Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GE0QPlemROw8Sbhr36vqfxvh7PA.roa
File: GE0QPlemROw8Sbhr36vqfxvh7PA.roa (raw, json)
Hash identifier: +MZLj56FBFDLK0DCRu2QzT8kaBrzw0Ux8MFgsr68gZ8=
Subject key identifier: 18:4D:10:3E:57:A6:44:EC:3C:49:B8:6B:DF:AB:EA:7F:1B:E1:EC:F0
Certificate issuer: /CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Certificate serial: 01942521AFB384F2BFCC870A601545BF508E
Authority key identifier: 4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GE0QPlemROw8Sbhr36vqfxvh7PA.roa
Signing time: Thu 02 Jan 2025 03:49:12 +0000
ROA not before: Thu 02 Jan 2025 03:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 45.14.184.0/22 maxlen: 24
45.138.200.0/22 maxlen: 22
45.138.200.0/24 maxlen: 24
45.138.201.0/24 maxlen: 24
185.25.204.0/22 maxlen: 24
185.229.236.0/22 maxlen: 24
2a00:82e0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:af:b3:84:f2:bf:cc:87:0a:60:15:45:bf:50:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Validity
Not Before: Jan 2 03:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=184d103e57a644ec3c49b86bdfabea7f1be1ecf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ad:3c:89:93:ef:4f:f6:01:29:f1:e0:80:10:
42:06:57:ec:19:80:7d:43:49:60:56:06:3f:6e:da:
fc:8a:61:55:c5:bc:0c:15:81:a7:50:15:86:9c:3f:
03:29:ab:bc:e9:45:df:b1:08:14:ca:e5:d2:65:a9:
46:5d:99:08:b8:3f:f3:60:b6:de:13:f0:73:74:2c:
6e:bc:4a:23:cf:59:83:13:0c:d0:63:94:f5:07:b9:
66:0e:06:86:e4:6b:20:fb:76:58:2f:68:b2:64:e1:
a5:b0:d5:78:00:50:82:43:9c:06:82:7d:74:e0:1f:
ef:5f:72:eb:60:55:06:64:ea:95:b9:e3:fc:00:9b:
bb:81:c4:e5:dd:13:5c:77:d3:21:73:8c:d1:25:10:
7f:93:80:95:2f:09:af:11:1c:2d:21:fa:78:44:51:
f2:22:2f:a3:60:78:40:80:32:cf:c4:ef:a8:46:31:
56:da:36:75:d7:41:bd:e3:6b:a3:49:7d:ca:9b:51:
2b:7b:f4:26:f1:c1:2b:58:d0:fb:3a:cd:cd:f3:6a:
f8:67:a8:fb:17:82:61:b4:3a:2f:04:3b:2a:4a:af:
ab:38:ee:43:21:d4:ab:d3:82:b4:38:31:f2:bf:78:
64:13:d5:27:23:bb:cf:21:fb:f8:8b:d6:6b:0b:9e:
c4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4D:10:3E:57:A6:44:EC:3C:49:B8:6B:DF:AB:EA:7F:1B:E1:EC:F0
X509v3 Authority Key Identifier:
keyid:4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GE0QPlemROw8Sbhr36vqfxvh7PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.184.0/22
45.138.200.0/22
185.25.204.0/22
185.229.236.0/22
IPv6:
2a00:82e0::/40
Signature Algorithm: sha256WithRSAEncryption
75:d5:06:5d:5c:28:41:28:94:83:1b:ce:d3:a6:fc:4a:76:fa:
af:b6:f4:77:f3:da:3a:00:e9:e2:6c:b0:cc:3d:fb:7c:30:4f:
ff:4f:ed:5d:f8:8f:2e:dd:04:b4:bb:97:4e:8c:01:ea:fc:63:
da:10:6e:1e:ba:35:87:0e:02:63:ec:09:75:2d:f0:83:d2:39:
de:ed:f0:0c:f2:a2:0f:3b:7b:33:af:ee:52:07:74:ed:97:90:
0b:d1:26:b3:fd:a7:f3:b4:ce:83:e7:a3:68:5d:cb:4b:f2:e2:
c9:63:e5:33:67:51:aa:eb:89:99:f6:ff:23:fb:df:89:60:d1:
8d:52:05:70:cf:c6:fd:c2:79:fb:de:c4:12:de:b9:b4:99:8d:
8c:9f:2f:8d:2f:57:56:09:69:d9:15:93:17:38:9b:a0:a7:ed:
e6:3f:6d:de:fb:39:97:95:84:f6:21:c4:8d:95:6e:cd:21:cd:
8c:2b:19:0a:c6:59:51:e4:51:1d:6c:ff:30:c8:e8:0c:43:51:
58:e4:98:df:f7:22:08:6d:99:d2:6e:b8:86:02:43:be:4a:25:
a6:cd:34:d4:48:a4:7f:9f:9f:13:ad:d2:24:97:15:a1:15:b1:
17:4c:ff:1b:95:19:78:74:0b:21:e9:99:08:2a:21:11:b5:e3:
15:79:b7:52
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIa+zhPK/zIcKYBVFv1COMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWFhMzhlZWEzMjRlMmJkN2FiNjQyN2U3NTk2YTlmYTQx
ZGIwZTMwHhcNMjUwMTAyMDM0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRkMTAzZTU3YTY0NGVjM2M0OWI4NmJkZmFiZWE3ZjFiZTFlY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq08iZPvT/YBKfHggBBCBlfsGYB9
Q0lgVgY/btr8imFVxbwMFYGnUBWGnD8DKau86UXfsQgUyuXSZalGXZkIuD/zYLbe
E/BzdCxuvEojz1mDEwzQY5T1B7lmDgaG5Gsg+3ZYL2iyZOGlsNV4AFCCQ5wGgn10
4B/vX3LrYFUGZOqVueP8AJu7gcTl3RNcd9Mhc4zRJRB/k4CVLwmvERwtIfp4RFHy
Ii+jYHhAgDLPxO+oRjFW2jZ110G942ujSX3Km1Ere/Qm8cErWND7Os3N82r4Z6j7
F4JhtDovBDsqSq+rOO5DIdSr04K0ODHyv3hkE9UnI7vPIfv4i9ZrC57EiwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBhNED5XpkTsPEm4a9+r6n8b4ezwMB8GA1UdIwQY
MBaAFE5ao47qMk4r16tkJ+dZap+kHbDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEt
NGVlZWQ4YTQzMDhiLzEvR0UwUVBsZW1ST3c4U2JocjM2dnFmeHZoN1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEtNGVlZWQ4YTQzMDhi
LzEvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLQ64AwQC
LYrIAwQCuRnMAwQCueXsMA4EAgACMAgDBgAqAILgADANBgkqhkiG9w0BAQsFAAOC
AQEAddUGXVwoQSiUgxvO06b8Snb6r7b0d/PaOgDp4mywzD37fDBP/0/tXfiPLt0E
tLuXTowB6vxj2hBuHro1hw4CY+wJdS3wg9I53u3wDPKiDzt7M6/uUgd07ZeQC9Em
s/2n87TOg+ejaF3LS/LiyWPlM2dRquuJmfb/I/vfiWDRjVIFcM/G/cJ5+97EEt65
tJmNjJ8vjS9XVglp2RWTFziboKft5j9t3vs5l5WE9iHEjZVuzSHNjCsZCsZZUeRR
HWz/MMjoDENRWOSY3/ciCG2Z0m64hgJDvkolps001Eikf5+fE63SJJcVoRWxF0z/
G5UZeHQLIemZCCohEbXjFXm3Ug==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:23:50 2025 by rpki-client