Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/gl57ADSHY0k4ndDK_OjTyc2Vj-w.roa
File: gl57ADSHY0k4ndDK_OjTyc2Vj-w.roa (raw, json)
Hash identifier: K2iUKBC94qqs+lcuU9alkOi5wrj2IpvPW1nPAtFGI+M=
Subject key identifier: 82:5E:7B:00:34:87:63:49:38:9D:D0:CA:FC:E8:D3:C9:CD:95:8F:EC
Certificate issuer: /CN=4d3c5f0aa141011ce2dbf18ccceaac8d23a80253
Certificate serial: 019425FD5955043650C194A14AD1484C045A
Authority key identifier: 4D:3C:5F:0A:A1:41:01:1C:E2:DB:F1:8C:CC:EA:AC:8D:23:A8:02:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTxfCqFBARzi2_GMzOqsjSOoAlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/gl57ADSHY0k4ndDK_OjTyc2Vj-w.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1759
IP address blocks: 185.81.91.0/24 maxlen: 24
2a03:62a0:3501::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/TTxfCqFBARzi2_GMzOqsjSOoAlM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/TTxfCqFBARzi2_GMzOqsjSOoAlM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TTxfCqFBARzi2_GMzOqsjSOoAlM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:59:55:04:36:50:c1:94:a1:4a:d1:48:4c:04:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3c5f0aa141011ce2dbf18ccceaac8d23a80253
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=825e7b0034876349389dd0cafce8d3c9cd958fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:55:0b:e3:20:d7:76:c4:cd:2a:80:ef:2e:93:
a0:26:9b:2b:7c:23:d8:ee:65:00:6a:58:d2:e4:38:
7e:b8:37:56:39:15:97:31:9f:6a:c3:20:05:01:72:
b7:95:fb:4f:85:40:4f:24:8b:0b:e6:ba:37:cc:b5:
dc:67:32:a5:ff:ec:71:a9:7e:c6:82:f3:74:92:c1:
cf:73:8a:d4:61:55:81:4e:62:87:4d:b1:ff:ae:e8:
a2:d7:38:83:c4:34:b2:32:d4:5c:7f:8a:c0:54:b0:
09:d3:e2:bf:60:05:20:9d:30:82:8d:d6:ba:a4:c2:
52:91:36:a9:34:36:32:e9:0b:6f:05:8c:29:88:8a:
d3:3a:cb:98:3b:6d:cd:2e:62:ec:8c:1f:fc:40:82:
1c:01:8a:b8:61:64:88:6f:3b:7f:3a:c1:c5:ff:e6:
40:ec:53:f2:33:42:1d:a5:38:6c:fe:7c:e0:5e:58:
75:0c:65:36:dd:f9:83:66:15:d6:99:f6:2e:35:dd:
4c:d8:ec:d1:90:4c:ed:90:42:b1:0b:49:aa:9f:f2:
59:25:e8:ce:f0:c6:26:00:bb:50:da:55:e3:cc:af:
66:16:26:fd:cd:87:e8:de:28:c3:39:db:bf:8c:b9:
85:34:df:a1:e3:6f:c7:41:42:60:25:84:18:0c:fe:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5E:7B:00:34:87:63:49:38:9D:D0:CA:FC:E8:D3:C9:CD:95:8F:EC
X509v3 Authority Key Identifier:
keyid:4D:3C:5F:0A:A1:41:01:1C:E2:DB:F1:8C:CC:EA:AC:8D:23:A8:02:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTxfCqFBARzi2_GMzOqsjSOoAlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/gl57ADSHY0k4ndDK_OjTyc2Vj-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2d067c-df72-4040-bc43-19397fc76fec/1/TTxfCqFBARzi2_GMzOqsjSOoAlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.91.0/24
IPv6:
2a03:62a0:3501::/48
Signature Algorithm: sha256WithRSAEncryption
9e:2a:b9:4a:e4:03:10:6e:6c:59:4d:d1:0a:bb:20:87:fc:9f:
d2:3c:1c:9c:d8:70:0e:ea:5f:23:94:c3:d5:c0:99:56:5d:f3:
b6:8a:ac:cb:0a:7e:65:6e:fa:a4:45:51:b1:3e:52:1d:4e:58:
80:d1:bf:80:d2:e8:09:6f:0c:e9:33:b1:ed:25:0c:13:ac:84:
2e:4f:6a:24:34:bf:b2:ad:6b:a8:bf:53:11:97:f0:90:a1:5a:
1e:2c:31:67:af:30:e5:6e:83:b9:1b:d6:c1:5f:41:94:3b:73:
9a:d4:0c:c6:bd:8a:bd:14:58:57:82:62:a2:f3:2d:d4:14:1a:
7e:85:ac:f1:0f:7c:4f:7b:20:d5:72:37:6a:f9:25:84:4d:ce:
83:5d:35:ce:e0:83:c5:63:b0:d3:29:ef:27:55:90:a4:5b:2e:
9a:f5:9a:8c:89:18:84:e4:6a:fa:6e:3e:c4:1b:19:79:85:d5:
ad:a3:5f:d5:5a:42:3d:67:6a:11:7a:4f:96:1c:b1:c5:09:39:
a5:df:cb:6d:de:07:c1:df:82:50:ca:d3:d9:ec:46:96:5f:bd:
9e:8b:a6:f6:75:d3:04:90:4e:fc:aa:f6:af:6c:a2:ba:e0:dc:
01:56:ce:d8:d1:ba:16:3a:ed:f1:4b:17:7c:3b:c9:7e:57:6f:
6e:e4:b1:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/VlVBDZQwZShStFITARaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkM2M1ZjBhYTE0MTAxMWNlMmRiZjE4Y2NjZWFhYzhkMjNh
ODAyNTMwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVlN2IwMDM0ODc2MzQ5Mzg5ZGQwY2FmY2U4ZDNjOWNkOTU4ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVUL4yDXdsTNKoDvLpOgJpsrfCPY
7mUAaljS5Dh+uDdWORWXMZ9qwyAFAXK3lftPhUBPJIsL5ro3zLXcZzKl/+xxqX7G
gvN0ksHPc4rUYVWBTmKHTbH/ruii1ziDxDSyMtRcf4rAVLAJ0+K/YAUgnTCCjda6
pMJSkTapNDYy6QtvBYwpiIrTOsuYO23NLmLsjB/8QIIcAYq4YWSIbzt/OsHF/+ZA
7FPyM0IdpThs/nzgXlh1DGU23fmDZhXWmfYuNd1M2OzRkEztkEKxC0mqn/JZJejO
8MYmALtQ2lXjzK9mFib9zYfo3ijDOdu/jLmFNN+h42/HQUJgJYQYDP6QUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIJeewA0h2NJOJ3Qyvzo08nNlY/sMB8GA1UdIwQY
MBaAFE08XwqhQQEc4tvxjMzqrI0jqAJTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFR4ZkNxRkJBUnppMl9HTXpPcXNqU09vQWxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yZDA2N2MtZGY3Mi00MDQwLWJjNDMt
MTkzOTdmYzc2ZmVjLzEvZ2w1N0FEU0hZMGs0bmRES19PalR5YzJWai13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yZDA2N2MtZGY3Mi00MDQwLWJjNDMtMTkzOTdmYzc2ZmVj
LzEvVFR4ZkNxRkJBUnppMl9HTXpPcXNqU09vQWxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuVFbMA8E
AgACMAkDBwAqA2KgNQEwDQYJKoZIhvcNAQELBQADggEBAJ4quUrkAxBubFlN0Qq7
IIf8n9I8HJzYcA7qXyOUw9XAmVZd87aKrMsKfmVu+qRFUbE+Uh1OWIDRv4DS6Alv
DOkzse0lDBOshC5PaiQ0v7Kta6i/UxGX8JChWh4sMWevMOVug7kb1sFfQZQ7c5rU
DMa9ir0UWFeCYqLzLdQUGn6FrPEPfE97INVyN2r5JYRNzoNdNc7gg8VjsNMp7ydV
kKRbLpr1moyJGITkavpuPsQbGXmF1a2jX9VaQj1nahF6T5YcscUJOaXfy23eB8Hf
glDK09nsRpZfvZ6LpvZ10wSQTvyq9q9sorrg3AFWztjRuhY67fFLF3w7yX5Xb27k
sSg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:17:26 2025 by rpki-client