Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/gbHDNVxhp631JF7kQGHN7jVCQUE.roa
File: gbHDNVxhp631JF7kQGHN7jVCQUE.roa (raw, json)
Hash identifier: vJG2GjwA3KMSIr2ScTupuKanJzuxl2pcpBm74i5fk/Q=
Subject key identifier: 81:B1:C3:35:5C:61:A7:AD:F5:24:5E:E4:40:61:CD:EE:35:42:41:41
Certificate issuer: /CN=41f282cc1c07697ff5b5190c714393d542406d43
Certificate serial: 019722142463B195250A93FA370F0B3820D1
Authority key identifier: 41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/gbHDNVxhp631JF7kQGHN7jVCQUE.roa
Signing time: Fri 30 May 2025 16:43:54 +0000
ROA not before: Fri 30 May 2025 16:43:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208449
IP address blocks: 45.90.168.0/24 maxlen: 24
45.90.169.0/24 maxlen: 24
45.90.170.0/24 maxlen: 24
45.90.171.0/24 maxlen: 24
2a0d:f100::/29 maxlen: 32
2a0d:f100::/32 maxlen: 32
2a0d:f103::/32 maxlen: 32
2a0d:f107::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:14:24:63:b1:95:25:0a:93:fa:37:0f:0b:38:20:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f282cc1c07697ff5b5190c714393d542406d43
Validity
Not Before: May 30 16:43:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b1c3355c61a7adf5245ee44061cdee35424141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c7:31:cd:28:99:41:f4:17:cd:7b:34:f1:ec:
ee:ed:9f:2c:fa:20:d8:63:2d:4e:53:69:73:b6:6c:
ee:c0:3a:3c:38:a5:61:bd:d6:5d:6a:3f:e6:90:1a:
e0:f0:e5:9e:5f:c7:9f:79:47:48:63:58:d2:58:f5:
52:44:ca:96:fe:0a:07:61:cf:15:16:5e:4d:66:2d:
80:1c:0b:46:2e:7b:cd:01:aa:6c:a6:64:e4:a6:cd:
f4:79:e0:78:3c:b9:e6:6e:af:8c:4c:6a:3c:23:54:
5b:28:2d:81:c4:c4:22:68:cc:68:61:ad:e9:93:ee:
88:61:2f:ab:e2:13:61:2e:5f:ce:3a:ae:db:da:72:
54:82:e3:b9:21:7b:51:c8:dc:93:2d:69:fe:00:9d:
8f:c8:a5:e1:cc:39:42:6c:10:d1:18:7d:64:80:cf:
8c:e8:6e:b5:6b:15:ef:15:d4:9d:c0:1c:b8:42:ea:
99:e5:3e:99:a1:fc:d1:e0:70:b8:54:b2:e6:80:32:
62:dd:ba:5b:3f:86:1e:58:31:eb:98:59:37:87:85:
9c:aa:df:10:9e:f6:ab:ff:08:53:78:e2:04:53:a3:
14:2e:3e:fb:1b:7f:a5:06:99:86:21:da:9b:4f:e9:
90:0d:55:d8:85:ef:79:f7:d5:25:52:ff:d3:15:2b:
24:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B1:C3:35:5C:61:A7:AD:F5:24:5E:E4:40:61:CD:EE:35:42:41:41
X509v3 Authority Key Identifier:
keyid:41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/gbHDNVxhp631JF7kQGHN7jVCQUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.168.0/22
IPv6:
2a0d:f100::/29
Signature Algorithm: sha256WithRSAEncryption
63:3d:9d:62:41:72:b4:9a:21:a7:eb:0e:33:bf:eb:95:bd:27:
50:05:0c:4c:4a:75:57:1f:2f:cb:fe:8c:c7:48:ef:dd:b2:cf:
70:0f:f4:ca:f3:d9:3d:9f:d1:a5:91:75:aa:56:d1:8d:74:d4:
e7:bc:7e:74:62:50:5c:5f:eb:67:b4:63:b1:1e:51:4d:05:c0:
b5:fc:7b:23:e8:e7:f2:de:d0:f5:44:75:7c:90:78:ef:f8:f2:
ff:6e:36:94:c0:58:6e:03:eb:5f:0d:ba:70:29:4c:f9:2a:06:
65:22:f0:c5:78:71:6d:ac:dc:f9:5d:7b:4a:7a:2e:2d:58:45:
24:a8:7a:a4:8e:04:73:5d:c4:80:dd:92:38:1a:9c:fb:50:09:
07:0b:f3:08:0a:ee:7b:b2:37:5a:ea:82:46:6a:49:8f:e6:cb:
68:85:3f:4b:91:8a:53:e9:b0:aa:b3:a8:b4:cc:90:b3:b7:18:
e9:46:95:93:d9:69:ac:16:79:bb:6c:a2:b3:dd:5e:02:af:1d:
46:eb:d7:1b:94:fb:08:fc:56:76:4f:41:a9:d2:ae:63:fb:ad:
c2:ff:f4:68:d0:08:8f:6e:42:7d:e8:cb:d7:78:5a:8f:6e:1b:
b2:d0:a0:7f:86:37:32:6c:e9:47:c7:2d:5a:c0:47:9b:12:1f:
fd:42:ee:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZciFCRjsZUlCpP6Nw8LOCDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjI4MmNjMWMwNzY5N2ZmNWI1MTkwYzcxNDM5M2Q1NDI0
MDZkNDMwHhcNMjUwNTMwMTY0MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIxYzMzNTVjNjFhN2FkZjUyNDVlZTQ0MDYxY2RlZTM1NDI0MTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ccxzSiZQfQXzXs08ezu7Z8s+iDY
Yy1OU2lztmzuwDo8OKVhvdZdaj/mkBrg8OWeX8efeUdIY1jSWPVSRMqW/goHYc8V
Fl5NZi2AHAtGLnvNAapspmTkps30eeB4PLnmbq+MTGo8I1RbKC2BxMQiaMxoYa3p
k+6IYS+r4hNhLl/OOq7b2nJUguO5IXtRyNyTLWn+AJ2PyKXhzDlCbBDRGH1kgM+M
6G61axXvFdSdwBy4QuqZ5T6ZofzR4HC4VLLmgDJi3bpbP4YeWDHrmFk3h4Wcqt8Q
nvar/whTeOIEU6MULj77G3+lBpmGIdqbT+mQDVXYhe9599UlUv/TFSskFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIGxwzVcYaet9SRe5EBhze41QkFBMB8GA1UdIwQY
MBaAFEHygswcB2l/9bUZDHFDk9VCQG1DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQt
ZTNlZWNmOWRmYWFkLzEvZ2JIRE5WeGhwNjMxSkY3a1FHSE43alZDUVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQtZTNlZWNmOWRmYWFk
LzEvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqoMA0E
AgACMAcDBQMqDfEAMA0GCSqGSIb3DQEBCwUAA4IBAQBjPZ1iQXK0miGn6w4zv+uV
vSdQBQxMSnVXHy/L/ozHSO/dss9wD/TK89k9n9GlkXWqVtGNdNTnvH50YlBcX+tn
tGOxHlFNBcC1/Hsj6Ofy3tD1RHV8kHjv+PL/bjaUwFhuA+tfDbpwKUz5KgZlIvDF
eHFtrNz5XXtKei4tWEUkqHqkjgRzXcSA3ZI4Gpz7UAkHC/MICu57sjda6oJGakmP
5stohT9LkYpT6bCqs6i0zJCztxjpRpWT2WmsFnm7bKKz3V4Crx1G69cblPsI/FZ2
T0Gp0q5j+63C//Ro0AiPbkJ96MvXeFqPbhuy0KB/hjcybOlHxy1awEebEh/9Qu55
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:07:01 2025 by rpki-client