Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/gvR46ytTmKrRi4maCYGnQqf4WI8.roa
File: gvR46ytTmKrRi4maCYGnQqf4WI8.roa (raw, json)
Hash identifier: ViNC6FNBy9cckM8WILnCXIRpeOOtSFGRhOo8i05WQf8=
Subject key identifier: 82:F4:78:EB:2B:53:98:AA:D1:8B:89:9A:09:81:A7:42:A7:F8:58:8F
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 01942444A6CA9B4C3E26B295A0EB4FC97817
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/gvR46ytTmKrRi4maCYGnQqf4WI8.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213303
IP address blocks: 185.228.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a6:ca:9b:4c:3e:26:b2:95:a0:eb:4f:c9:78:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82f478eb2b5398aad18b899a0981a742a7f8588f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:80:68:3d:19:41:6a:35:35:c8:d0:12:9f:
fa:1d:e9:c7:66:cd:98:2a:3a:0d:97:2b:ef:d8:ad:
a3:66:96:1d:ed:37:09:8a:c5:77:25:4c:0c:7e:d3:
22:05:83:ed:05:de:58:c1:6f:00:97:85:b5:75:51:
44:60:cf:1a:15:48:2b:1f:4e:98:dd:f0:76:82:1c:
01:2c:9e:10:20:12:9a:e7:28:bf:04:29:3b:eb:94:
a5:68:de:fb:01:23:e5:e7:9b:37:70:01:d0:13:04:
86:8b:c6:12:5e:77:d8:5a:42:d3:4e:12:ac:a6:65:
99:47:3c:ac:30:43:43:35:59:2c:3e:6c:f8:a4:b8:
03:c9:5a:d7:a4:b1:de:92:9e:de:fc:20:31:53:17:
f2:e0:0f:f6:bc:26:0e:90:af:82:fb:01:13:04:62:
48:c2:eb:e7:11:6b:de:61:89:fe:87:4a:73:54:7c:
a2:2f:4c:3b:34:85:39:73:85:53:fc:d0:43:b0:68:
44:a1:56:87:e9:41:61:6e:ae:ce:3a:fe:52:92:35:
34:9d:88:8c:d2:cb:18:96:40:0c:90:e5:93:bf:d6:
b1:71:e4:1c:03:3c:4e:e2:e3:c8:ae:84:86:04:90:
4c:6c:78:9a:e5:77:c8:37:29:a9:7d:cc:14:a6:3d:
76:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F4:78:EB:2B:53:98:AA:D1:8B:89:9A:09:81:A7:42:A7:F8:58:8F
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/gvR46ytTmKrRi4maCYGnQqf4WI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.172.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b3:86:3d:5a:37:e9:4b:0c:57:44:c9:54:cd:2e:a9:6f:9f:
34:ba:ce:2c:4a:bb:5b:fb:2c:fd:86:a2:03:05:f3:75:fb:a0:
73:28:22:e9:a6:98:0d:77:c0:b0:39:09:3c:68:99:0d:13:60:
42:c7:c6:a0:9e:7d:65:e3:11:b1:1c:4d:88:22:6b:9c:7d:c6:
5c:f5:d4:ca:97:63:05:2d:7f:d4:a2:d8:9d:d2:25:83:79:b7:
6c:e0:56:c5:23:33:c2:d4:db:60:19:73:8c:af:0e:c7:c8:c7:
dd:1e:93:57:c2:bf:6a:8a:ac:9f:3a:9e:5f:58:a6:37:4b:50:
97:52:d5:39:fe:24:f3:11:0b:05:c2:c5:3c:b0:67:87:91:e4:
dd:09:7c:6d:a3:ad:82:92:bb:b5:4c:d0:d0:b5:d8:01:49:46:
99:4e:a6:2f:32:8a:e6:e6:72:65:b3:97:39:df:71:fc:1a:61:
c1:df:da:46:c7:12:a0:19:fa:af:7c:ce:70:05:77:89:0e:f7:
ec:89:fc:7c:c2:50:f4:d7:45:83:9c:b1:3d:f4:88:0a:e7:55:
34:be:f2:ff:5c:96:2a:13:f0:16:a6:a0:bc:f5:07:19:92:c9:
da:2c:9f:26:da:77:9d:29:56:91:bb:8e:13:18:d2:79:a0:07:
8e:bb:2d:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKbKm0w+JrKVoOtPyXgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmY0NzhlYjJiNTM5OGFhZDE4Yjg5OWEwOTgxYTc0MmE3Zjg1ODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwGAaD0ZQWo1NcjQEp/6HenHZs2Y
KjoNlyvv2K2jZpYd7TcJisV3JUwMftMiBYPtBd5YwW8Al4W1dVFEYM8aFUgrH06Y
3fB2ghwBLJ4QIBKa5yi/BCk765SlaN77ASPl55s3cAHQEwSGi8YSXnfYWkLTThKs
pmWZRzysMENDNVksPmz4pLgDyVrXpLHekp7e/CAxUxfy4A/2vCYOkK+C+wETBGJI
wuvnEWveYYn+h0pzVHyiL0w7NIU5c4VT/NBDsGhEoVaH6UFhbq7OOv5SkjU0nYiM
0ssYlkAMkOWTv9axceQcAzxO4uPIroSGBJBMbHia5XfINympfcwUpj12gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIL0eOsrU5iq0YuJmgmBp0Kn+FiPMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvZ3ZSNDZ5dFRtS3JSaTRtYUNZR25RcWY0V0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueSsMA0G
CSqGSIb3DQEBCwUAA4IBAQASs4Y9WjfpSwxXRMlUzS6pb580us4sSrtb+yz9hqID
BfN1+6BzKCLpppgNd8CwOQk8aJkNE2BCx8agnn1l4xGxHE2IImucfcZc9dTKl2MF
LX/Uotid0iWDebds4FbFIzPC1NtgGXOMrw7HyMfdHpNXwr9qiqyfOp5fWKY3S1CX
UtU5/iTzEQsFwsU8sGeHkeTdCXxto62Ckru1TNDQtdgBSUaZTqYvMorm5nJls5c5
33H8GmHB39pGxxKgGfqvfM5wBXeJDvfsifx8wlD010WDnLE99IgK51U0vvL/XJYq
E/AWpqC89QcZksnaLJ8m2nedKVaRu44TGNJ5oAeOuy0p
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:28:49 2025 by rpki-client