Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/GzhIxob9bA8Czihl63s_AVDH8xs.roa
File: GzhIxob9bA8Czihl63s_AVDH8xs.roa (raw, json)
Hash identifier: WxcqeaBj1wEhDd9uj+K5AOhKzURT0h/j4LhtZQ31WLU=
Subject key identifier: 1B:38:48:C6:86:FD:6C:0F:02:CE:28:65:EB:7B:3F:01:50:C7:F3:1B
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 01942220063F0879E391677BCF067A3E6B5D
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/GzhIxob9bA8Czihl63s_AVDH8xs.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59811
IP address blocks: 185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 32
2a0b:8640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:06:3f:08:79:e3:91:67:7b:cf:06:7a:3e:6b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b3848c686fd6c0f02ce2865eb7b3f0150c7f31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f3:76:4d:f9:4d:f3:c1:8e:fb:7c:96:27:34:
2d:72:35:3f:ea:fa:e4:f3:97:7d:42:80:b2:57:40:
52:7e:c0:84:cc:e8:04:b7:1e:82:4e:e7:4b:fb:76:
87:b3:cc:90:9b:20:d8:08:93:e8:44:44:8c:80:6d:
03:1a:86:34:53:b7:3c:2c:57:bc:b4:63:19:02:f9:
94:23:ae:24:77:c5:70:79:b2:e3:82:df:f2:14:67:
86:29:71:1c:04:02:02:4e:b6:5e:ac:f8:af:2a:2c:
d6:46:36:61:b4:9c:0b:20:11:58:a2:b1:f3:52:91:
31:a5:b6:12:8c:3e:57:ea:ac:31:5a:72:15:f7:d4:
ae:3a:67:4c:70:d5:0d:c5:ad:5f:95:df:29:cb:76:
2a:d7:af:c1:4d:ab:5a:1b:61:30:cb:41:ca:65:cb:
10:f3:81:b4:6e:7d:bc:25:e3:5d:52:5e:2e:d9:81:
ed:8e:83:0d:0a:56:f2:0f:3b:57:b0:54:a0:52:de:
f5:84:ee:0d:d1:af:83:ba:90:59:75:aa:4d:99:6d:
af:04:af:51:01:9b:58:e3:95:d9:b3:8b:d9:e9:1b:
fc:85:86:7f:67:d6:d4:af:86:cc:ec:ca:9c:74:36:
b0:03:2b:87:fa:87:34:00:3d:88:9f:46:e6:8b:21:
6f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:38:48:C6:86:FD:6C:0F:02:CE:28:65:EB:7B:3F:01:50:C7:F3:1B
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/GzhIxob9bA8Czihl63s_AVDH8xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
Signature Algorithm: sha256WithRSAEncryption
39:af:49:54:7c:7c:33:1e:d2:d4:35:e3:ec:b1:07:48:fc:5e:
d2:15:08:04:3b:d9:86:a2:51:1b:d0:dc:df:bc:8b:62:90:05:
69:3e:45:5e:d8:d9:c9:98:29:9c:45:0b:f4:bc:7f:6e:90:a8:
fb:53:d0:3e:64:ea:7e:79:66:f3:5b:8d:3c:51:16:41:bc:6a:
6c:49:a5:cd:b8:c1:91:59:76:eb:95:4d:9c:fb:3c:c3:17:f9:
c6:d9:f9:9c:b3:b9:78:e2:0b:95:ea:21:8a:db:3c:a9:c6:78:
bb:1f:df:25:2c:a5:1b:4b:26:57:d4:68:d5:45:7b:a2:ea:22:
a0:7a:eb:fe:2e:2c:f7:29:1d:92:69:98:62:b7:44:df:44:e7:
95:9d:61:35:90:e9:e3:cd:f4:79:3f:7a:5b:43:1b:24:06:dc:
53:1f:dd:8b:95:3b:ba:a9:09:f2:67:6b:71:aa:a0:25:b1:43:
53:99:e2:b8:9c:6a:af:ff:e0:d6:ca:54:9b:bb:89:3d:b0:52:
a2:13:9b:d6:f8:1a:d8:37:8a:7f:aa:05:b7:b7:8f:53:f4:13:
c4:d8:dc:5f:ce:ca:e9:8d:41:27:11:55:16:eb:06:85:22:6d:
c9:af:8e:0d:12:aa:5c:5a:da:4f:b0:72:ad:6b:23:f9:72:d0:
d8:d4:0e:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiIAY/CHnjkWd7zwZ6PmtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM4NDhjNjg2ZmQ2YzBmMDJjZTI4NjVlYjdiM2YwMTUwYzdmMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvN2TflN88GO+3yWJzQtcjU/6vrk
85d9QoCyV0BSfsCEzOgEtx6CTudL+3aHs8yQmyDYCJPoRESMgG0DGoY0U7c8LFe8
tGMZAvmUI64kd8VwebLjgt/yFGeGKXEcBAICTrZerPivKizWRjZhtJwLIBFYorHz
UpExpbYSjD5X6qwxWnIV99SuOmdMcNUNxa1fld8py3Yq16/BTataG2Ewy0HKZcsQ
84G0bn28JeNdUl4u2YHtjoMNClbyDztXsFSgUt71hO4N0a+DupBZdapNmW2vBK9R
AZtY45XZs4vZ6Rv8hYZ/Z9bUr4bM7MqcdDawAyuH+oc0AD2In0bmiyFvOQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBs4SMaG/WwPAs4oZet7PwFQx/MbMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvR3poSXhvYjliQThDemlobDYzc19BVkRIOHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgMAwDBAC5Qs0D
BAC5Qs4DBAC5ldADBAG5ldIDBALCAHQwFAQCAAIwDgMFAyoEGEADBQMqC4ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQA5r0lUfHwzHtLUNePssQdI/F7SFQgEO9mGolEb0Nzf
vItikAVpPkVe2NnJmCmcRQv0vH9ukKj7U9A+ZOp+eWbzW408URZBvGpsSaXNuMGR
WXbrlU2c+zzDF/nG2fmcs7l44guV6iGK2zypxni7H98lLKUbSyZX1GjVRXui6iKg
euv+Liz3KR2SaZhit0TfROeVnWE1kOnjzfR5P3pbQxskBtxTH92LlTu6qQnyZ2tx
qqAlsUNTmeK4nGqv/+DWylSbu4k9sFKiE5vW+BrYN4p/qgW3t49T9BPE2Nxfzsrp
jUEnEVUW6waFIm3Jr44NEqpcWtpPsHKtayP5ctDY1A4B
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:17:54 2025 by rpki-client