Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/gR0LYM6QGI-qsid_nSKtkxsGl7k.roa
File: gR0LYM6QGI-qsid_nSKtkxsGl7k.roa (raw, json)
Hash identifier: ZNyhf/gNov+ZA8ZlWmnXcmM+r4ht/hEtiegrCZhA7GA=
Subject key identifier: 81:1D:0B:60:CE:90:18:8F:AA:B2:27:7F:9D:22:AD:93:1B:06:97:B9
Certificate issuer: /CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Certificate serial: 01942747AA97AD1D391601B11D3F12BAC3F0
Authority key identifier: 23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/gR0LYM6QGI-qsid_nSKtkxsGl7k.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56337
IP address blocks: 185.101.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:aa:97:ad:1d:39:16:01:b1:1d:3f:12:ba:c3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=811d0b60ce90188faab2277f9d22ad931b0697b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:2c:c4:c6:1d:90:20:e3:bb:18:88:77:93:
3c:a6:6a:9f:20:23:3a:f6:3b:50:43:b6:04:da:a9:
55:cc:09:3f:87:59:c6:7d:93:2b:61:14:08:e3:c1:
b1:23:1e:5d:5e:19:0e:79:3f:6f:54:90:51:42:45:
fe:ab:04:cb:cd:2d:7e:e5:ea:27:19:8d:10:a1:ec:
08:3c:ff:8e:72:02:1a:cf:49:b5:a4:d3:dc:73:0d:
72:a1:86:27:97:20:7a:98:f0:c5:d7:e8:fc:29:92:
5b:ab:b8:b8:6c:13:5a:84:c1:d7:81:0d:f5:34:35:
b4:29:2f:e5:2f:96:4a:c8:ac:3c:c7:9a:0f:56:8c:
75:a9:13:d8:54:e7:af:1c:f4:23:46:8d:79:9f:58:
96:2e:d3:2c:a4:c9:7e:a0:92:f9:2f:c3:53:4f:cb:
0d:da:38:d0:d2:fa:6b:5b:dc:79:dc:f2:76:2d:85:
fc:d6:34:ef:0e:49:0a:f8:65:6e:39:e4:1e:09:a6:
08:48:51:15:b3:38:42:3e:c7:12:3a:e8:6c:c5:bd:
bc:09:46:e6:e6:94:5d:60:6a:d1:32:ea:a5:81:be:
f4:38:ba:02:5b:21:9d:ef:e0:b7:61:ec:a7:73:54:
fc:20:32:21:fd:f8:6f:f7:be:bb:73:94:da:8e:fc:
68:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1D:0B:60:CE:90:18:8F:AA:B2:27:7F:9D:22:AD:93:1B:06:97:B9
X509v3 Authority Key Identifier:
keyid:23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/gR0LYM6QGI-qsid_nSKtkxsGl7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:45:d9:13:23:ac:3d:47:9e:71:0e:c2:36:f3:51:9f:1f:ad:
4d:22:2b:3c:5b:45:bc:f6:8a:52:95:6b:a5:a6:6c:51:ce:2a:
f3:65:69:84:48:ae:55:75:78:aa:30:99:47:4e:c1:c2:56:5f:
88:37:4f:e6:04:89:34:97:a1:6c:70:a5:4b:7c:af:03:3b:eb:
2f:95:ff:4c:ac:a9:d3:c6:73:54:11:31:37:ff:a0:d6:e3:59:
f1:16:bb:42:55:a2:6d:f6:76:03:b4:01:54:64:93:69:47:a4:
65:50:c4:6c:13:73:27:61:d9:94:1b:b5:90:c5:43:28:c5:ea:
0b:dc:ce:19:5e:30:37:30:f9:23:e9:5c:a8:25:9d:89:12:0c:
06:eb:bf:fa:cc:1a:74:5e:8f:dd:de:52:b8:32:a0:a7:36:96:
19:48:48:c9:f4:e2:fc:db:1e:09:59:ac:98:cf:6f:f8:7d:9c:
3d:e7:08:97:8b:e5:bf:5e:18:40:73:5d:14:d7:c4:38:2d:1e:
c1:6c:64:32:73:f8:d9:04:98:83:9e:d1:16:df:c8:9c:78:f5:
c3:39:36:bc:17:80:8c:9c:b9:39:b1:8a:84:c4:d2:7e:42:47:
c6:86:9b:1f:55:0e:0e:ee:e1:82:43:8f:31:93:c1:f3:2e:2d:
42:ec:3a:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6qXrR05FgGxHT8SusPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYWVlOTRkMGZmZjZjNmM3NTJhNjk0MmZmYTk2MmFlMzdj
N2U2YjYwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFkMGI2MGNlOTAxODhmYWFiMjI3N2Y5ZDIyYWQ5MzFiMDY5N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsosxMYdkCDjuxiId5M8pmqfICM6
9jtQQ7YE2qlVzAk/h1nGfZMrYRQI48GxIx5dXhkOeT9vVJBRQkX+qwTLzS1+5eon
GY0QoewIPP+OcgIaz0m1pNPccw1yoYYnlyB6mPDF1+j8KZJbq7i4bBNahMHXgQ31
NDW0KS/lL5ZKyKw8x5oPVox1qRPYVOevHPQjRo15n1iWLtMspMl+oJL5L8NTT8sN
2jjQ0vprW9x53PJ2LYX81jTvDkkK+GVuOeQeCaYISFEVszhCPscSOuhsxb28CUbm
5pRdYGrRMuqlgb70OLoCWyGd7+C3Yeync1T8IDIh/fhv9767c5TajvxoyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEdC2DOkBiPqrInf50irZMbBpe5MB8GA1UdIwQY
MBaAFCOu6U0P/2xsdSppQv+pYq43x+a2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUt
YTMxODUzZTY5OTdhLzEvZ1IwTFlNNlFHSS1xc2lkX25TS3RreHNHbDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUtYTMxODUzZTY5OTdh
LzEvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWUSMA0G
CSqGSIb3DQEBCwUAA4IBAQAaRdkTI6w9R55xDsI281GfH61NIis8W0W89opSlWul
pmxRzirzZWmESK5VdXiqMJlHTsHCVl+IN0/mBIk0l6FscKVLfK8DO+svlf9MrKnT
xnNUETE3/6DW41nxFrtCVaJt9nYDtAFUZJNpR6RlUMRsE3MnYdmUG7WQxUMoxeoL
3M4ZXjA3MPkj6VyoJZ2JEgwG67/6zBp0Xo/d3lK4MqCnNpYZSEjJ9OL82x4JWayY
z2/4fZw95wiXi+W/XhhAc10U18Q4LR7BbGQyc/jZBJiDntEW38icePXDOTa8F4CM
nLk5sYqExNJ+QkfGhpsfVQ4O7uGCQ48xk8HzLi1C7Dq9
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:01:07 2025 by rpki-client