Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/Gg5xBTPmG5wIfgvjDfofedqUN2I.roa
File: Gg5xBTPmG5wIfgvjDfofedqUN2I.roa (raw, json)
Hash identifier: 44BexOUoVzM2f1vahHLSGVHdqnL6HKMPG3ed5PmM4sw=
Subject key identifier: 1A:0E:71:05:33:E6:1B:9C:08:7E:0B:E3:0D:FA:1F:79:DA:94:37:62
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 0194266BDDD268B9882A2673C80812F24B0B
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/Gg5xBTPmG5wIfgvjDfofedqUN2I.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202265
IP address blocks: 94.199.1.0/24 maxlen: 24
2a04:5b80::/48 maxlen: 48
2a04:5b80:53::/48 maxlen: 48
2a04:5b80:200::/48 maxlen: 48
2a04:5b80:202::/48 maxlen: 48
2a04:5b81:1000::/40 maxlen: 40
2a04:5b81:1fff::/48 maxlen: 48
2a04:5b81:2010::/44 maxlen: 44
2a04:5b81:2060::/44 maxlen: 44
2a04:5b82::/44 maxlen: 44
2a04:5b82:8::/48 maxlen: 48
2a04:5b84:1::/48 maxlen: 48
2a04:5b86:1::/48 maxlen: 48
2a04:5b87:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:dd:d2:68:b9:88:2a:26:73:c8:08:12:f2:4b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a0e710533e61b9c087e0be30dfa1f79da943762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9c:26:99:6d:a3:1e:f6:0f:96:ac:2b:3c:6d:
2b:cc:ca:ec:69:7e:5e:09:c5:39:29:6f:17:ff:70:
be:c7:1f:34:ed:75:87:3d:ca:3a:db:2a:98:2e:af:
4a:e6:b5:0c:cd:00:b6:94:87:b7:0c:21:09:1d:92:
da:de:87:9a:73:f1:30:5c:d2:dc:f6:83:53:01:bc:
a6:be:58:cd:47:f3:ed:48:49:07:93:43:6d:3d:5c:
be:25:91:06:e3:1f:14:39:39:36:fc:f2:e7:04:98:
79:a3:db:dc:07:a0:f3:27:1d:fa:f8:d7:cc:dc:28:
41:4d:e8:8b:6f:c8:21:40:61:70:5b:3d:43:8b:f0:
8d:cb:7d:17:d1:34:38:95:66:06:07:56:5f:f8:0b:
1a:c8:c2:5d:5a:4b:d7:1b:d7:56:b5:17:4e:b9:04:
30:e9:47:de:c1:07:7e:c8:3e:a4:f1:bf:cc:6f:4f:
82:16:a0:4c:de:14:80:7b:a1:56:84:02:77:9f:53:
f3:a1:0b:72:13:e4:77:fb:cc:9e:5e:7c:f2:59:41:
37:bf:10:08:2b:b6:26:bb:f0:65:a2:04:3f:cb:ae:
98:b4:80:1e:e8:1e:81:ad:9d:15:da:d5:43:2e:20:
f9:fe:72:1c:2a:63:a3:b5:21:cc:77:19:7b:e2:80:
67:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0E:71:05:33:E6:1B:9C:08:7E:0B:E3:0D:FA:1F:79:DA:94:37:62
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/Gg5xBTPmG5wIfgvjDfofedqUN2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.1.0/24
IPv6:
2a04:5b80::/48
2a04:5b80:53::/48
2a04:5b80:200::/48
2a04:5b80:202::/48
2a04:5b81:1000::/40
2a04:5b81:1fff::/48
2a04:5b81:2010::/44
2a04:5b81:2060::/44
2a04:5b82::/44
2a04:5b84:1::/48
2a04:5b86:1::/48
2a04:5b87:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:2f:40:2e:4e:12:d6:c3:ed:a0:1c:b2:57:11:fa:d6:22:6b:
1f:1d:9f:c4:0f:86:6f:24:1d:65:df:35:44:e2:88:56:56:06:
3f:12:ea:46:e1:d0:fc:bd:91:4a:36:6b:a1:99:a0:5c:0c:47:
6d:1f:d4:48:ef:12:f0:29:24:38:7b:42:51:5e:c6:4d:45:92:
a0:57:40:a3:65:4a:7c:9a:34:97:62:f9:1d:29:95:f6:43:d6:
97:31:4a:7c:fa:97:89:2c:d7:a4:b1:bc:d7:65:5c:4b:b7:d0:
59:c8:85:ff:9e:5b:05:6d:47:47:57:79:f6:27:6c:f9:49:95:
61:ba:c3:ba:32:f6:24:1e:76:3e:b9:5c:b7:fb:6a:7f:f9:a3:
59:88:3f:4c:06:5e:b3:a7:41:84:27:e1:e7:a1:17:3d:43:f1:
9f:f1:a2:d4:f2:da:e5:b8:d9:2b:80:d1:82:ec:f7:3c:75:67:
36:53:91:fc:6a:c7:9b:ed:fd:08:2c:91:53:8c:7d:a4:e3:71:
b8:13:66:1a:c4:05:f6:18:63:27:f3:3f:9f:e5:5f:7a:29:36:
75:17:e9:ad:ab:7b:4f:f0:e5:92:67:83:b9:12:5f:5d:99:e1:
2f:b8:23:d2:2b:1c:58:2b:61:c0:12:d3:23:31:38:94:39:a6:
a7:a9:3e:12
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQma93SaLmIKiZzyAgS8ksLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTBlNzEwNTMzZTYxYjljMDg3ZTBiZTMwZGZhMWY3OWRhOTQzNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpwmmW2jHvYPlqwrPG0rzMrsaX5e
CcU5KW8X/3C+xx807XWHPco62yqYLq9K5rUMzQC2lIe3DCEJHZLa3oeac/EwXNLc
9oNTAbymvljNR/PtSEkHk0NtPVy+JZEG4x8UOTk2/PLnBJh5o9vcB6DzJx36+NfM
3ChBTeiLb8ghQGFwWz1Di/CNy30X0TQ4lWYGB1Zf+AsayMJdWkvXG9dWtRdOuQQw
6UfewQd+yD6k8b/Mb0+CFqBM3hSAe6FWhAJ3n1PzoQtyE+R3+8yeXnzyWUE3vxAI
K7Ymu/BlogQ/y66YtIAe6B6BrZ0V2tVDLiD5/nIcKmOjtSHMdxl74oBnawIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBoOcQUz5hucCH4L4w36H3nalDdiMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvR2c1eEJUUG1HNXdJZmd2akRmb2ZlZHFVTjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTAMBAIAATAGAwQAXscB
MHEEAgACMGsDBwAqBFuAAAADBwAqBFuAAFMDBwAqBFuAAgADBwAqBFuAAgIDBgAq
BFuBEAMHACoEW4Ef/wMHBCoEW4EgEAMHBCoEW4EgYAMHBCoEW4IAAAMHACoEW4QA
AQMHACoEW4YAAQMHACoEW4cAATANBgkqhkiG9w0BAQsFAAOCAQEABC9ALk4S1sPt
oByyVxH61iJrHx2fxA+GbyQdZd81ROKIVlYGPxLqRuHQ/L2RSjZroZmgXAxHbR/U
SO8S8CkkOHtCUV7GTUWSoFdAo2VKfJo0l2L5HSmV9kPWlzFKfPqXiSzXpLG812Vc
S7fQWciF/55bBW1HR1d59ids+UmVYbrDujL2JB52Prlct/tqf/mjWYg/TAZes6dB
hCfh56EXPUPxn/Gi1PLa5bjZK4DRguz3PHVnNlOR/GrHm+39CCyRU4x9pONxuBNm
GsQF9hhjJ/M/n+Vfeik2dRfprat7T/DlkmeDuRJfXZnhL7gj0iscWCthwBLTIzE4
lDmmp6k+Eg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:32 2025 by rpki-client