Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GErM7mu8JxNTaI_SrQUXoWQV_dM.roa
File: GErM7mu8JxNTaI_SrQUXoWQV_dM.roa (raw, json)
Hash identifier: G6mgvHS6fGMGG4f07hJIg6yDzR5oAfKUkBuf9ZZp8Fo=
Subject key identifier: 18:4A:CC:EE:6B:BC:27:13:53:68:8F:D2:AD:05:17:A1:64:15:FD:D3
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D981C1A1ED4A52684BFA6B6BF8F60A
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GErM7mu8JxNTaI_SrQUXoWQV_dM.roa
Signing time: Thu 02 Jan 2025 11:49:36 +0000
ROA not before: Thu 02 Jan 2025 11:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62119
IP address blocks: 194.147.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 16:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:81:c1:a1:ed:4a:52:68:4b:fa:6b:6b:f8:f6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=184accee6bbc271353688fd2ad0517a16415fdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:31:67:ad:76:47:69:15:52:c7:72:a2:44:
14:0c:19:55:e0:d1:de:d3:c7:a5:81:d9:50:35:f4:
8d:9d:87:e1:40:80:22:cd:ea:40:85:17:2e:bb:66:
07:b9:13:18:48:d5:e4:b9:69:97:25:38:49:52:8c:
d3:cd:35:e6:c0:e4:4c:6f:ea:4c:13:01:de:ce:78:
e8:fa:16:41:43:e6:76:01:e5:e5:12:ad:8e:bf:bc:
91:76:6a:59:60:c5:19:1f:ea:c8:aa:99:88:77:1a:
a6:16:51:38:1f:3a:b0:e5:5f:2a:ab:c6:69:00:4f:
d5:b9:d9:23:97:de:77:94:0c:67:cc:56:e5:33:ab:
50:12:22:27:db:a5:18:bc:39:72:40:5d:2f:51:07:
68:78:20:c6:e1:29:d5:b2:21:c4:87:e1:a0:e2:c5:
69:ed:5d:7c:24:cc:64:3a:4a:63:fa:b3:33:9f:c6:
90:23:00:91:99:f0:4b:e4:9f:5c:7d:59:4f:cf:1e:
96:56:da:e1:05:4d:d0:a7:1f:f6:2d:74:61:40:7a:
79:fa:c1:02:54:af:ac:2d:32:67:3f:84:62:5b:ac:
d3:38:5e:ac:f8:3e:dd:88:65:af:38:cb:61:2c:e4:
f5:6c:5b:e2:ea:4d:d9:03:63:a4:85:14:90:4a:ab:
79:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4A:CC:EE:6B:BC:27:13:53:68:8F:D2:AD:05:17:A1:64:15:FD:D3
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GErM7mu8JxNTaI_SrQUXoWQV_dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.97.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c0:a8:4c:05:b6:7d:2e:bf:45:27:be:db:00:62:97:bd:4c:
e6:57:ce:b7:9c:11:6e:5d:0a:34:d6:34:45:f0:a7:8b:af:d1:
6b:39:26:e3:86:2d:93:f4:d1:39:f5:2e:3a:b8:15:04:f2:be:
8a:0e:6a:92:7a:5c:db:bb:90:60:da:a1:38:61:bb:f0:9d:88:
2b:03:2d:33:cf:4b:76:84:19:7d:35:72:56:e1:4e:64:c2:85:
44:fa:e0:01:f4:48:4c:f2:1c:59:2a:78:7d:83:47:a1:8d:9e:
96:16:3f:6c:e5:e3:06:f6:2a:93:a4:a2:89:ef:4f:b9:96:ae:
b5:95:1d:f4:92:5c:d9:88:ca:d2:a6:1b:aa:22:ca:18:d3:4d:
fb:ae:df:86:7f:be:f9:08:8b:8d:08:80:fb:b4:4a:47:a4:17:
0c:47:00:05:95:e2:78:e4:a4:a9:8c:12:6d:8f:57:5a:e6:4c:
ee:b6:56:d8:c3:55:b8:cb:0e:81:d4:1b:5f:8e:de:6f:76:6d:
fb:2e:f2:a3:21:c4:bf:79:87:1d:d3:74:6e:6d:49:f8:03:c3:
00:c6:42:06:39:3e:b7:33:51:6a:49:78:cf:e0:82:50:92:32:
51:73:ce:cf:94:25:3c:af:66:99:d0:90:8e:0a:47:c9:65:63:
47:88:97:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2YHBoe1KUmhL+mtr+PYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRhY2NlZTZiYmMyNzEzNTM2ODhmZDJhZDA1MTdhMTY0MTVmZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRMxZ612R2kVUsdyokQUDBlV4NHe
08elgdlQNfSNnYfhQIAizepAhRcuu2YHuRMYSNXkuWmXJThJUozTzTXmwORMb+pM
EwHeznjo+hZBQ+Z2AeXlEq2Ov7yRdmpZYMUZH+rIqpmIdxqmFlE4Hzqw5V8qq8Zp
AE/Vudkjl953lAxnzFblM6tQEiIn26UYvDlyQF0vUQdoeCDG4SnVsiHEh+Gg4sVp
7V18JMxkOkpj+rMzn8aQIwCRmfBL5J9cfVlPzx6WVtrhBU3Qpx/2LXRhQHp5+sEC
VK+sLTJnP4RiW6zTOF6s+D7diGWvOMthLOT1bFvi6k3ZA2OkhRSQSqt5SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhKzO5rvCcTU2iP0q0FF6FkFf3TMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvR0VyTTdtdThKeE5UYUlfU3JRVVhvV1FWX2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpNhMA0G
CSqGSIb3DQEBCwUAA4IBAQB5wKhMBbZ9Lr9FJ77bAGKXvUzmV863nBFuXQo01jRF
8KeLr9FrOSbjhi2T9NE59S46uBUE8r6KDmqSelzbu5Bg2qE4YbvwnYgrAy0zz0t2
hBl9NXJW4U5kwoVE+uAB9EhM8hxZKnh9g0ehjZ6WFj9s5eMG9iqTpKKJ70+5lq61
lR30klzZiMrSphuqIsoY0037rt+Gf775CIuNCID7tEpHpBcMRwAFleJ45KSpjBJt
j1da5kzutlbYw1W4yw6B1Btfjt5vdm37LvKjIcS/eYcd03RubUn4A8MAxkIGOT63
M1FqSXjP4IJQkjJRc87PlCU8r2aZ0JCOCkfJZWNHiJe7
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:07:18 2025 by rpki-client