Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/GD4Ao9B2cz5WTYzecC-kGpGE8PU.roa
File: GD4Ao9B2cz5WTYzecC-kGpGE8PU.roa (raw, json)
Hash identifier: EMPtxZQPJUmcPd6jCs0XXLsuloEWz1y/aD3A32qr1zk=
Subject key identifier: 18:3E:00:A3:D0:76:73:3E:56:4D:8C:DE:70:2F:A4:1A:91:84:F0:F5
Certificate issuer: /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial: 019427B5BD3F804877E138B6E5B6CCC00EFC
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/GD4Ao9B2cz5WTYzecC-kGpGE8PU.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8267
IP address blocks: 149.156.0.0/16 maxlen: 16
185.92.50.0/24 maxlen: 24
193.193.64.0/21 maxlen: 21
195.150.224.0/19 maxlen: 19
2001:6d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bd:3f:80:48:77:e1:38:b6:e5:b6:cc:c0:0e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=183e00a3d076733e564d8cde702fa41a9184f0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:41:90:aa:25:d2:48:a8:0d:8d:ac:ba:16:6c:
65:95:bb:0d:31:6c:d0:ea:29:c7:7f:71:a2:9c:05:
4a:02:9b:14:89:66:62:08:3b:50:41:3f:18:e2:1e:
7f:47:95:6d:95:00:8e:22:1a:7a:38:13:cf:55:e3:
50:6f:d9:83:4e:25:fb:38:32:c3:33:5a:b7:e7:a2:
4c:06:ef:f1:cb:55:2b:10:e1:eb:b2:26:69:cd:29:
15:d5:18:f3:74:5e:f4:a7:02:da:db:82:3b:f9:5c:
e1:8e:3c:00:1a:d2:d0:a8:f8:c0:d3:dd:2e:00:54:
30:5f:44:f8:cc:02:c6:66:f4:e6:c1:fe:96:ee:ec:
23:43:82:6f:33:3d:fb:d3:de:0a:60:c5:88:4b:be:
7d:a1:2d:8a:f2:c2:a9:12:d1:2b:28:a7:d6:6e:be:
06:0c:34:cb:c3:ca:3d:e3:3b:9a:dc:44:aa:f8:03:
8d:7b:43:b3:0b:b8:61:15:f2:b5:bb:a6:76:5c:fa:
a7:1c:0a:33:e1:ec:c9:40:17:7c:5f:41:b8:a3:7c:
89:9c:c0:a4:07:c4:06:71:bd:9a:fd:33:8b:e1:f3:
1d:70:34:b1:4b:5f:df:bc:c4:54:22:a9:37:24:e4:
8a:4b:50:96:95:34:43:c5:e8:6f:3a:97:72:1c:e9:
8c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3E:00:A3:D0:76:73:3E:56:4D:8C:DE:70:2F:A4:1A:91:84:F0:F5
X509v3 Authority Key Identifier:
keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/GD4Ao9B2cz5WTYzecC-kGpGE8PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.156.0.0/16
185.92.50.0/24
193.193.64.0/21
195.150.224.0/19
IPv6:
2001:6d8::/32
Signature Algorithm: sha256WithRSAEncryption
36:28:a5:26:df:30:ba:ca:0f:1e:bd:43:f5:23:19:e7:fc:ab:
d5:42:e5:6a:a0:43:e0:f0:b3:3e:5f:91:af:d6:55:51:6a:44:
97:df:54:f9:30:38:f2:38:81:2d:a1:27:76:99:75:4f:15:62:
5e:12:c5:b6:1b:0a:ad:43:75:a8:04:ea:02:80:73:90:fd:78:
4b:08:df:25:2f:cb:2e:99:b1:e5:7c:fe:86:7f:08:8c:bf:6e:
fc:21:3c:64:91:89:e0:58:ef:e3:37:8c:13:78:ba:a3:30:b7:
f6:b4:bf:61:fd:4a:59:a1:fb:fc:1d:70:17:a5:26:b5:3f:22:
38:a6:b4:4b:7b:81:93:78:72:df:d8:70:29:f2:88:3c:34:14:
11:f9:d6:db:f4:7b:ea:51:3b:ec:92:71:31:cd:e7:67:a0:a9:
a1:7c:e8:f0:96:e6:72:9b:77:70:48:bd:9f:42:aa:55:5b:a2:
b1:93:2b:35:61:07:4f:b0:e4:e7:b4:20:c4:03:37:c1:b1:7c:
85:64:bf:62:8e:dc:99:44:fd:9d:99:d3:24:b9:8b:de:2b:a3:
2d:73:c1:47:ec:c0:d0:49:77:52:ab:83:67:fd:c7:eb:4e:55:
b5:7a:c1:5d:84:f4:18:a3:65:62:98:4e:13:69:76:52:38:3d:
40:50:9e:c5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQntb0/gEh34Ti25bbMwA78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjE5ZTIyNGM3M2Y4M2M0ZmRkMTk2ZDA2NjA4YWViM2E4
ODE4MDQwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNlMDBhM2QwNzY3MzNlNTY0ZDhjZGU3MDJmYTQxYTkxODRmMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkGQqiXSSKgNjay6FmxllbsNMWzQ
6inHf3GinAVKApsUiWZiCDtQQT8Y4h5/R5VtlQCOIhp6OBPPVeNQb9mDTiX7ODLD
M1q356JMBu/xy1UrEOHrsiZpzSkV1RjzdF70pwLa24I7+VzhjjwAGtLQqPjA090u
AFQwX0T4zALGZvTmwf6W7uwjQ4JvMz37094KYMWIS759oS2K8sKpEtErKKfWbr4G
DDTLw8o94zua3ESq+AONe0OzC7hhFfK1u6Z2XPqnHAoz4ezJQBd8X0G4o3yJnMCk
B8QGcb2a/TOL4fMdcDSxS1/fvMRUIqk3JOSKS1CWlTRDxehvOpdyHOmMiwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBg+AKPQdnM+Vk2M3nAvpBqRhPD1MB8GA1UdIwQY
MBaAFPjxniJMc/g8T90ZbQZgius6iBgEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QR2VJa3h6LUR4UDNSbHRCbUNLNnpxSUdBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUx
LTE2Y2Q4ZjRmYjRiOS8xL0dENEFvOUIyY3o1V1RZemVjQy1rR3BHRThQVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUxLTE2Y2Q4ZjRmYjRi
OS8xLzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMB0EAgABMBcDAwCVnAME
ALlcMgMEA8HBQAMEBcOW4DANBAIAAjAHAwUAIAEG2DANBgkqhkiG9w0BAQsFAAOC
AQEANiilJt8wusoPHr1D9SMZ5/yr1ULlaqBD4PCzPl+Rr9ZVUWpEl99U+TA48jiB
LaEndpl1TxViXhLFthsKrUN1qATqAoBzkP14SwjfJS/LLpmx5Xz+hn8IjL9u/CE8
ZJGJ4Fjv4zeME3i6ozC39rS/Yf1KWaH7/B1wF6UmtT8iOKa0S3uBk3hy39hwKfKI
PDQUEfnW2/R76lE77JJxMc3nZ6CpoXzo8Jbmcpt3cEi9n0KqVVuisZMrNWEHT7Dk
57QgxAM3wbF8hWS/Yo7cmUT9nZnTJLmL3iujLXPBR+zA0El3UquDZ/3H605VtXrB
XYT0GKNlYphOE2l2Ujg9QFCexQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:59:23 2025 by rpki-client