Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gh6mR4jLlQ82321Iq1sQtv-cYq8.roa
File: gh6mR4jLlQ82321Iq1sQtv-cYq8.roa (raw, json)
Hash identifier: D+W6hhxHtb7k26xGgAOVE3MJXjwZqO66BKkTploI42s=
Subject key identifier: 82:1E:A6:47:88:CB:95:0F:36:DF:6D:48:AB:5B:10:B6:FF:9C:62:AF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143F966DDB650857442FF41130F486E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gh6mR4jLlQ82321Iq1sQtv-cYq8.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141968
IP address blocks: 82.153.226.0/24 maxlen: 24
109.176.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f9:66:dd:b6:50:85:74:42:ff:41:13:0f:48:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=821ea64788cb950f36df6d48ab5b10b6ff9c62af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:65:1b:83:73:fb:18:dc:28:e0:4e:25:d8:26:
8f:39:44:e0:6c:f7:28:e9:ee:68:73:34:66:a8:63:
68:4c:3d:ea:dc:9c:07:7e:43:b4:e0:fd:a6:3c:43:
8e:13:ed:7b:99:1b:6b:c1:fe:cf:96:f6:c6:17:1d:
58:27:61:c6:91:dc:f3:d3:a1:00:74:b7:26:ee:c8:
c7:e8:56:9b:95:3c:f7:0d:00:b7:bb:a2:ca:17:9a:
3a:30:5d:30:ff:e5:af:b1:30:82:a5:6f:8b:10:c1:
d9:b5:d8:81:77:14:62:4d:7c:41:28:51:15:26:16:
52:92:07:0c:23:fb:13:b1:81:55:28:aa:88:e8:24:
59:4a:bd:e8:89:a2:dc:8d:53:53:78:a5:ee:97:a0:
53:9b:f4:32:9c:c6:59:51:38:9d:97:0b:69:ca:4f:
32:e1:a9:dd:65:20:49:a7:15:7c:c7:45:8f:f6:8d:
9e:3b:a7:4e:6f:0b:89:15:2a:0d:fc:1e:78:e1:0f:
bf:42:ec:6b:86:5c:a8:83:a9:89:4f:eb:48:db:89:
28:49:29:88:20:9d:36:f1:b3:4b:8a:0e:bd:90:86:
59:99:a5:41:0b:51:41:1b:ea:62:0e:04:60:d9:ba:
ad:04:3e:c4:6f:ae:61:d4:ac:ed:c5:47:17:20:3e:
f2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1E:A6:47:88:CB:95:0F:36:DF:6D:48:AB:5B:10:B6:FF:9C:62:AF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gh6mR4jLlQ82321Iq1sQtv-cYq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.226.0/24
109.176.17.0/24
Signature Algorithm: sha256WithRSAEncryption
15:3d:30:43:2a:be:9a:6c:1a:20:1b:28:63:a9:a3:a2:99:5c:
32:d7:07:3c:06:49:55:2b:33:59:bd:8c:79:91:2f:c5:e9:90:
c7:6b:25:ca:c8:2a:88:d9:b6:f7:a7:1d:7b:2c:bd:3a:52:ce:
41:36:f7:88:b6:4e:94:ee:88:0d:7b:b1:1f:78:8d:00:75:b7:
58:24:1f:39:9c:36:6a:3d:b8:ea:94:c7:4d:35:76:bd:98:41:
e6:77:a1:51:61:c6:b6:50:64:83:55:d1:af:4e:9a:6a:ed:0a:
99:be:92:b4:39:d0:d1:6f:56:a9:dc:20:dd:9e:7e:03:9a:e7:
f9:fe:4a:44:f2:28:81:25:a7:90:94:da:4d:85:e0:11:b2:f4:
97:4d:af:84:95:f0:36:59:0e:0e:a9:ae:41:34:40:4f:b9:4b:
da:5c:74:d2:23:cf:a0:f2:98:dd:c8:42:3d:18:14:2e:97:5d:
1e:c3:8e:b0:29:e9:6a:b0:41:36:35:7a:3f:b0:d2:39:c4:8a:
46:87:76:85:f5:d4:fa:02:8b:e8:9e:ea:36:9b:6f:8b:42:34:
92:15:91:d9:be:db:dd:4a:3a:62:b6:85:ce:65:ba:a3:de:ad:
8f:7b:8f:31:af:30:d7:97:f5:58:a1:fb:e7:1a:83:d9:4f:b0:
b4:e5:cd:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ/lm3bZQhXRC/0ETD0huMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFlYTY0Nzg4Y2I5NTBmMzZkZjZkNDhhYjViMTBiNmZmOWM2MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GUbg3P7GNwo4E4l2CaPOUTgbPco
6e5oczRmqGNoTD3q3JwHfkO04P2mPEOOE+17mRtrwf7PlvbGFx1YJ2HGkdzz06EA
dLcm7sjH6FablTz3DQC3u6LKF5o6MF0w/+WvsTCCpW+LEMHZtdiBdxRiTXxBKFEV
JhZSkgcMI/sTsYFVKKqI6CRZSr3oiaLcjVNTeKXul6BTm/QynMZZUTidlwtpyk8y
4andZSBJpxV8x0WP9o2eO6dObwuJFSoN/B544Q+/Quxrhlyog6mJT+tI24koSSmI
IJ028bNLig69kIZZmaVBC1FBG+piDgRg2bqtBD7Eb65h1KztxUcXID7ybQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIIepkeIy5UPNt9tSKtbELb/nGKvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ2g2bVI0akxsUTgyMzIxSXExc1F0di1jWXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpniAwQA
bbARMA0GCSqGSIb3DQEBCwUAA4IBAQAVPTBDKr6abBogGyhjqaOimVwy1wc8BklV
KzNZvYx5kS/F6ZDHayXKyCqI2bb3px17LL06Us5BNveItk6U7ogNe7EfeI0AdbdY
JB85nDZqPbjqlMdNNXa9mEHmd6FRYca2UGSDVdGvTppq7QqZvpK0OdDRb1ap3CDd
nn4Dmuf5/kpE8iiBJaeQlNpNheARsvSXTa+ElfA2WQ4Oqa5BNEBPuUvaXHTSI8+g
8pjdyEI9GBQul10ew46wKelqsEE2NXo/sNI5xIpGh3aF9dT6Aovonuo2m2+LQjSS
FZHZvtvdSjpitoXOZbqj3q2Pe48xrzDXl/VYofvnGoPZT7C05c0r
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:48:59 2025 by rpki-client