Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/GYwl8BFvRYxoWPkgG0LFX5Kh3wY.roa
File: GYwl8BFvRYxoWPkgG0LFX5Kh3wY.roa (raw, json)
Hash identifier: po/DPr4lC/jP6El38brtzMkXAB3zwNPviTVID9wQBCU=
Subject key identifier: 19:8C:25:F0:11:6F:45:8C:68:58:F9:20:1B:42:C5:5F:92:A1:DF:06
Certificate issuer: /CN=9748828d7b99b0a97017ec26bcbefe96fdbe9579
Certificate serial: 019420D5CA327CD821C0870EEB48012AD068
Authority key identifier: 97:48:82:8D:7B:99:B0:A9:70:17:EC:26:BC:BE:FE:96:FD:BE:95:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/GYwl8BFvRYxoWPkgG0LFX5Kh3wY.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29432
IP address blocks: 195.140.192.0/22 maxlen: 23
2001:67c:2b0::/48 maxlen: 48
2001:7f8:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ca:32:7c:d8:21:c0:87:0e:eb:48:01:2a:d0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9748828d7b99b0a97017ec26bcbefe96fdbe9579
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=198c25f0116f458c6858f9201b42c55f92a1df06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:48:5d:b2:5c:e8:d7:42:24:cd:58:d3:4d:
f7:d4:f6:4e:73:a0:80:47:4d:bf:08:87:6f:9d:38:
06:fc:35:40:fa:90:e7:49:f3:5e:56:24:81:61:9d:
eb:92:ed:d1:68:4b:47:41:3b:01:1a:eb:02:be:b4:
07:e1:1e:c6:fa:d3:e5:df:b9:3f:8c:dd:0d:26:21:
dd:b9:12:c7:32:f3:ca:19:bb:c7:56:1a:98:b2:16:
f6:15:7a:b8:1e:5b:89:a4:cb:16:13:81:0a:4f:77:
7b:b8:8f:4b:a7:04:c6:ba:38:b9:5a:68:49:7d:1b:
d1:25:ae:a1:30:12:3d:13:65:14:8b:71:66:93:2a:
74:00:b5:27:ca:fd:4a:3c:5f:af:94:00:ab:ab:65:
ae:bb:24:36:cf:02:e1:84:3b:40:8d:69:a0:79:f3:
d4:2c:ad:17:e4:c3:39:c1:d5:f3:1a:56:ad:0a:c7:
e4:d3:ec:ec:b5:c2:e6:14:11:cf:3c:0f:51:06:3c:
3e:64:97:60:a0:e1:11:b8:26:4e:cc:4c:41:8d:57:
d3:10:61:a8:47:5d:4c:11:21:2a:e2:87:d5:f9:6c:
86:60:99:8e:0a:6e:5c:6d:f7:24:c8:a9:a6:61:09:
3a:6b:cd:44:b0:16:dc:e6:cc:1d:25:41:19:17:9d:
b9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8C:25:F0:11:6F:45:8C:68:58:F9:20:1B:42:C5:5F:92:A1:DF:06
X509v3 Authority Key Identifier:
keyid:97:48:82:8D:7B:99:B0:A9:70:17:EC:26:BC:BE:FE:96:FD:BE:95:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/GYwl8BFvRYxoWPkgG0LFX5Kh3wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.192.0/22
IPv6:
2001:67c:2b0::/48
2001:7f8:1d::/48
Signature Algorithm: sha256WithRSAEncryption
5a:3d:b5:fa:9e:3b:5d:cc:a1:bf:f7:1d:7d:8d:7a:d5:42:70:
dc:9e:57:bc:ea:0e:f0:b5:5c:ea:ce:35:c0:95:3b:21:e5:ea:
0a:a4:3f:2a:4c:0e:17:03:84:07:fd:a9:00:f6:cb:72:3f:c5:
85:00:58:72:06:6a:59:32:4b:37:af:74:f0:38:56:6f:d9:ed:
e1:b8:38:4c:8c:98:67:3d:c5:cb:85:22:25:0c:b5:db:e6:6c:
44:ce:2e:bf:73:6a:a0:78:50:3f:62:f6:b2:1c:0c:21:66:5d:
af:7f:fb:30:21:bb:41:9c:24:86:d4:d1:64:ec:05:cc:f6:31:
b6:a8:17:3b:76:32:1d:c1:8d:19:6a:2c:59:f7:01:e9:14:fe:
af:10:0e:ce:8c:be:60:87:d5:87:e8:37:44:ed:19:da:96:59:
80:64:05:39:95:13:1d:84:45:10:5f:5d:63:b9:2f:73:57:4c:
d0:ee:45:9e:59:ae:99:63:41:db:67:d7:1f:68:0c:4a:69:1f:
c6:60:6a:23:60:f8:6b:f4:80:1b:1e:fb:a9:1c:0d:0f:c2:55:
51:00:6d:99:d1:5a:65:ba:b3:ab:a1:48:53:46:e2:ea:7f:a1:
6d:13:ef:32:9f:51:6b:4a:3d:c4:80:63:a3:2a:81:76:2c:17:
8d:6e:09:a3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQg1coyfNghwIcO60gBKtBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDg4MjhkN2I5OWIwYTk3MDE3ZWMyNmJjYmVmZTk2ZmRi
ZTk1NzkwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThjMjVmMDExNmY0NThjNjg1OGY5MjAxYjQyYzU1ZjkyYTFkZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKJIXbJc6NdCJM1Y00331PZOc6CA
R02/CIdvnTgG/DVA+pDnSfNeViSBYZ3rku3RaEtHQTsBGusCvrQH4R7G+tPl37k/
jN0NJiHduRLHMvPKGbvHVhqYshb2FXq4HluJpMsWE4EKT3d7uI9LpwTGuji5WmhJ
fRvRJa6hMBI9E2UUi3Fmkyp0ALUnyv1KPF+vlACrq2WuuyQ2zwLhhDtAjWmgefPU
LK0X5MM5wdXzGlatCsfk0+zstcLmFBHPPA9RBjw+ZJdgoOERuCZOzExBjVfTEGGo
R11MESEq4ofV+WyGYJmOCm5cbfckyKmmYQk6a81EsBbc5swdJUEZF525VQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBmMJfARb0WMaFj5IBtCxV+Sod8GMB8GA1UdIwQY
MBaAFJdIgo17mbCpcBfsJry+/pb9vpV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBpQ2pYdVpzS2x3Ri13bXZMNy1sdjItbFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8xZTFlYmYtYzNhYy00OWExLWI2YTgt
YTRhMDc1Mzk4YjBlLzEvR1l3bDhCRnZSWXhvV1BrZ0cwTEZYNUtoM3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8xZTFlYmYtYzNhYy00OWExLWI2YTgtYTRhMDc1Mzk4YjBl
LzEvbDBpQ2pYdVpzS2x3Ri13bXZMNy1sdjItbFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCw4zAMBgE
AgACMBIDBwAgAQZ8ArADBwAgAQf4AB0wDQYJKoZIhvcNAQELBQADggEBAFo9tfqe
O13Mob/3HX2NetVCcNyeV7zqDvC1XOrONcCVOyHl6gqkPypMDhcDhAf9qQD2y3I/
xYUAWHIGalkySzevdPA4Vm/Z7eG4OEyMmGc9xcuFIiUMtdvmbETOLr9zaqB4UD9i
9rIcDCFmXa9/+zAhu0GcJIbU0WTsBcz2MbaoFzt2Mh3BjRlqLFn3AekU/q8QDs6M
vmCH1YfoN0TtGdqWWYBkBTmVEx2ERRBfXWO5L3NXTNDuRZ5ZrpljQdtn1x9oDEpp
H8ZgaiNg+Gv0gBse+6kcDQ/CVVEAbZnRWmW6s6uhSFNG4up/oW0T7zKfUWtKPcSA
Y6MqgXYsF41uCaM=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:36 2025 by rpki-client