Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GyIfddgMPWgW_KHXJdSNR3eqb8Q.roa
File: GyIfddgMPWgW_KHXJdSNR3eqb8Q.roa (raw, json)
Hash identifier: R5rgVxjc0TMSV6itMT7ijHNX8oq7wbibwN4m7T61L9Q=
Subject key identifier: 1B:22:1F:75:D8:0C:3D:68:16:FC:A1:D7:25:D4:8D:47:77:AA:6F:C4
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019420D5F35EEB6513A3322F17F36F2647A1
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GyIfddgMPWgW_KHXJdSNR3eqb8Q.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 94.16.30.0/23 maxlen: 23
94.16.30.128/25 maxlen: 25
94.16.104.0/22 maxlen: 24
94.16.108.0/22 maxlen: 24
94.16.112.0/21 maxlen: 24
94.16.120.0/22 maxlen: 24
185.216.176.0/22 maxlen: 22
185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
193.26.156.0/22 maxlen: 22
194.36.144.0/22 maxlen: 22
2a00:11c0:5f::/48 maxlen: 48
2a00:11c0:60::/48 maxlen: 48
2a00:11c0:81::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f3:5e:eb:65:13:a3:32:2f:17:f3:6f:26:47:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b221f75d80c3d6816fca1d725d48d4777aa6fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f1:bf:77:f1:4d:43:83:e1:a2:27:68:4f:e0:
2c:3c:09:5d:7b:8d:98:11:8e:de:7c:98:be:20:5b:
b3:f8:eb:69:4c:21:3c:cd:ce:c9:d7:1e:aa:65:09:
64:04:56:cb:bd:58:75:26:b2:55:5c:49:84:f3:61:
10:35:81:9f:e8:0a:aa:ab:3d:8a:d9:5e:43:de:15:
a4:f4:52:30:8f:14:95:22:7b:fc:36:7f:4f:1b:df:
42:37:0b:48:e0:4b:4d:a6:71:68:5c:7f:d2:ae:9b:
55:94:c9:8a:9e:14:e4:b3:b4:ad:65:3b:b5:03:d7:
73:6a:39:b3:99:e0:2b:32:ad:b1:93:c5:da:9a:b9:
65:f8:7e:40:56:da:69:5c:9e:7e:46:ae:00:f3:8e:
37:65:96:b4:3c:95:83:99:64:b8:3a:43:46:bc:e0:
0b:b4:16:7a:2f:9d:88:c9:73:cf:b7:b2:e2:85:34:
a0:60:5d:36:58:74:c1:42:db:cb:5d:8d:11:79:4d:
8a:50:2f:ab:a6:c5:0d:2b:3a:24:39:49:01:cc:23:
aa:29:7a:26:e3:23:bb:fa:68:ba:8f:66:13:36:72:
3a:2a:64:88:15:86:27:ee:0f:98:10:c6:5a:f5:27:
60:cb:91:ab:6a:71:8f:a4:6c:53:c7:55:74:f1:72:
9d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:22:1F:75:D8:0C:3D:68:16:FC:A1:D7:25:D4:8D:47:77:AA:6F:C4
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GyIfddgMPWgW_KHXJdSNR3eqb8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
94.16.104.0-94.16.123.255
185.216.176.0/22
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:5f::-2a00:11c0:60:ffff:ffff:ffff:ffff:ffff
2a00:11c0:81::/56
Signature Algorithm: sha256WithRSAEncryption
05:96:6a:cc:91:93:9c:ff:04:d6:8a:5d:f2:a2:18:b2:5a:44:
dc:22:7f:c7:f7:cb:9e:08:4d:46:c6:aa:03:d6:27:a2:6d:ad:
80:61:63:bf:ec:b1:b6:7d:6e:59:a3:3e:39:84:ab:1b:9f:5b:
5e:81:58:14:52:c0:ef:e5:cc:f9:f7:56:30:b5:38:59:33:10:
9b:de:53:04:69:43:28:4b:3e:c3:4f:dc:91:2d:34:70:35:47:
df:f2:de:66:e2:e5:46:28:28:9f:09:f6:7e:5e:47:73:39:57:
dc:1c:47:9b:ef:dd:c8:10:09:1b:d7:e5:89:52:09:51:64:3b:
b6:f8:cd:33:e5:99:00:4b:cc:85:0f:52:cf:0c:63:ff:96:85:
f7:cd:ae:ae:03:49:c4:0f:0d:1c:10:89:6e:ee:be:90:b4:47:
cb:89:e6:1b:4f:bd:ff:8f:61:cc:b3:b0:c6:bf:24:22:22:3c:
c9:cd:a7:3c:23:73:17:90:ae:e3:4c:c3:17:ba:5b:6a:16:83:
4d:08:c8:31:07:3e:61:73:1a:a4:83:69:53:1c:1a:8b:00:10:
75:5e:de:54:81:55:fa:fb:9c:cc:8a:d9:70:49:01:60:7e:41:
ef:90:73:14:ec:62:7c:64:9f:5f:24:4f:84:d4:16:1c:0f:e6:
eb:a2:f1:98
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQg1fNe62UTozIvF/NvJkehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIyMWY3NWQ4MGMzZDY4MTZmY2ExZDcyNWQ0OGQ0Nzc3YWE2ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPG/d/FNQ4PhoidoT+AsPAlde42Y
EY7efJi+IFuz+OtpTCE8zc7J1x6qZQlkBFbLvVh1JrJVXEmE82EQNYGf6Aqqqz2K
2V5D3hWk9FIwjxSVInv8Nn9PG99CNwtI4EtNpnFoXH/SrptVlMmKnhTks7StZTu1
A9dzajmzmeArMq2xk8Xamrll+H5AVtppXJ5+Rq4A8443ZZa0PJWDmWS4OkNGvOAL
tBZ6L52IyXPPt7LihTSgYF02WHTBQtvLXY0ReU2KUC+rpsUNKzokOUkBzCOqKXom
4yO7+mi6j2YTNnI6KmSIFYYn7g+YEMZa9Sdgy5GranGPpGxTx1V08XKdwwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBsiH3XYDD1oFvyh1yXUjUd3qm/EMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvR3lJZmRkZ01QV2dXX0tIWEpkU05SM2VxYjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDA4BAIAATAyAwQBXhAeMAwD
BANeEGgDBAJeEHgDBAK52LADBAK56EQDBAG8rOQDBALBGpwDBALCJJAwJAQCAAIw
HjASAwcAKgARwABfAwcAKgARwABgAwgAKgARwACBADANBgkqhkiG9w0BAQsFAAOC
AQEABZZqzJGTnP8E1opd8qIYslpE3CJ/x/fLnghNRsaqA9Ynom2tgGFjv+yxtn1u
WaM+OYSrG59bXoFYFFLA7+XM+fdWMLU4WTMQm95TBGlDKEs+w0/ckS00cDVH3/Le
ZuLlRigonwn2fl5HczlX3BxHm+/dyBAJG9fliVIJUWQ7tvjNM+WZAEvMhQ9Szwxj
/5aF982urgNJxA8NHBCJbu6+kLRHy4nmG0+9/49hzLOwxr8kIiI8yc2nPCNzF5Cu
40zDF7pbahaDTQjIMQc+YXMapINpUxwaiwAQdV7eVIFV+vuczIrZcEkBYH5B75Bz
FOxifGSfXyRPhNQWHA/m66LxmA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:11:16 2025 by rpki-client