Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cgzYnFcu_mDuwGqAIXrHGtcO3Ks.roa
File: cgzYnFcu_mDuwGqAIXrHGtcO3Ks.roa (raw, json)
Hash identifier: Bl7OVqseOmMJW7D1SEH6uh7qqqs1drLEtQYSZ338Y9k=
Subject key identifier: 72:0C:D8:9C:57:2E:FE:60:EE:C0:6A:80:21:7A:C7:1A:D7:0E:DC:AB
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746B5FA2A4A280F639C0B950B26C3BF
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cgzYnFcu_mDuwGqAIXrHGtcO3Ks.roa
Signing time: Thu 02 Jan 2025 13:48:52 +0000
ROA not before: Thu 02 Jan 2025 13:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211557
IP address blocks: 188.132.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:b5:fa:2a:4a:28:0f:63:9c:0b:95:0b:26:c3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=720cd89c572efe60eec06a80217ac71ad70edcab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:64:e8:a7:77:10:d6:04:1c:07:ff:04:d7:
35:1d:ee:72:6c:cb:95:da:60:90:0a:f0:b5:78:fb:
62:a1:be:00:38:38:43:4a:56:79:bb:44:e4:6b:5e:
32:f7:92:32:93:c8:ec:e9:99:5a:42:5c:d7:c2:0e:
1c:e8:df:75:eb:fa:95:96:64:cb:03:eb:cd:12:e1:
1b:ea:02:13:9e:86:31:28:7e:48:d1:fc:d6:a2:11:
4b:b7:05:ad:80:98:6d:04:cb:cb:ed:06:c1:23:fc:
ea:79:aa:9b:05:aa:30:80:92:df:18:25:d2:6a:14:
c7:46:4c:ba:a0:18:2a:db:ee:32:20:d9:db:79:c5:
75:4e:59:3f:01:fd:54:8c:59:2d:2e:26:e2:ab:4e:
99:89:60:84:4f:81:42:10:3d:66:b2:13:d3:84:b4:
32:65:1d:45:62:fa:58:25:7c:83:9e:73:38:1f:26:
28:72:4d:02:95:76:b7:07:ad:15:c7:96:09:4c:f4:
b0:60:97:5d:60:c9:f1:e3:52:fc:bb:be:19:65:e4:
63:31:6d:5c:18:cc:7b:08:ff:3f:18:0b:9d:dd:87:
46:4f:90:ee:d2:ec:36:e5:82:2d:bd:14:3f:8b:70:
65:eb:21:01:32:65:94:43:54:dd:56:72:4a:29:f4:
79:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0C:D8:9C:57:2E:FE:60:EE:C0:6A:80:21:7A:C7:1A:D7:0E:DC:AB
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cgzYnFcu_mDuwGqAIXrHGtcO3Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.237.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3c:7b:df:a7:af:70:03:7b:04:fa:ba:ab:87:45:f1:3a:bd:
47:1e:1a:30:60:6e:65:03:1b:53:76:f8:d1:1f:60:56:87:9e:
51:fb:fd:de:7b:ba:be:a9:64:da:50:36:17:bf:32:2d:9b:ac:
9b:b9:c2:72:f8:c8:d3:ca:fa:a9:0e:7b:53:a2:8a:9a:47:4a:
3c:69:97:fc:f2:ac:64:d9:d6:d6:43:4c:43:34:08:1e:80:32:
1a:fc:e7:00:d9:19:b4:77:76:61:cd:a5:42:b9:51:30:ce:bf:
6c:43:17:2e:79:c0:35:2e:9c:64:f1:3a:0a:38:c1:9d:2b:f9:
c6:61:c2:90:ce:b2:5f:07:c4:5b:11:09:49:b4:8d:c6:cc:3f:
90:7a:b1:30:7b:17:0e:84:9b:29:08:10:db:60:ff:45:cc:13:
42:90:50:1e:c6:f0:73:a6:2b:7e:7b:50:9a:d5:f2:fe:dc:3f:
65:2f:03:ff:07:bf:55:07:12:84:cd:1a:0e:1f:07:69:87:17:
25:b0:6d:f4:cc:53:22:90:41:02:09:ff:13:65:61:fd:1b:bf:
71:18:35:6d:4f:1d:fa:9f:95:2b:a0:d3:2f:d8:f0:3a:2f:65:
0a:60:b2:e7:cd:72:0a:e5:6a:6e:1d:d2:4d:0e:e8:64:f2:02:
b3:d6:8e:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRrX6KkooD2OcC5ULJsO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBjZDg5YzU3MmVmZTYwZWVjMDZhODAyMTdhYzcxYWQ3MGVkY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyJk6Kd3ENYEHAf/BNc1He5ybMuV
2mCQCvC1ePtiob4AODhDSlZ5u0Tka14y95Iyk8js6ZlaQlzXwg4c6N916/qVlmTL
A+vNEuEb6gITnoYxKH5I0fzWohFLtwWtgJhtBMvL7QbBI/zqeaqbBaowgJLfGCXS
ahTHRky6oBgq2+4yINnbecV1Tlk/Af1UjFktLibiq06ZiWCET4FCED1mshPThLQy
ZR1FYvpYJXyDnnM4HyYock0ClXa3B60Vx5YJTPSwYJddYMnx41L8u74ZZeRjMW1c
GMx7CP8/GAud3YdGT5Du0uw25YItvRQ/i3Bl6yEBMmWUQ1TdVnJKKfR5GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIM2JxXLv5g7sBqgCF6xxrXDtyrMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvY2d6WW5GY3VfbUR1d0dxQUlYckhHdGNPM0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITtMA0G
CSqGSIb3DQEBCwUAA4IBAQADPHvfp69wA3sE+rqrh0XxOr1HHhowYG5lAxtTdvjR
H2BWh55R+/3ee7q+qWTaUDYXvzItm6ybucJy+MjTyvqpDntTooqaR0o8aZf88qxk
2dbWQ0xDNAgegDIa/OcA2Rm0d3ZhzaVCuVEwzr9sQxcuecA1Lpxk8ToKOMGdK/nG
YcKQzrJfB8RbEQlJtI3GzD+QerEwexcOhJspCBDbYP9FzBNCkFAexvBzpit+e1Ca
1fL+3D9lLwP/B79VBxKEzRoOHwdphxclsG30zFMikEECCf8TZWH9G79xGDVtTx36
n5UroNMv2PA6L2UKYLLnzXIK5WpuHdJNDuhk8gKz1o4h
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:11:51 2025 by rpki-client