Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GfzIravp1A-qM950EcQKAfu63d4.roa
File: GfzIravp1A-qM950EcQKAfu63d4.roa (raw, json)
Hash identifier: 4qKKF5LJkw69+LTSlZgQCwePECc0VCX/55ZPOTYfHHQ=
Subject key identifier: 19:FC:C8:AD:AB:E9:D4:0F:AA:33:DE:74:11:C4:0A:01:FB:BA:DD:DE
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01969C46D7626EAC738D36425C1306603FD1
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GfzIravp1A-qM950EcQKAfu63d4.roa
Signing time: Sun 04 May 2025 17:10:10 +0000
ROA not before: Sun 04 May 2025 17:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.238.40.0/23 maxlen: 24
217.179.50.0/23 maxlen: 24
217.179.58.0/23 maxlen: 24
217.179.72.0/23 maxlen: 24
217.179.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9c:46:d7:62:6e:ac:73:8d:36:42:5c:13:06:60:3f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: May 4 17:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19fcc8adabe9d40faa33de7411c40a01fbbaddde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b6:e9:75:98:69:bc:f9:74:cb:d0:02:66:84:
67:3b:9d:87:2a:45:1f:c3:40:15:51:73:63:f0:82:
5c:33:96:83:ab:91:8a:9b:b0:c5:b4:27:4f:cb:e2:
66:06:9b:5a:66:ed:f8:07:93:79:f9:da:d7:8a:19:
5f:8c:f2:f8:43:54:7f:d0:e4:6a:d4:a2:52:14:4d:
c5:31:88:67:d3:48:b2:64:c0:86:04:84:eb:20:41:
18:fb:63:a8:e8:66:65:4c:20:52:26:60:d2:bc:b3:
93:8e:59:ab:3d:b5:69:4e:66:19:31:28:3f:f7:b3:
2e:99:6f:42:3f:64:e9:9d:30:d4:71:ed:20:1b:2e:
8c:e3:0e:c8:9f:56:aa:38:e7:64:60:79:04:72:48:
4b:27:22:75:31:a3:c9:f1:17:b3:24:38:a6:30:f7:
25:5a:6f:31:2b:7b:01:3e:7f:50:65:1e:22:b1:6c:
87:dd:71:4c:41:90:2b:75:03:d7:a3:1c:b7:c1:85:
b7:44:71:91:9c:0a:cf:d9:da:10:ef:98:b6:9a:e1:
d7:d8:33:fd:31:0b:a6:1c:3e:6e:31:3b:dd:fe:b8:
cb:6e:93:14:33:d6:6a:d7:11:b1:4c:67:20:99:22:
52:4e:a1:db:5a:b6:fa:a1:85:cb:e4:2f:16:06:c4:
bd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FC:C8:AD:AB:E9:D4:0F:AA:33:DE:74:11:C4:0A:01:FB:BA:DD:DE
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GfzIravp1A-qM950EcQKAfu63d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.40.0/23
217.179.50.0/23
217.179.58.0/23
217.179.72.0/23
217.179.228.0/22
Signature Algorithm: sha256WithRSAEncryption
00:f1:d7:1a:c2:ee:a4:e0:c8:4d:04:a2:f9:9e:d7:bd:38:1e:
f6:06:51:b4:76:2b:91:6b:b0:05:54:ed:41:6e:a3:4d:25:21:
4e:df:9f:7d:14:bc:5c:9d:ed:e1:bd:b8:3d:fa:fd:8b:e3:65:
a3:2c:17:b4:75:58:1a:f8:49:c2:3b:4a:6c:6f:8e:df:e6:25:
a0:0c:69:f9:07:e0:99:f8:cb:e3:ba:2c:d3:c2:2f:5a:51:c1:
d0:68:72:c4:01:e7:26:ae:a9:62:96:af:7a:ab:11:ca:4f:67:
5b:3b:b7:bb:d9:29:32:e9:4a:31:cd:5f:7d:46:e8:76:e3:07:
77:d6:7d:6d:b6:19:60:b4:c4:f2:eb:1c:a7:2b:20:b0:14:56:
81:47:77:d8:3a:f7:d6:6b:d0:ca:cf:6a:d5:f6:36:af:a9:2c:
0d:40:2d:9d:b5:3e:37:ae:47:ba:86:aa:68:a5:da:0e:b3:49:
8b:4b:fd:ea:6a:20:4d:c2:bf:89:00:b6:ac:d9:84:c7:81:30:
a9:7d:59:71:fd:60:b3:79:09:46:89:3c:2f:80:ff:d7:a2:bb:
d5:26:33:f4:df:b9:c8:56:33:58:93:6f:58:dc:6f:f9:04:2c:
d9:b0:a1:0a:66:fc:e7:2e:98:d9:da:cf:5c:04:fe:c8:65:fb:
37:51:76:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZacRtdibqxzjTZCXBMGYD/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNTA0MTcxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZjYzhhZGFiZTlkNDBmYWEzM2RlNzQxMWM0MGEwMWZiYmFkZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bbpdZhpvPl0y9ACZoRnO52HKkUf
w0AVUXNj8IJcM5aDq5GKm7DFtCdPy+JmBptaZu34B5N5+drXihlfjPL4Q1R/0ORq
1KJSFE3FMYhn00iyZMCGBITrIEEY+2Oo6GZlTCBSJmDSvLOTjlmrPbVpTmYZMSg/
97MumW9CP2TpnTDUce0gGy6M4w7In1aqOOdkYHkEckhLJyJ1MaPJ8RezJDimMPcl
Wm8xK3sBPn9QZR4isWyH3XFMQZArdQPXoxy3wYW3RHGRnArP2doQ75i2muHX2DP9
MQumHD5uMTvd/rjLbpMUM9Zq1xGxTGcgmSJSTqHbWrb6oYXL5C8WBsS9tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBn8yK2r6dQPqjPedBHECgH7ut3eMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvR2Z6SXJhdnAxQS1xTTk1MEVjUUtBZnU2M2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwu4oAwQB
2bMyAwQB2bM6AwQB2bNIAwQC2bPkMA0GCSqGSIb3DQEBCwUAA4IBAQAA8dcawu6k
4MhNBKL5nte9OB72BlG0diuRa7AFVO1BbqNNJSFO3599FLxcne3hvbg9+v2L42Wj
LBe0dVga+EnCO0psb47f5iWgDGn5B+CZ+MvjuizTwi9aUcHQaHLEAecmrqlilq96
qxHKT2dbO7e72Sky6UoxzV99Ruh24wd31n1tthlgtMTy6xynKyCwFFaBR3fYOvfW
a9DKz2rV9javqSwNQC2dtT43rke6hqpopdoOs0mLS/3qaiBNwr+JALas2YTHgTCp
fVlx/WCzeQlGiTwvgP/XorvVJjP037nIVjNYk29Y3G/5BCzZsKEKZvznLpjZ2s9c
BP7IZfs3UXYP
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:52 2025 by rpki-client