Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GjbPxBzU3U7rT1JdZhHZDd1HM7k.roa
File: GjbPxBzU3U7rT1JdZhHZDd1HM7k.roa (raw, json)
Hash identifier: DAvJsyJfVJdg/kckeFaW5CqpTGHSbLUw0aZ/d5KovrA=
Subject key identifier: 1A:36:CF:C4:1C:D4:DD:4E:EB:4F:52:5D:66:11:D9:0D:DD:47:33:B9
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827BCE521181B5B6718B67E4B99B39A
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GjbPxBzU3U7rT1JdZhHZDd1HM7k.roa
Signing time: Thu 02 Jan 2025 17:54:40 +0000
ROA not before: Thu 02 Jan 2025 17:54:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43359
IP address blocks: 79.172.239.0/24 maxlen: 24
79.172.252.0/24 maxlen: 24
87.229.68.0/24 maxlen: 24
87.229.76.0/24 maxlen: 24
178.238.208.0/24 maxlen: 24
178.238.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:bc:e5:21:18:1b:5b:67:18:b6:7e:4b:99:b3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a36cfc41cd4dd4eeb4f525d6611d90ddd4733b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:f4:9d:e6:27:97:93:29:5b:b6:bf:07:ac:
e1:2a:3c:e7:61:e3:61:db:65:a7:e2:36:82:26:69:
f6:28:37:2f:8a:d0:2e:63:30:5c:e7:3c:6c:93:38:
58:34:ba:05:8a:c0:c8:5c:23:2b:68:4b:b0:06:f7:
d3:4d:a6:d0:ed:bb:67:d3:81:6b:3e:92:3e:27:fc:
12:26:48:7c:8d:61:14:4c:57:41:7a:70:95:1a:45:
b0:f0:be:f0:c6:27:b6:c3:71:79:da:83:d6:4d:ad:
b0:75:cc:6e:73:4a:e5:1f:a5:fa:67:39:fa:50:10:
00:43:41:c9:8a:1d:22:0c:90:7e:f2:5b:5d:00:fb:
3a:06:17:b5:16:81:85:ee:b7:5e:1a:84:96:f3:c9:
71:5c:63:05:88:4e:18:bd:71:a8:5f:3b:f4:03:59:
45:8a:86:7f:f7:af:42:1f:38:75:d6:12:2e:3c:2f:
7a:09:f1:6b:26:d0:bb:82:3f:ce:86:80:2b:3c:e7:
00:b8:c8:f3:32:7f:e7:ef:11:9f:dd:99:32:b1:c4:
59:46:3f:5f:2b:37:6c:8e:48:bc:9b:0f:ca:4f:4c:
21:52:67:16:9f:e8:20:e9:00:91:a8:2e:ae:9f:7a:
52:43:17:73:77:5f:4a:80:1d:16:72:fd:91:8d:1b:
82:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:36:CF:C4:1C:D4:DD:4E:EB:4F:52:5D:66:11:D9:0D:DD:47:33:B9
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GjbPxBzU3U7rT1JdZhHZDd1HM7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.239.0/24
79.172.252.0/24
87.229.68.0/24
87.229.76.0/24
178.238.208.0/24
178.238.222.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9b:a8:22:77:64:65:da:b6:fc:c7:17:4e:aa:df:5d:8d:84:
84:0f:ad:b0:1c:cb:81:14:5f:df:f6:bf:a8:88:dc:f6:86:33:
8c:24:70:44:ab:5a:b5:8d:44:48:db:c6:b9:70:5f:f9:7e:c9:
35:7b:70:fe:f2:ee:d3:db:57:92:64:00:20:62:09:f6:41:e0:
b6:13:f6:df:12:e4:24:82:96:16:9e:06:51:41:7f:32:2a:a5:
2e:a5:e1:71:61:48:04:10:3e:c0:2b:00:cb:fa:d8:57:09:82:
4d:83:80:f1:00:ad:26:c2:b0:c1:98:8e:34:eb:14:8c:3c:94:
9c:3f:c7:65:af:cd:54:b1:85:39:96:27:ad:47:32:9c:f0:57:
b3:72:53:61:5c:4f:e1:45:5d:71:ec:d1:07:d3:43:a9:53:b1:
52:be:23:e1:48:5c:53:b3:24:38:23:34:ca:d2:6f:30:fe:fe:
23:40:70:bc:e6:04:1d:25:65:5a:3e:a8:64:a0:9b:0f:56:ca:
4b:44:2b:a3:e8:5d:03:05:17:c5:bd:b9:87:11:5a:48:12:63:
c5:5e:59:8b:34:74:1b:ba:fc:7e:fb:22:f0:2b:a9:c3:f2:fe:
2d:a3:70:b6:b4:dd:cd:4f:9f:fc:0c:c7:6f:3b:1d:b1:a5:d8:
ed:2d:17:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJ7zlIRgbW2cYtn5LmbOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM2Y2ZjNDFjZDRkZDRlZWI0ZjUyNWQ2NjExZDkwZGRkNDczM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslT0neYnl5MpW7a/B6zhKjznYeNh
22Wn4jaCJmn2KDcvitAuYzBc5zxskzhYNLoFisDIXCMraEuwBvfTTabQ7btn04Fr
PpI+J/wSJkh8jWEUTFdBenCVGkWw8L7wxie2w3F52oPWTa2wdcxuc0rlH6X6Zzn6
UBAAQ0HJih0iDJB+8ltdAPs6Bhe1FoGF7rdeGoSW88lxXGMFiE4YvXGoXzv0A1lF
ioZ/969CHzh11hIuPC96CfFrJtC7gj/OhoArPOcAuMjzMn/n7xGf3ZkyscRZRj9f
Kzdsjki8mw/KT0whUmcWn+gg6QCRqC6un3pSQxdzd19KgB0Wcv2RjRuC7QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBo2z8Qc1N1O609SXWYR2Q3dRzO5MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvR2piUHhCelUzVTdyVDFKZFpoSFpEZDFITTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zvAwQA
T6z8AwQAV+VEAwQAV+VMAwQAsu7QAwQAsu7eMA0GCSqGSIb3DQEBCwUAA4IBAQBw
m6gid2Rl2rb8xxdOqt9djYSED62wHMuBFF/f9r+oiNz2hjOMJHBEq1q1jURI28a5
cF/5fsk1e3D+8u7T21eSZAAgYgn2QeC2E/bfEuQkgpYWngZRQX8yKqUupeFxYUgE
ED7AKwDL+thXCYJNg4DxAK0mwrDBmI406xSMPJScP8dlr81UsYU5lietRzKc8Fez
clNhXE/hRV1x7NEH00OpU7FSviPhSFxTsyQ4IzTK0m8w/v4jQHC85gQdJWVaPqhk
oJsPVspLRCuj6F0DBRfFvbmHEVpIEmPFXlmLNHQbuvx++yLwK6nD8v4to3C2tN3N
T5/8DMdvOx2xpdjtLRei
-----END CERTIFICATE-----
Generated at Sat Apr 12 17:04:18 2025 by rpki-client