Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/G_noKzntiWHLaHSdta1FputJESM.roa
File: G_noKzntiWHLaHSdta1FputJESM.roa (raw, json)
Hash identifier: 76HBYH18Q5+wfRzE5ydGp21BC62rcsuS2tSvCzBrWp8=
Subject key identifier: 1B:F9:E8:2B:39:ED:89:61:CB:68:74:9D:B5:AD:45:A6:EB:49:11:23
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0194258EB40F2B38EFD32386E2F6626FA431
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/G_noKzntiWHLaHSdta1FputJESM.roa
Signing time: Thu 02 Jan 2025 05:48:16 +0000
ROA not before: Thu 02 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207710
IP address blocks: 158.46.188.0/22 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.0.0/20 maxlen: 20
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.48.0/23 maxlen: 23
178.171.50.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
178.171.104.0/24 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:b4:0f:2b:38:ef:d3:23:86:e2:f6:62:6f:a4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bf9e82b39ed8961cb68749db5ad45a6eb491123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ee:de:e3:f9:78:d6:b1:13:19:01:e4:c0:11:
33:9c:27:05:6e:e2:cb:a8:5b:2c:38:36:2c:f0:07:
92:55:33:2d:6d:2c:42:80:36:ee:b2:66:54:33:31:
63:66:78:9d:98:de:02:e3:53:67:57:d3:fd:32:90:
9b:8a:13:27:29:75:81:00:07:5e:36:5d:eb:ef:f6:
80:c0:a0:5d:f2:e0:6f:0f:0f:0c:f4:b0:7f:eb:51:
03:52:2b:4e:23:23:be:e7:00:6d:5b:3e:67:4d:bd:
b4:f4:88:4a:36:17:0c:d7:c9:47:33:4c:d7:01:14:
fc:8a:65:63:cb:9b:13:5f:ae:ff:ee:58:61:f4:80:
05:4d:63:e9:68:62:84:c2:74:bd:95:19:b2:67:a7:
69:13:2b:35:22:c6:5e:2c:fa:91:97:49:19:fd:2a:
96:d5:de:d2:ea:7e:80:21:9d:5d:6d:ca:5b:96:43:
ca:8a:ef:40:ab:57:53:a3:8d:3a:15:18:00:9c:83:
ff:37:d0:fa:b8:fc:d4:86:23:f7:f2:7b:05:c0:65:
ae:1c:5e:3d:95:8e:42:13:3b:2e:3d:cd:18:88:da:
5b:1c:ec:8e:3e:28:e0:5a:84:70:87:14:6a:43:ae:
9c:4a:e4:55:4c:7b:01:f6:a8:2b:c7:8d:4d:24:56:
90:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F9:E8:2B:39:ED:89:61:CB:68:74:9D:B5:AD:45:A6:EB:49:11:23
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/G_noKzntiWHLaHSdta1FputJESM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/22
158.46.196.0/22
178.171.0.0/20
178.171.20.0/22
178.171.32.0/22
178.171.48.0/22
178.171.60.0/22
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:51:11:92:c7:a3:d9:f9:f2:ce:32:01:ec:e9:8b:57:7d:a9:
68:74:31:62:8a:a2:78:23:ec:36:df:b6:48:bb:a6:e9:a0:e9:
3e:36:92:ed:6e:48:dc:59:12:ce:ca:be:f9:9b:db:4c:60:d5:
c6:d9:c3:24:dd:c2:94:21:47:85:6d:3e:7b:fe:ba:b0:ed:a5:
88:e2:01:76:c6:a1:c3:32:11:df:38:19:be:f7:8e:c7:2e:35:
20:b5:41:04:d1:99:67:4b:e7:29:21:c8:97:17:b0:13:e5:9c:
76:56:29:f5:b0:59:02:51:fe:94:ad:db:6c:2d:b1:70:ba:19:
04:52:cd:18:f6:68:1a:24:3b:e6:2c:dd:0a:1a:51:f7:3a:d4:
14:d3:05:80:b3:13:e3:a9:c9:1b:06:5b:fa:ac:dc:4f:2f:07:
c3:bd:62:98:f7:07:f0:51:25:27:63:97:ef:0c:69:7e:83:c7:
d9:21:5b:8c:0a:19:3c:db:bf:f2:fc:b5:b5:79:0f:65:a2:3d:
c5:48:48:ee:b3:16:18:7b:09:f4:c6:23:3e:0c:5a:bd:0e:b4:
43:d4:1b:3f:e1:75:0d:ee:e8:e3:a4:dc:ba:35:4d:fb:d0:fb:
23:f7:0c:28:8f:5a:27:1d:28:6d:ba:2c:86:12:7f:4a:9b:7c:
41:a2:68:db
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljrQPKzjv0yOG4vZib6QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjUwMTAyMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY5ZTgyYjM5ZWQ4OTYxY2I2ODc0OWRiNWFkNDVhNmViNDkxMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7O7e4/l41rETGQHkwBEznCcFbuLL
qFssODYs8AeSVTMtbSxCgDbusmZUMzFjZnidmN4C41NnV9P9MpCbihMnKXWBAAde
Nl3r7/aAwKBd8uBvDw8M9LB/61EDUitOIyO+5wBtWz5nTb209IhKNhcM18lHM0zX
ART8imVjy5sTX67/7lhh9IAFTWPpaGKEwnS9lRmyZ6dpEys1IsZeLPqRl0kZ/SqW
1d7S6n6AIZ1dbcpblkPKiu9Aq1dTo406FRgAnIP/N9D6uPzUhiP38nsFwGWuHF49
lY5CEzsuPc0YiNpbHOyOPijgWoRwhxRqQ66cSuRVTHsB9qgrx41NJFaQqQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBv56Cs57Ylhy2h0nbWtRabrSREjMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvR19ub0t6bnRpV0hMYUhTZHRhMUZwdXRKRVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCni68AwQC
ni7EAwQEsqsAAwQCsqsUAwQCsqsgAwQCsqswAwQCsqs8AwQAsqtoAwQAsqt3MA0G
CSqGSIb3DQEBCwUAA4IBAQALURGSx6PZ+fLOMgHs6YtXfalodDFiiqJ4I+w237ZI
u6bpoOk+NpLtbkjcWRLOyr75m9tMYNXG2cMk3cKUIUeFbT57/rqw7aWI4gF2xqHD
MhHfOBm+947HLjUgtUEE0ZlnS+cpIciXF7AT5Zx2Vin1sFkCUf6UrdtsLbFwuhkE
Us0Y9mgaJDvmLN0KGlH3OtQU0wWAsxPjqckbBlv6rNxPLwfDvWKY9wfwUSUnY5fv
DGl+g8fZIVuMChk827/y/LW1eQ9loj3FSEjusxYYewn0xiM+DFq9DrRD1Bs/4XUN
7ujjpNy6NU370Psj9wwoj1onHShtuiyGEn9Km3xBomjb
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:45:26 2025 by rpki-client