Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/GLpHbmgk_HKZm99_6XW1zFhPnQ0.roa
File: GLpHbmgk_HKZm99_6XW1zFhPnQ0.roa (raw, json)
Hash identifier: L9ftFB4BS92bIq/ClzkGPs+4wSqKQ5UFQA3ipP2ayPk=
Subject key identifier: 18:BA:47:6E:68:24:FC:72:99:9B:DF:7F:E9:75:B5:CC:58:4F:9D:0D
Certificate issuer: /CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Certificate serial: 019425FC5B46E9313C29B48875C37881C4C3
Authority key identifier: E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/GLpHbmgk_HKZm99_6XW1zFhPnQ0.roa
Signing time: Thu 02 Jan 2025 07:48:02 +0000
ROA not before: Thu 02 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12773
IP address blocks: 130.193.73.0/24 maxlen: 24
185.28.108.0/24 maxlen: 24
185.28.109.0/24 maxlen: 24
185.28.110.0/24 maxlen: 24
185.28.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5b:46:e9:31:3c:29:b4:88:75:c3:78:81:c4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Validity
Not Before: Jan 2 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18ba476e6824fc72999bdf7fe975b5cc584f9d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8a:87:21:9b:19:f6:8e:88:92:3f:24:f9:c9:
23:64:80:0f:ab:86:9d:f0:f4:3b:9e:ba:49:98:39:
18:ae:63:93:cf:a1:b2:5e:0e:cb:fc:14:94:93:f5:
00:bc:8a:71:fd:ca:64:bd:ef:d2:d4:54:d3:9c:44:
11:41:f4:20:51:d6:6b:83:64:fc:89:9a:66:a2:d7:
22:3c:b1:f8:03:0a:cb:12:79:5d:37:9f:c5:c7:b0:
62:2b:34:d9:5d:f4:60:7a:29:03:72:8c:33:3b:d5:
45:71:25:a4:2c:91:f2:b6:41:fe:38:d6:fc:21:a1:
ad:24:49:46:e8:08:7d:ba:c0:8d:d1:33:c4:b2:87:
75:ae:b3:7f:4e:bc:a8:32:a1:85:48:02:68:67:d4:
bf:d5:df:5e:1e:dd:f0:5e:c7:cf:17:d6:62:f1:2f:
6e:48:7f:bd:34:af:40:57:9f:b6:a6:75:ba:91:90:
e3:f8:56:61:d0:97:b2:00:1f:ea:f6:7b:66:18:e5:
f8:58:04:b8:52:ae:04:97:42:8c:a9:4c:33:4c:3e:
0d:a6:a4:41:0d:2b:a5:4a:d4:e4:3d:0d:cb:fc:e1:
05:b4:75:3f:85:37:aa:37:63:5e:b3:1b:4e:46:58:
55:f4:ad:8b:7b:3f:78:fc:fe:1c:0e:fe:94:02:87:
eb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:BA:47:6E:68:24:FC:72:99:9B:DF:7F:E9:75:B5:CC:58:4F:9D:0D
X509v3 Authority Key Identifier:
keyid:E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/GLpHbmgk_HKZm99_6XW1zFhPnQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.73.0/24
185.28.108.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:87:59:94:7d:11:a1:25:81:88:28:d3:11:88:2b:e8:75:c9:
68:e8:3b:a9:71:10:4e:c6:8a:84:64:a2:c3:f2:2a:c9:56:f5:
83:36:3b:53:73:e1:e2:73:a5:45:9e:b8:af:4d:7a:f2:b0:8d:
0d:1c:e5:68:d5:f5:23:9a:cf:52:a2:3e:97:53:1f:06:b4:fb:
14:07:09:ea:5d:96:e7:07:36:6c:02:18:90:b9:75:ee:6b:0e:
98:60:d8:5a:52:73:01:5b:41:bc:bf:f8:4c:d7:b7:73:eb:e8:
63:7c:99:71:1d:23:4a:33:55:66:86:08:bd:8e:f8:46:cb:ea:
7f:1f:54:b5:6c:1d:9a:c5:b1:be:0a:ca:7f:1c:0f:5d:92:1c:
fb:f8:e0:ad:48:3b:25:67:93:8d:67:ea:b1:cd:eb:15:d0:8e:
0d:09:cf:f6:5d:93:55:b1:a8:10:8c:8c:2b:2b:57:74:51:44:
94:e0:96:45:a1:d7:78:aa:c2:83:e2:32:ab:d8:09:7e:ec:ac:
77:c5:64:1e:ad:26:df:8d:1f:f5:a5:da:ee:70:dc:9d:ee:18:
3a:d2:c1:b3:f7:be:b1:29:a8:75:9a:d9:6a:f2:01:46:dd:4d:
78:e7:52:09:0c:f9:4c:bb:cc:d7:a2:86:bf:74:23:cd:17:c9:
bc:6e:5c:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/FtG6TE8KbSIdcN4gcTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZWExNGQxMzQzYjk5MjUwNmJlZTZjM2Q5MGUxOWE2OTc5
OGIwMTgwHhcNMjUwMTAyMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGJhNDc2ZTY4MjRmYzcyOTk5YmRmN2ZlOTc1YjVjYzU4NGY5ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4qHIZsZ9o6Ikj8k+ckjZIAPq4ad
8PQ7nrpJmDkYrmOTz6GyXg7L/BSUk/UAvIpx/cpkve/S1FTTnEQRQfQgUdZrg2T8
iZpmotciPLH4AwrLEnldN5/Fx7BiKzTZXfRgeikDcowzO9VFcSWkLJHytkH+ONb8
IaGtJElG6Ah9usCN0TPEsod1rrN/TryoMqGFSAJoZ9S/1d9eHt3wXsfPF9Zi8S9u
SH+9NK9AV5+2pnW6kZDj+FZh0JeyAB/q9ntmGOX4WAS4Uq4El0KMqUwzTD4NpqRB
DSulStTkPQ3L/OEFtHU/hTeqN2NesxtORlhV9K2Lez94/P4cDv6UAofrOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBi6R25oJPxymZvff+l1tcxYT50NMB8GA1UdIwQY
MBaAFOPqFNE0O5klBr7mw9kOGaaXmLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQt
ZDRhNGYzNDcxN2YwLzEvR0xwSGJtZ2tfSEtabTk5XzZYVzF6RmhQblEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQtZDRhNGYzNDcxN2Yw
LzEvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgsFJAwQC
uRxsMA0GCSqGSIb3DQEBCwUAA4IBAQBth1mUfRGhJYGIKNMRiCvodclo6DupcRBO
xoqEZKLD8irJVvWDNjtTc+Hic6VFnrivTXrysI0NHOVo1fUjms9Soj6XUx8GtPsU
BwnqXZbnBzZsAhiQuXXuaw6YYNhaUnMBW0G8v/hM17dz6+hjfJlxHSNKM1Vmhgi9
jvhGy+p/H1S1bB2axbG+Csp/HA9dkhz7+OCtSDslZ5ONZ+qxzesV0I4NCc/2XZNV
sagQjIwrK1d0UUSU4JZFodd4qsKD4jKr2Al+7Kx3xWQerSbfjR/1pdrucNyd7hg6
0sGz976xKah1mtlq8gFG3U1451IJDPlMu8zXooa/dCPNF8m8blz5
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:40 2025 by rpki-client