Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/grbvAfQZBvvmBwD-n5UtQo9gae0.roa
File: grbvAfQZBvvmBwD-n5UtQo9gae0.roa (raw, json)
Hash identifier: 5RkDuYHpBBI7p9hzsHfKTqAcsRLmPW3AsnDHqW4xccw=
Subject key identifier: 82:B6:EF:01:F4:19:06:FB:E6:07:00:FE:9F:95:2D:42:8F:60:69:ED
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484788C1BC503A74AB38C9579BC9A8
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/grbvAfQZBvvmBwD-n5UtQo9gae0.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 85.203.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:47:88:c1:bc:50:3a:74:ab:38:c9:57:9b:c9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82b6ef01f41906fbe60700fe9f952d428f6069ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:18:4e:28:e9:36:ea:b0:89:e4:dc:a3:04:5f:
f9:80:dd:a1:2f:a7:87:6b:f2:e7:2d:8a:0e:7d:52:
65:ff:4b:db:51:fd:b5:06:40:18:3d:d5:50:4c:78:
95:f8:a5:b5:47:5b:0b:46:77:e7:76:73:5a:02:7c:
93:7c:c4:38:2e:ed:2c:f4:2b:2e:27:74:7f:76:49:
7f:aa:a2:3d:3f:cf:b5:cc:b2:35:f7:04:1b:95:f3:
c4:43:54:30:1e:28:63:75:11:ee:ac:53:dd:9a:7a:
f2:2b:02:4a:1a:f0:49:4d:d9:21:a3:f6:05:c0:4d:
c5:06:57:75:84:90:93:0b:2f:7d:87:e3:de:ce:c4:
6e:05:d0:15:e7:7a:fd:49:c3:02:5a:c4:91:68:b0:
03:6b:19:d0:cc:42:42:eb:39:3e:d0:94:fb:19:4d:
37:56:06:28:b9:8c:5e:ed:83:a2:0b:f2:e9:82:37:
38:21:03:de:a0:d5:ed:be:d8:cf:6f:cf:58:52:09:
a5:47:f5:ac:4c:7a:78:8a:57:6e:9b:b5:7b:75:ef:
65:40:92:15:f3:87:20:57:f5:2b:e2:90:5c:4b:7b:
2b:09:93:9d:f1:dc:79:54:b3:cc:96:d0:e4:09:99:
7a:4c:c8:23:c7:b9:ae:07:3d:2c:45:b7:43:90:f0:
86:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B6:EF:01:F4:19:06:FB:E6:07:00:FE:9F:95:2D:42:8F:60:69:ED
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/grbvAfQZBvvmBwD-n5UtQo9gae0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.7.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:00:f2:00:04:50:19:39:2b:63:0f:9c:a2:bb:b7:65:c8:60:
5c:01:d7:2c:b3:ed:1d:33:80:19:c9:6d:a3:37:ab:3c:47:09:
89:59:28:d5:03:c2:78:1e:b4:7e:aa:2b:f1:f5:94:a8:51:48:
bc:91:3a:f3:b5:43:37:fe:16:45:b2:43:0b:bc:95:a5:5d:01:
f3:ed:35:ac:e1:14:df:98:ec:7f:c5:57:0b:1d:34:e6:0d:9a:
9f:b6:57:36:8d:84:44:1b:0e:46:0b:b5:1e:c5:f1:b2:5c:36:
84:49:60:5a:e7:18:39:42:4c:d3:55:90:44:d5:bf:9c:17:ea:
2c:d7:64:6a:f7:4a:fa:08:86:8b:2e:12:0d:ff:8f:6b:d7:20:
1f:cb:14:f8:f6:ff:29:1b:9a:12:1d:4a:c8:c0:a5:53:b7:35:
5d:4d:96:0c:7d:c2:05:73:54:09:f8:83:0c:6f:f2:c9:1b:8d:
12:e5:af:40:aa:91:76:a8:4a:56:10:a2:1a:18:59:92:1c:78:
0f:44:0e:23:68:cc:57:f8:36:b2:ae:3f:08:cb:12:d5:38:d1:
70:bd:d0:cc:da:1f:62:37:35:dd:d4:08:e6:dc:07:5c:33:b0:
b7:f8:20:f1:1d:04:40:66:a8:d7:54:e6:2a:ff:d0:5c:94:39:
cd:db:a8:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSEeIwbxQOnSrOMlXm8moMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI2ZWYwMWY0MTkwNmZiZTYwNzAwZmU5Zjk1MmQ0MjhmNjA2OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhhOKOk26rCJ5NyjBF/5gN2hL6eH
a/LnLYoOfVJl/0vbUf21BkAYPdVQTHiV+KW1R1sLRnfndnNaAnyTfMQ4Lu0s9Csu
J3R/dkl/qqI9P8+1zLI19wQblfPEQ1QwHihjdRHurFPdmnryKwJKGvBJTdkho/YF
wE3FBld1hJCTCy99h+PezsRuBdAV53r9ScMCWsSRaLADaxnQzEJC6zk+0JT7GU03
VgYouYxe7YOiC/Lpgjc4IQPeoNXtvtjPb89YUgmlR/WsTHp4ildum7V7de9lQJIV
84cgV/Ur4pBcS3srCZOd8dx5VLPMltDkCZl6TMgjx7muBz0sRbdDkPCGVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK27wH0GQb75gcA/p+VLUKPYGntMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvZ3JidkFmUVpCdnZtQndELW41VXRRbzlnYWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsHMA0G
CSqGSIb3DQEBCwUAA4IBAQCqAPIABFAZOStjD5yiu7dlyGBcAdcss+0dM4AZyW2j
N6s8RwmJWSjVA8J4HrR+qivx9ZSoUUi8kTrztUM3/hZFskMLvJWlXQHz7TWs4RTf
mOx/xVcLHTTmDZqftlc2jYREGw5GC7UexfGyXDaESWBa5xg5QkzTVZBE1b+cF+os
12Rq90r6CIaLLhIN/49r1yAfyxT49v8pG5oSHUrIwKVTtzVdTZYMfcIFc1QJ+IMM
b/LJG40S5a9AqpF2qEpWEKIaGFmSHHgPRA4jaMxX+Dayrj8IyxLVONFwvdDM2h9i
NzXd1Ajm3AdcM7C3+CDxHQRAZqjXVOYq/9BclDnN26hE
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:15:36 2025 by rpki-client