
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GcaaSEbhJHFVhQJbphKB2PN0_0o.roa
File: GcaaSEbhJHFVhQJbphKB2PN0_0o.roa (raw, json)
Hash identifier: vuHzhXN+wyIqOVO4wT35DeqmxstLh4v95AsrV+kQcMg=
Subject key identifier: 19:C6:9A:48:46:E1:24:71:55:85:02:5B:A6:12:81:D8:F3:74:FF:4A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0197CA3ECCEF1BD361D8EC826D4C793B9072
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GcaaSEbhJHFVhQJbphKB2PN0_0o.roa
Signing time: Wed 02 Jul 2025 08:26:42 +0000
ROA not before: Wed 02 Jul 2025 08:26:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207350
IP address blocks: 46.249.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 02:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:3e:cc:ef:1b:d3:61:d8:ec:82:6d:4c:79:3b:90:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 2 08:26:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19c69a4846e124715585025ba61281d8f374ff4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:d7:c7:72:ad:7c:67:be:fa:d3:f8:82:99:
ea:7e:f3:a4:9f:8f:44:e7:63:df:0c:78:23:64:aa:
a4:a4:17:a6:f1:10:6c:2a:1d:ee:aa:61:6b:aa:0a:
14:94:5d:12:9d:19:ae:97:0c:f1:8b:03:ef:66:e9:
22:4d:a2:06:96:85:e3:9b:00:68:78:e2:cb:fa:f5:
44:40:3a:ce:bf:22:72:c9:a3:1f:e8:3b:c1:63:da:
7a:0c:8c:78:58:38:11:52:53:83:a7:ab:28:ff:ec:
92:81:ca:df:ec:0d:e0:c7:38:2d:19:11:66:28:52:
73:d6:69:a1:54:40:2a:ef:6f:45:09:3d:0b:4a:68:
3e:84:92:af:53:2d:7c:63:8d:4c:a3:2d:01:bf:78:
ed:47:78:90:76:b1:a9:22:c1:c0:ba:3d:e5:71:2d:
e5:34:1c:96:bd:de:b3:4c:95:f3:1a:df:17:66:96:
69:84:80:4b:46:97:5a:fc:a1:ef:8e:70:5e:98:80:
f7:5b:5d:8f:fd:a6:eb:bd:13:f9:83:f0:15:6e:86:
3a:5c:3a:24:d4:cb:4c:58:ad:f0:a0:59:c5:29:2a:
94:41:10:85:65:1e:c1:2e:ee:c7:07:1b:c3:88:1d:
c0:05:8a:b0:d0:32:02:a3:19:52:00:bd:84:6d:59:
a1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C6:9A:48:46:E1:24:71:55:85:02:5B:A6:12:81:D8:F3:74:FF:4A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GcaaSEbhJHFVhQJbphKB2PN0_0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.110.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a2:5b:3e:de:2f:4e:ed:09:76:76:70:14:33:5a:24:98:a7:
91:0f:eb:80:d0:27:b0:b1:6f:bf:1c:90:a0:26:0e:1b:69:8b:
28:d0:91:70:37:62:09:d8:4c:18:f8:c5:ba:40:f9:ec:c6:5f:
cc:4d:2b:35:10:54:f7:ed:17:dc:d6:4d:c1:5e:f2:e3:2d:f7:
93:1d:2c:c1:55:0b:bf:dc:32:54:c9:59:42:b5:5c:bf:b6:4b:
04:42:b5:df:7a:c9:dc:b8:85:69:38:8a:26:7e:4c:dc:ce:0a:
e5:30:d5:75:9c:9d:da:8c:7d:23:15:04:f1:ce:b6:19:27:c5:
97:8d:6c:96:65:16:99:78:65:62:74:96:c5:0d:da:8d:fe:24:
67:82:90:36:51:e6:42:68:10:20:61:9d:d4:e6:e1:0c:57:3c:
34:2f:82:7e:cf:e9:77:18:41:07:23:1c:ec:44:b5:2a:81:bf:
67:df:58:e7:7f:2a:0d:bd:03:31:fd:6b:90:be:b5:11:58:45:
b8:78:dc:5a:d2:66:de:ca:de:53:ba:b1:ed:41:67:83:e8:88:
1d:21:88:23:8e:06:c2:00:a3:6e:97:ad:0a:53:3b:07:df:f5:
65:50:83:b7:15:88:4d:75:df:e4:c9:29:47:3c:7e:eb:42:c0:
8a:6c:8e:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfKPszvG9Nh2OyCbUx5O5ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNzAyMDgyNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWM2OWE0ODQ2ZTEyNDcxNTU4NTAyNWJhNjEyODFkOGYzNzRmZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhXXx3KtfGe++tP4gpnqfvOkn49E
52PfDHgjZKqkpBem8RBsKh3uqmFrqgoUlF0SnRmulwzxiwPvZukiTaIGloXjmwBo
eOLL+vVEQDrOvyJyyaMf6DvBY9p6DIx4WDgRUlODp6so/+ySgcrf7A3gxzgtGRFm
KFJz1mmhVEAq729FCT0LSmg+hJKvUy18Y41Moy0Bv3jtR3iQdrGpIsHAuj3lcS3l
NByWvd6zTJXzGt8XZpZphIBLRpda/KHvjnBemID3W12P/abrvRP5g/AVboY6XDok
1MtMWK3woFnFKSqUQRCFZR7BLu7HBxvDiB3ABYqw0DICoxlSAL2EbVmhbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnGmkhG4SRxVYUCW6YSgdjzdP9KMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvR2NhYVNFYmhKSEZWaFFKYnBoS0IyUE4wXzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvluMA0G
CSqGSIb3DQEBCwUAA4IBAQBjols+3i9O7Ql2dnAUM1okmKeRD+uA0CewsW+/HJCg
Jg4baYso0JFwN2IJ2EwY+MW6QPnsxl/MTSs1EFT37Rfc1k3BXvLjLfeTHSzBVQu/
3DJUyVlCtVy/tksEQrXfesncuIVpOIomfkzczgrlMNV1nJ3ajH0jFQTxzrYZJ8WX
jWyWZRaZeGVidJbFDdqN/iRngpA2UeZCaBAgYZ3U5uEMVzw0L4J+z+l3GEEHIxzs
RLUqgb9n31jnfyoNvQMx/WuQvrURWEW4eNxa0mbeyt5TurHtQWeD6IgdIYgjjgbC
AKNul60KUzsH3/VlUIO3FYhNdd/kySlHPH7rQsCKbI5v
-----END CERTIFICATE-----
Generated at Sun Jul 6 09:14:26 2025 by rpki-client