Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/gk7tvvpNQKzq016DYIQrQnI1zIg.roa
File: gk7tvvpNQKzq016DYIQrQnI1zIg.roa (raw, json)
Hash identifier: GqU+/Xvx9R7K2mDYSrVU8YpXujBinhqdZQ6UcdPTRQQ=
Subject key identifier: 82:4E:ED:BE:FA:4D:40:AC:EA:D3:5E:83:60:84:2B:42:72:35:CC:88
Certificate issuer: /CN=3136402a14442e6b3a1539d64250128dcdd1ecdb
Certificate serial: 01954705459EED7606F1B924A63A684257E9
Authority key identifier: 31:36:40:2A:14:44:2E:6B:3A:15:39:D6:42:50:12:8D:CD:D1:EC:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTZAKhRELms6FTnWQlASjc3R7Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/gk7tvvpNQKzq016DYIQrQnI1zIg.roa
Signing time: Thu 27 Feb 2025 10:48:02 +0000
ROA not before: Thu 27 Feb 2025 10:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49824
IP address blocks: 185.136.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/MTZAKhRELms6FTnWQlASjc3R7Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/MTZAKhRELms6FTnWQlASjc3R7Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTZAKhRELms6FTnWQlASjc3R7Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:05:45:9e:ed:76:06:f1:b9:24:a6:3a:68:42:57:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3136402a14442e6b3a1539d64250128dcdd1ecdb
Validity
Not Before: Feb 27 10:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=824eedbefa4d40acead35e8360842b427235cc88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:6d:dd:a3:67:4f:10:14:08:cd:44:20:4f:
1b:27:25:67:11:ed:91:ae:48:e9:7c:fe:04:19:d5:
db:74:9a:08:37:43:b7:5a:3f:8f:2c:dc:95:60:6a:
eb:4c:fe:6d:f3:e5:3b:c7:4c:39:b1:37:bc:23:00:
7c:c2:0c:c5:88:b2:60:9c:2f:8f:63:9e:04:9d:a0:
93:34:60:58:31:e4:00:40:44:c2:0d:0d:2b:f8:97:
66:67:7f:2c:e1:29:a5:f4:9c:ef:59:87:9b:11:1e:
a6:89:79:94:47:4e:f2:4d:e7:3c:e1:ef:4b:a0:47:
4d:26:37:fb:68:fd:cb:5c:56:57:26:57:90:1e:36:
5b:6b:6e:94:e4:4e:02:94:7f:2d:fc:02:94:78:1f:
d5:e9:56:74:91:06:a8:c8:74:b5:5c:b9:e9:7b:f2:
4c:e9:bf:03:0c:57:e0:ce:23:7d:70:43:e4:af:45:
0d:63:7b:ed:fe:b3:f7:29:f0:18:3e:e8:de:61:7a:
ed:e3:54:78:36:95:13:5e:77:5b:99:e0:ad:77:8d:
cf:69:65:93:8b:e2:e1:2d:11:2f:07:85:cc:da:90:
f2:99:eb:15:d4:8b:49:95:ca:94:e8:ab:dc:c9:5a:
f3:a6:92:23:1b:4b:58:95:57:de:52:4c:56:ff:95:
cd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4E:ED:BE:FA:4D:40:AC:EA:D3:5E:83:60:84:2B:42:72:35:CC:88
X509v3 Authority Key Identifier:
keyid:31:36:40:2A:14:44:2E:6B:3A:15:39:D6:42:50:12:8D:CD:D1:EC:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTZAKhRELms6FTnWQlASjc3R7Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/gk7tvvpNQKzq016DYIQrQnI1zIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b009cf-59ca-43bc-bd51-c0a424e65973/1/MTZAKhRELms6FTnWQlASjc3R7Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.134.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:53:87:e3:37:d2:27:56:b5:29:a0:c0:30:60:4b:1f:cf:5f:
2d:f8:92:5f:76:4f:49:3c:51:6b:06:ac:34:6c:fa:5d:70:17:
4c:f8:0a:7e:3c:80:9a:d1:02:6c:6b:13:02:c4:67:e3:23:13:
14:59:9a:e4:00:ca:a3:db:13:63:52:04:3a:66:1b:f9:eb:b5:
10:ce:c8:c6:61:85:e4:bd:36:45:28:f2:96:b2:57:1b:c6:12:
6e:5e:f3:84:d7:fd:03:5d:a6:9f:ed:de:00:42:ce:a0:07:8b:
f8:88:01:8e:79:37:47:bb:42:56:a6:6e:04:f0:3b:a8:99:a7:
c6:41:68:20:53:61:98:79:2f:e0:ce:f5:f4:ab:c7:09:c8:c4:
9b:98:19:06:93:1a:ed:5b:0f:29:85:fa:d2:dc:f5:f7:95:0e:
ce:ba:a7:f4:33:60:5a:97:2d:a1:92:6b:d3:c3:96:58:21:c1:
60:6d:33:2a:88:97:9f:a8:e2:2f:ed:c1:7b:63:a1:46:3b:3e:
ad:6f:f4:40:de:59:17:32:05:92:c8:0d:d1:cf:fe:f9:00:dc:
1e:a3:18:40:b1:cc:a6:c8:5d:d8:27:0a:22:c6:e7:7a:89:35:
24:f8:6a:56:cd:ee:f0:6f:a2:c1:9c:c9:63:1f:79:5c:95:fc:
bb:a9:68:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVHBUWe7XYG8bkkpjpoQlfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMzY0MDJhMTQ0NDJlNmIzYTE1MzlkNjQyNTAxMjhkY2Rk
MWVjZGIwHhcNMjUwMjI3MTA0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRlZWRiZWZhNGQ0MGFjZWFkMzVlODM2MDg0MmI0MjcyMzVjYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocZt3aNnTxAUCM1EIE8bJyVnEe2R
rkjpfP4EGdXbdJoIN0O3Wj+PLNyVYGrrTP5t8+U7x0w5sTe8IwB8wgzFiLJgnC+P
Y54EnaCTNGBYMeQAQETCDQ0r+JdmZ38s4Sml9JzvWYebER6miXmUR07yTec84e9L
oEdNJjf7aP3LXFZXJleQHjZba26U5E4ClH8t/AKUeB/V6VZ0kQaoyHS1XLnpe/JM
6b8DDFfgziN9cEPkr0UNY3vt/rP3KfAYPujeYXrt41R4NpUTXndbmeCtd43PaWWT
i+LhLREvB4XM2pDymesV1ItJlcqU6KvcyVrzppIjG0tYlVfeUkxW/5XNcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJO7b76TUCs6tNeg2CEK0JyNcyIMB8GA1UdIwQY
MBaAFDE2QCoURC5rOhU51kJQEo3N0ezbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVRaQUtoUkVMbXM2RlRuV1FsQVNqYzNSN05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iMDA5Y2YtNTljYS00M2JjLWJkNTEt
YzBhNDI0ZTY1OTczLzEvZ2s3dHZ2cE5RS3pxMDE2RFlJUXJRbkkxeklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iMDA5Y2YtNTljYS00M2JjLWJkNTEtYzBhNDI0ZTY1OTcz
LzEvTVRaQUtoUkVMbXM2RlRuV1FsQVNqYzNSN05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiGMA0G
CSqGSIb3DQEBCwUAA4IBAQDAU4fjN9InVrUpoMAwYEsfz18t+JJfdk9JPFFrBqw0
bPpdcBdM+Ap+PICa0QJsaxMCxGfjIxMUWZrkAMqj2xNjUgQ6Zhv567UQzsjGYYXk
vTZFKPKWslcbxhJuXvOE1/0DXaaf7d4AQs6gB4v4iAGOeTdHu0JWpm4E8DuomafG
QWggU2GYeS/gzvX0q8cJyMSbmBkGkxrtWw8phfrS3PX3lQ7Ouqf0M2Baly2hkmvT
w5ZYIcFgbTMqiJefqOIv7cF7Y6FGOz6tb/RA3lkXMgWSyA3Rz/75ANweoxhAscym
yF3YJwoixud6iTUk+GpWze7wb6LBnMljH3lclfy7qWgG
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:01:12 2025 by rpki-client