Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Gf8Y2t4y9XW51teYl9-IOJM-QkE.roa
File: Gf8Y2t4y9XW51teYl9-IOJM-QkE.roa (raw, json)
Hash identifier: JzLxoz0gWXWBbhQLZinkEP2bb0OKmAdUFJyyBJ71KUI=
Subject key identifier: 19:FF:18:DA:DE:32:F5:75:B9:D6:D7:98:97:DF:88:38:93:3E:42:41
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0195B3426D4169361158205930D6E8241B61
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Gf8Y2t4y9XW51teYl9-IOJM-QkE.roa
Signing time: Thu 20 Mar 2025 11:13:49 +0000
ROA not before: Thu 20 Mar 2025 11:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 212.7.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:42:6d:41:69:36:11:58:20:59:30:d6:e8:24:1b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Mar 20 11:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19ff18dade32f575b9d6d79897df8838933e4241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:86:64:c4:35:e9:3e:a2:2d:5c:05:e4:0d:68:
1b:28:f0:08:f1:9c:43:4b:59:77:ca:32:da:1f:c2:
b9:c5:66:ad:32:24:c9:7c:d6:94:39:cd:0c:7d:7c:
c9:83:d9:ec:be:dc:66:28:6a:ce:54:4a:cc:3a:50:
49:c7:55:78:e9:2e:72:15:08:df:c4:89:22:8e:45:
9c:91:6d:19:af:fb:36:1e:7e:f7:8f:d6:d6:c7:6b:
62:fe:7a:81:18:02:6c:5b:d9:3e:14:c7:dc:14:50:
3f:f6:00:8d:ce:db:6f:10:42:93:17:b9:d2:38:34:
bb:a5:ca:24:a2:88:ef:64:82:ab:4f:0c:29:05:55:
bf:29:a4:e6:3b:33:de:b8:2d:6e:79:07:c0:11:18:
43:3b:3e:20:ce:b8:a6:3c:1c:fe:1e:2d:f8:52:d3:
7f:e6:c3:ca:73:8b:f3:eb:e2:e2:65:8a:6b:62:76:
52:df:74:1f:39:b4:ee:5b:98:08:69:7a:02:31:06:
6a:91:d2:4d:59:5b:d7:9c:79:0f:40:8f:66:9d:19:
d2:c4:1b:fe:63:4e:0a:49:9b:19:32:f8:11:97:3b:
89:1a:8c:48:f2:97:37:50:14:a4:23:25:d9:0c:8a:
57:64:97:d8:00:d9:d4:20:bf:4f:26:76:2a:39:5a:
89:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FF:18:DA:DE:32:F5:75:B9:D6:D7:98:97:DF:88:38:93:3E:42:41
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Gf8Y2t4y9XW51teYl9-IOJM-QkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:e5:07:ce:f2:ee:a0:f1:ae:89:8b:5d:84:89:00:f7:d2:2a:
2f:9a:fc:99:b8:62:55:6d:08:1f:7b:59:c2:bb:4e:f6:43:ca:
e7:6f:14:f8:b5:cd:da:9a:8b:35:20:b1:60:6b:b0:68:22:bd:
5a:b9:82:a1:5d:7f:8b:ff:33:33:91:46:57:fd:cd:84:a4:a8:
9c:3c:22:73:bb:37:e0:a6:64:84:7f:8f:d1:ee:17:a1:ab:67:
08:67:76:04:87:61:54:6e:c8:29:50:58:37:5f:6d:be:cb:5e:
7d:bc:43:c9:a7:08:21:64:bd:3e:15:73:a9:52:64:28:ed:55:
59:8c:92:75:af:fe:b6:2d:a5:86:fa:00:e8:37:7b:7c:c3:53:
92:97:72:4c:61:b3:ea:69:4d:52:ed:47:a7:f4:c4:d4:93:fc:
e6:a4:cd:20:ba:d8:38:20:b6:8e:a8:8f:0c:e0:15:a8:ed:5e:
e2:78:4e:c4:5f:02:68:3e:68:22:cf:a0:67:bb:a5:5b:3e:95:
a4:41:24:fc:88:5e:03:9d:f9:d2:9b:e9:4b:21:38:71:9a:50:
50:cf:89:24:9c:9d:79:d8:c9:03:d5:b9:36:dc:93:20:8f:0d:
05:6a:bf:84:08:20:b2:b7:16:04:c0:b9:68:e1:65:c3:f0:d5:
d1:8c:1c:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWzQm1BaTYRWCBZMNboJBthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjUwMzIwMTExMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZmMThkYWRlMzJmNTc1YjlkNmQ3OTg5N2RmODgzODkzM2U0MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIZkxDXpPqItXAXkDWgbKPAI8ZxD
S1l3yjLaH8K5xWatMiTJfNaUOc0MfXzJg9nsvtxmKGrOVErMOlBJx1V46S5yFQjf
xIkijkWckW0Zr/s2Hn73j9bWx2ti/nqBGAJsW9k+FMfcFFA/9gCNzttvEEKTF7nS
ODS7pcokoojvZIKrTwwpBVW/KaTmOzPeuC1ueQfAERhDOz4gzrimPBz+Hi34UtN/
5sPKc4vz6+LiZYprYnZS33QfObTuW5gIaXoCMQZqkdJNWVvXnHkPQI9mnRnSxBv+
Y04KSZsZMvgRlzuJGoxI8pc3UBSkIyXZDIpXZJfYANnUIL9PJnYqOVqJQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBn/GNreMvV1udbXmJffiDiTPkJBMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvR2Y4WTJ0NHk5WFc1MXRlWWw5LUlPSk0tUWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AfUMA0G
CSqGSIb3DQEBCwUAA4IBAQAN5QfO8u6g8a6Ji12EiQD30iovmvyZuGJVbQgfe1nC
u072Q8rnbxT4tc3amos1ILFga7BoIr1auYKhXX+L/zMzkUZX/c2EpKicPCJzuzfg
pmSEf4/R7hehq2cIZ3YEh2FUbsgpUFg3X22+y159vEPJpwghZL0+FXOpUmQo7VVZ
jJJ1r/62LaWG+gDoN3t8w1OSl3JMYbPqaU1S7Uen9MTUk/zmpM0gutg4ILaOqI8M
4BWo7V7ieE7EXwJoPmgiz6Bnu6VbPpWkQST8iF4DnfnSm+lLIThxmlBQz4kknJ15
2MkD1bk23JMgjw0Far+ECCCytxYEwLlo4WXD8NXRjBxA
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:12:23 2025 by rpki-client