzZGUxOTVhOTJlMGFhNmQ2YzRhOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OjdzO7BwHKIE2x+anslGYkeNaDy
dQV0SYhdIdOhaBX/TeuSCtKQcCoc8m6lTY43GfTdAfZONCt2aGbcyiJt2ITHW5Ke
7dDqp8ek+FcmVlwuDvLhpsdiGORdFlF3cGq9uyITLbp1QEN0GhOYmjvCGEPsozzx
VW6QNvZgkfDivvKgBuO2GJzw1zE/y9g9q9n/BBI5HS0KeNiClO9X6THlNt5ZMpwo
GZZsHLrM4mKVhUkWNDEL7bULfu9+IvefUbw5e3Q3/3jftGZs7br505WxqvN7rw0j
feq3jHE2kwiCqfylNDrFc5CF7BiRKoOdwKrn7Pd93Ydk0gdfX7Sn3EVqGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBnYSX9x6GP7tD3hlakuCqbWxKn+MB8GA1UdIwQY
MBaAFJp1THHWLLI5SNkRntp3L9445ntnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2It
ZDI1YTlkZjE1OTI1LzEvR2RoSmYzSG9ZX3UwUGVHVnFTNEtwdGJFcWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2ItZDI1YTlkZjE1OTI1
LzEvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuQyIAwQC
uXpEAwQAwm5KAwQAwm51AwQAwm6EAwQAwm6JMA0GCSqGSIb3DQEBCwUAA4IBAQAp
g1kQVepodtDV1cle88W9oTc498GHXyRrZl5mv48MRd/+JpLlFzOwdtr42CAKoa2S
oYOhNCXBr/cgZu/N9LxHzKp/oizOHhOQy0utxoY9ZURFdjg2hkV/2DG23Tnk5eH+
AGBxMQsro4mlz0f4CCXmn8GhB1y+qyK3Vt4Wzxxj4mq9IdeVnTbvMYx1idxXqo+L
j6dclSkhtSZ49ygUHC0xeSaQBzp7Y2WoPV8nhbCmanf7CajAWU7k+s6U0eM71EQ2
sJzpJ0H3547Td1nhcDwfMQTsz2usjiqOPw3Cge7xwPjhMmJfXkz5TFmAfzPTRbFm
Y+xIIAq+8pWiLIcjXe5r
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:05 2025 by rpki-client