Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/GBjsCsDFhAmCrDosbrIyM2oi_k8.roa
File: GBjsCsDFhAmCrDosbrIyM2oi_k8.roa (raw, json)
Hash identifier: QxxcHsFFWLY2BHIJuYq1eLGTUZDCy2Zq1QP773WJCgc=
Subject key identifier: 18:18:EC:0A:C0:C5:84:09:82:AC:3A:2C:6E:B2:32:33:6A:22:FE:4F
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1D0DD768683C961C7536FFBC85C83
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/GBjsCsDFhAmCrDosbrIyM2oi_k8.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24690
IP address blocks: 91.120.58.0/24 maxlen: 24
194.88.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d0:dd:76:86:83:c9:61:c7:53:6f:fb:c8:5c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1818ec0ac0c5840982ac3a2c6eb232336a22fe4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4c:f6:ab:25:11:ad:99:1e:54:f6:d7:77:d3:
c4:e8:10:f4:88:1c:f6:b4:3c:b8:49:6e:4a:78:a2:
c9:53:04:d8:c6:cf:35:61:53:60:f5:00:d7:61:65:
83:ef:1a:36:44:c0:99:16:b7:69:fd:b5:74:80:68:
c6:57:7f:f1:44:ee:3c:6f:02:77:3f:5d:c4:16:72:
dd:53:2c:3c:d4:26:ce:2c:34:86:3c:72:61:61:f5:
43:71:4f:e6:89:cb:5a:85:8a:97:dc:75:7b:68:3c:
ac:c0:dd:f9:b3:a3:ea:80:07:04:7e:74:0c:0f:0e:
a3:3d:75:9a:f4:bd:d5:60:fc:27:f3:17:dd:50:25:
e2:7e:5d:22:4c:50:bc:6a:03:1d:9a:d1:d2:ae:e2:
00:e6:fb:14:c8:fe:3d:44:31:e2:d3:81:a5:ea:39:
14:b7:02:ba:9e:d7:45:14:6e:41:15:83:30:13:4a:
d0:ed:f5:b4:0d:88:46:a3:67:1e:fd:52:01:4d:0c:
9c:77:f9:1c:82:a5:4e:a6:d6:64:38:a5:04:99:08:
22:80:c4:8f:02:92:13:14:7f:81:11:88:aa:8c:2d:
7d:c2:84:56:1e:1c:1d:20:a7:57:64:73:66:55:27:
fb:3a:ca:3b:0a:ac:b6:86:6b:79:90:8e:25:e8:3d:
a0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:18:EC:0A:C0:C5:84:09:82:AC:3A:2C:6E:B2:32:33:6A:22:FE:4F
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/GBjsCsDFhAmCrDosbrIyM2oi_k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.58.0/24
194.88.40.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:0b:91:6f:bd:56:3e:6f:08:2d:f0:25:4f:27:50:27:f0:b4:
8e:b7:b5:9a:4c:8f:b6:f7:86:ec:9a:00:4e:42:1f:06:b5:64:
65:24:3b:1b:01:53:87:12:32:13:02:fc:6a:dc:90:51:05:f9:
a8:92:dc:d9:c6:33:18:7f:17:13:5e:e4:db:2a:0e:c2:50:bf:
42:d8:ec:58:f2:b2:34:e8:46:43:3d:e9:cc:46:22:6e:54:fd:
ea:6c:a0:44:9d:e8:cf:22:51:1d:72:d6:12:39:f3:4b:5f:fc:
47:0e:00:ae:d7:08:c2:14:41:8c:25:79:57:72:f7:9d:09:49:
2f:d2:1a:d2:16:ce:07:2b:45:86:e3:f2:d2:05:85:26:f2:f1:
70:fe:51:64:e1:7c:c6:84:63:60:01:ff:6d:43:b8:ae:d4:ea:
fb:ce:00:07:bb:1a:b5:44:ea:b3:21:b2:8a:11:cd:85:05:42:
1c:a2:5f:ec:f2:3a:1c:9c:3a:f0:85:bc:cd:9b:b1:ef:c3:22:
d7:49:7a:1a:b0:e8:76:6d:35:84:70:7f:9a:39:35:01:71:b9:
a3:54:a4:0e:33:dc:d1:bd:08:72:a4:bb:5c:7e:62:53:39:49:
46:f1:6d:af:ce:ac:a4:1e:b7:65:98:c4:7f:9c:68:1a:0a:06:
ea:a3:9e:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsdDddoaDyWHHU2/7yFyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE4ZWMwYWMwYzU4NDA5ODJhYzNhMmM2ZWIyMzIzMzZhMjJmZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkz2qyURrZkeVPbXd9PE6BD0iBz2
tDy4SW5KeKLJUwTYxs81YVNg9QDXYWWD7xo2RMCZFrdp/bV0gGjGV3/xRO48bwJ3
P13EFnLdUyw81CbOLDSGPHJhYfVDcU/mictahYqX3HV7aDyswN35s6PqgAcEfnQM
Dw6jPXWa9L3VYPwn8xfdUCXifl0iTFC8agMdmtHSruIA5vsUyP49RDHi04Gl6jkU
twK6ntdFFG5BFYMwE0rQ7fW0DYhGo2ce/VIBTQycd/kcgqVOptZkOKUEmQgigMSP
ApITFH+BEYiqjC19woRWHhwdIKdXZHNmVSf7Oso7Cqy2hmt5kI4l6D2g8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBgY7ArAxYQJgqw6LG6yMjNqIv5PMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvR0Jqc0NzREZoQW1DckRvc2JySXlNMm9pX2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW3g6AwQA
wlgoMA0GCSqGSIb3DQEBCwUAA4IBAQAuC5FvvVY+bwgt8CVPJ1An8LSOt7WaTI+2
94bsmgBOQh8GtWRlJDsbAVOHEjITAvxq3JBRBfmoktzZxjMYfxcTXuTbKg7CUL9C
2OxY8rI06EZDPenMRiJuVP3qbKBEnejPIlEdctYSOfNLX/xHDgCu1wjCFEGMJXlX
cvedCUkv0hrSFs4HK0WG4/LSBYUm8vFw/lFk4XzGhGNgAf9tQ7iu1Or7zgAHuxq1
ROqzIbKKEc2FBUIcol/s8jocnDrwhbzNm7HvwyLXSXoasOh2bTWEcH+aOTUBcbmj
VKQOM9zRvQhypLtcfmJTOUlG8W2vzqykHrdlmMR/nGgaCgbqo554
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:19:37 2025 by rpki-client