Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/GNcGFP48VRO_QOUxz3CvJSh90oA.roa
File: GNcGFP48VRO_QOUxz3CvJSh90oA.roa (raw, json)
Hash identifier: 9T1HgBLEzXKt2GaC2y8FBctN+punw/ln3V52HLktRUQ=
Subject key identifier: 18:D7:06:14:FE:3C:55:13:BF:40:E5:31:CF:70:AF:25:28:7D:D2:80
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 019422FB3A2C4AD3A1026080099AEEE8E0E7
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/GNcGFP48VRO_QOUxz3CvJSh90oA.roa
Signing time: Wed 01 Jan 2025 17:47:57 +0000
ROA not before: Wed 01 Jan 2025 17:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4134
IP address blocks: 81.173.16.0/24 maxlen: 24
81.173.17.0/24 maxlen: 24
81.173.18.0/24 maxlen: 24
81.173.19.0/24 maxlen: 24
81.173.20.0/24 maxlen: 24
81.173.21.0/24 maxlen: 24
81.173.22.0/24 maxlen: 24
81.173.23.0/24 maxlen: 24
81.173.24.0/24 maxlen: 24
81.173.28.0/24 maxlen: 24
2a04:f580:8010::/48 maxlen: 48
2a04:f580:8011::/48 maxlen: 48
2a04:f580:8030:100::/56 maxlen: 56
2a04:f580:8090::/48 maxlen: 48
2a04:f580:8210::/48 maxlen: 48
2a04:f580:8211::/48 maxlen: 48
2a04:f580:8290::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3a:2c:4a:d3:a1:02:60:80:09:9a:ee:e8:e0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 17:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18d70614fe3c5513bf40e531cf70af25287dd280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:0c:88:0f:5a:40:4a:52:25:7f:74:b6:c8:
46:5a:6f:90:8c:8a:30:44:76:80:e2:eb:b2:10:86:
db:c5:16:4c:5d:fc:6b:12:76:52:52:f3:ac:a9:be:
e2:3f:ee:31:fb:39:37:d5:31:aa:ab:e9:bf:59:0b:
7c:9c:b3:66:e2:b8:1d:d8:95:de:b3:6b:28:58:86:
52:aa:00:2a:1e:47:fd:27:aa:eb:08:c1:a0:6f:c8:
05:2e:11:38:76:55:66:f5:61:87:1c:a0:08:c8:b5:
c2:ec:ce:96:8b:88:61:7f:ba:da:ed:e3:0a:33:d3:
f0:56:9e:af:8c:85:5d:af:5e:b2:21:a0:69:b5:02:
4d:c1:d2:77:34:c6:54:3a:1a:7f:b3:0c:6a:e0:3c:
a9:9b:4b:52:b1:8f:0f:44:6b:7c:6a:20:d2:c8:9e:
a5:3b:8d:37:8f:60:0e:56:d5:3f:9b:a7:50:73:a3:
43:3e:36:a7:77:45:6d:53:b2:e9:b1:bd:18:18:e3:
ba:a3:1d:f2:25:f0:1e:dc:d7:c6:69:f8:8e:fa:64:
b7:dc:5e:57:36:62:a4:6f:9f:2b:65:91:81:06:1b:
73:7d:03:5f:54:21:89:e8:20:fe:5f:67:ef:7c:5a:
eb:48:14:09:d3:2b:c4:42:0c:b2:24:63:49:60:88:
bb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:06:14:FE:3C:55:13:BF:40:E5:31:CF:70:AF:25:28:7D:D2:80
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/GNcGFP48VRO_QOUxz3CvJSh90oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.16.0-81.173.24.255
81.173.28.0/24
IPv6:
2a04:f580:8010::/47
2a04:f580:8030:100::/56
2a04:f580:8090::/48
2a04:f580:8210::/47
2a04:f580:8290::/48
Signature Algorithm: sha256WithRSAEncryption
11:93:62:37:bb:0d:ed:51:d9:43:30:2b:c2:fc:20:5f:8f:b0:
8e:79:33:1d:ea:b1:2a:20:92:5a:d2:9f:d5:7b:26:67:a7:70:
c0:ad:3c:9d:01:26:99:cc:63:6e:99:75:03:cd:e1:b5:e5:05:
f1:94:61:6c:58:d2:10:6a:46:5c:b9:a1:cc:4a:11:b2:7a:46:
d6:b0:0b:ed:43:66:bf:83:b5:c7:66:35:0b:89:98:55:7c:1a:
1d:f9:b7:bf:ca:6d:ca:2f:43:5e:95:78:4b:fe:5b:ae:18:90:
0e:b8:f5:f5:9a:41:e7:a3:07:04:79:b8:f5:af:5a:e1:2c:12:
e7:cc:6e:57:2c:17:7e:18:ff:5b:63:42:b5:16:66:51:b6:73:
ea:8d:91:bb:e6:81:4a:64:2b:70:f0:61:a5:02:76:de:1b:01:
d3:2f:cb:f6:c2:c8:27:8e:94:40:39:92:93:76:18:f6:39:ac:
27:d2:39:02:63:0f:52:f2:1f:c9:ff:66:2f:be:bd:09:d4:76:
82:bd:f8:31:18:e7:89:da:e2:b8:37:83:2e:da:d1:82:a5:cd:
e7:bf:75:6c:95:c6:a9:04:f8:13:c0:17:ca:10:52:52:ac:75:
af:f3:68:2f:cc:59:bf:d0:7e:40:89:98:35:f9:c3:a3:ed:da:
ab:7e:be:e2
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQi+zosStOhAmCACZru6ODnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjUwMTAxMTc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ3MDYxNGZlM2M1NTEzYmY0MGU1MzFjZjcwYWYyNTI4N2RkMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUAMiA9aQEpSJX90tshGWm+QjIow
RHaA4uuyEIbbxRZMXfxrEnZSUvOsqb7iP+4x+zk31TGqq+m/WQt8nLNm4rgd2JXe
s2soWIZSqgAqHkf9J6rrCMGgb8gFLhE4dlVm9WGHHKAIyLXC7M6Wi4hhf7ra7eMK
M9PwVp6vjIVdr16yIaBptQJNwdJ3NMZUOhp/swxq4Dypm0tSsY8PRGt8aiDSyJ6l
O403j2AOVtU/m6dQc6NDPjand0VtU7Lpsb0YGOO6ox3yJfAe3NfGafiO+mS33F5X
NmKkb58rZZGBBhtzfQNfVCGJ6CD+X2fvfFrrSBQJ0yvEQgyyJGNJYIi7JwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFBjXBhT+PFUTv0DlMc9wryUofdKAMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvR05jR0ZQNDhWUk9fUU9VeHozQ3ZKU2g5MG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAaBAIAATAUMAwDBARRrRAD
BABRrRgDBABRrRwwNAQCAAIwLgMHASoE9YCAEAMIACoE9YCAMAEDBwAqBPWAgJAD
BwEqBPWAghADBwAqBPWAgpAwDQYJKoZIhvcNAQELBQADggEBABGTYje7De1R2UMw
K8L8IF+PsI55Mx3qsSogklrSn9V7JmencMCtPJ0BJpnMY26ZdQPN4bXlBfGUYWxY
0hBqRly5ocxKEbJ6RtawC+1DZr+DtcdmNQuJmFV8Gh35t7/KbcovQ16VeEv+W64Y
kA649fWaQeejBwR5uPWvWuEsEufMblcsF34Y/1tjQrUWZlG2c+qNkbvmgUpkK3Dw
YaUCdt4bAdMvy/bCyCeOlEA5kpN2GPY5rCfSOQJjD1LyH8n/Zi++vQnUdoK9+DEY
54na4rg3gy7a0YKlzee/dWyVxqkE+BPAF8oQUlKsda/zaC/MWb/QfkCJmDX5w6Pt
2qt+vuI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:01 2025 by rpki-client