Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/GCU6ctyJbqAMhWQYVpX0QaP8Qy4.roa
File: GCU6ctyJbqAMhWQYVpX0QaP8Qy4.roa (raw, json)
Hash identifier: dW5jCxXLX0Q6KCT48fWLPtjZskUAawNAnNuHkyFw1ow=
Subject key identifier: 18:25:3A:72:DC:89:6E:A0:0C:85:64:18:56:95:F4:41:A3:FC:43:2E
Certificate issuer: /CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Certificate serial: 01942823BDBECB008DA9D660C34A5C24F051
Authority key identifier: 06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/GCU6ctyJbqAMhWQYVpX0QaP8Qy4.roa
Signing time: Thu 02 Jan 2025 17:50:18 +0000
ROA not before: Thu 02 Jan 2025 17:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209830
IP address blocks: 193.135.120.0/22 maxlen: 22
193.141.23.0/24 maxlen: 24
193.141.24.0/24 maxlen: 24
2a09:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:bd:be:cb:00:8d:a9:d6:60:c3:4a:5c:24:f0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064dcd0ee7014efb2e3b554fbb706384ef11d051
Validity
Not Before: Jan 2 17:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18253a72dc896ea00c8564185695f441a3fc432e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:37:76:45:ff:ec:9b:79:fc:05:f4:ca:03:
34:04:be:c8:2c:86:aa:58:cc:de:f7:6f:01:09:6e:
2a:17:ab:ef:41:bb:fa:2c:f2:2f:37:48:f4:98:c8:
bb:03:f3:6e:46:f6:28:a6:1d:ce:83:87:f9:b8:4f:
b9:82:aa:ee:e3:11:e0:23:33:c2:6f:04:d6:9b:f9:
66:7b:83:e0:6a:d2:84:82:73:e5:83:b6:a9:f0:3b:
e1:28:5e:9f:d2:8c:a9:da:98:d8:84:bc:22:9e:c6:
34:ff:96:85:26:73:a9:e9:74:1c:24:ea:23:dc:09:
85:83:ff:47:8c:e3:ef:2d:9f:54:bb:24:70:89:72:
a9:93:46:55:c8:46:ff:2a:46:11:30:11:98:7c:33:
6d:ba:39:70:f3:e7:c0:79:0c:4f:2c:8d:59:71:68:
76:09:49:b3:84:d8:21:f4:3d:3f:7f:98:1c:94:5d:
51:74:73:a4:e3:2f:7b:cc:2b:fe:63:4d:a4:ac:3b:
ff:b2:4d:75:95:3c:69:a5:49:c4:ce:5e:3c:a8:34:
e8:3b:56:28:ca:80:ab:e7:28:50:a9:9c:c9:3c:6c:
68:21:af:21:b4:18:04:a9:63:0e:3b:2f:25:ac:1b:
6d:17:20:7a:5f:7c:30:60:4b:d3:cc:0f:3c:65:b1:
ba:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:25:3A:72:DC:89:6E:A0:0C:85:64:18:56:95:F4:41:A3:FC:43:2E
X509v3 Authority Key Identifier:
keyid:06:4D:CD:0E:E7:01:4E:FB:2E:3B:55:4F:BB:70:63:84:EF:11:D0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bk3NDucBTvsuO1VPu3BjhO8R0FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/GCU6ctyJbqAMhWQYVpX0QaP8Qy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dcb08c-5515-445c-ad99-fb4740fda250/1/Bk3NDucBTvsuO1VPu3BjhO8R0FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.120.0/22
193.141.23.0-193.141.24.255
IPv6:
2a09:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
4d:91:a2:3b:21:b2:1e:e8:da:8d:0e:da:fd:1f:96:b2:45:a5:
99:26:5f:ca:99:44:ed:e1:90:dd:82:95:29:a2:17:ab:7a:f6:
7d:f4:d0:3b:f0:f6:66:39:8d:4d:a0:29:08:0a:59:c2:4b:6a:
59:28:b2:19:e4:b9:84:b9:a5:c6:39:b0:67:8e:b0:56:07:39:
de:27:42:b9:4c:f8:68:55:c8:a5:d0:7d:8f:18:b8:07:f0:92:
7b:e2:04:dc:4c:2c:f2:9f:f8:a7:ad:29:d4:ec:dc:9b:ab:e1:
67:d5:94:60:26:12:1a:b3:44:3e:d3:2d:cb:17:83:d0:40:81:
d7:40:4c:2c:11:3b:36:3d:11:32:5f:c3:75:a7:f2:16:e3:8f:
18:91:5e:db:67:82:fb:ae:08:0e:ef:51:ae:3e:e7:fe:29:86:
dc:68:74:0d:98:6d:25:19:26:e5:fc:3a:50:9d:6d:d6:50:b4:
d8:04:05:82:ae:07:61:10:38:a5:d3:3a:4b:41:77:94:4f:6f:
35:e5:57:b8:59:c1:34:a6:84:3e:e4:e5:36:04:cc:75:16:b0:
6b:11:65:b1:c8:73:cf:d7:c2:e7:72:7e:3d:56:da:67:e9:2e:
6f:f6:94:f1:10:a1:0d:b5:2b:6e:0c:97:64:80:13:ad:a7:5d:
86:c9:06:c6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoI72+ywCNqdZgw0pcJPBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGRjZDBlZTcwMTRlZmIyZTNiNTU0ZmJiNzA2Mzg0ZWYx
MWQwNTEwHhcNMjUwMTAyMTc1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI1M2E3MmRjODk2ZWEwMGM4NTY0MTg1Njk1ZjQ0MWEzZmM0MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDQ3dkX/7Jt5/AX0ygM0BL7ILIaq
WMze928BCW4qF6vvQbv6LPIvN0j0mMi7A/NuRvYoph3Og4f5uE+5gqru4xHgIzPC
bwTWm/lme4PgatKEgnPlg7ap8DvhKF6f0oyp2pjYhLwinsY0/5aFJnOp6XQcJOoj
3AmFg/9HjOPvLZ9UuyRwiXKpk0ZVyEb/KkYRMBGYfDNtujlw8+fAeQxPLI1ZcWh2
CUmzhNgh9D0/f5gclF1RdHOk4y97zCv+Y02krDv/sk11lTxppUnEzl48qDToO1Yo
yoCr5yhQqZzJPGxoIa8htBgEqWMOOy8lrBttFyB6X3wwYEvTzA88ZbG6twIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBglOnLciW6gDIVkGFaV9EGj/EMuMB8GA1UdIwQY
MBaAFAZNzQ7nAU77LjtVT7twY4TvEdBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTkt
ZmI0NzQwZmRhMjUwLzEvR0NVNmN0eUpicUFNaFdRWVZwWDBRYVA4UXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kY2IwOGMtNTUxNS00NDVjLWFkOTktZmI0NzQwZmRhMjUw
LzEvQmszTkR1Y0JUdnN1TzFWUHUzQmpoTzhSMEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCwYd4MAwD
BADBjRcDBADBjRgwDQQCAAIwBwMFAyoJ+wAwDQYJKoZIhvcNAQELBQADggEBAE2R
ojshsh7o2o0O2v0flrJFpZkmX8qZRO3hkN2ClSmiF6t69n300Dvw9mY5jU2gKQgK
WcJLalkoshnkuYS5pcY5sGeOsFYHOd4nQrlM+GhVyKXQfY8YuAfwknviBNxMLPKf
+KetKdTs3Jur4WfVlGAmEhqzRD7TLcsXg9BAgddATCwROzY9ETJfw3Wn8hbjjxiR
XttngvuuCA7vUa4+5/4phtxodA2YbSUZJuX8OlCdbdZQtNgEBYKuB2EQOKXTOktB
d5RPbzXlV7hZwTSmhD7k5TYEzHUWsGsRZbHIc8/Xwudyfj1W2mfpLm/2lPEQoQ21
K24Ml2SAE62nXYbJBsY=
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:01:44 2025 by rpki-client