Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/GhEBs7fMOUU2KjePNnbULHKRHoA.roa
File: GhEBs7fMOUU2KjePNnbULHKRHoA.roa (raw, json)
Hash identifier: Dow24ARSNfhxgpUv5NrsgvZFPFxhNN0Fkn5hgDvl4wg=
Subject key identifier: 1A:11:01:B3:B7:CC:39:45:36:2A:37:8F:36:76:D4:2C:72:91:1E:80
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 0194221FA3329460C7690F341625632B4086
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/GhEBs7fMOUU2KjePNnbULHKRHoA.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30781
IP address blocks: 185.18.80.0/22 maxlen: 22
185.166.100.0/22 maxlen: 22
2a03:f4c0::/32 maxlen: 32
2a0c:d040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 16:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a3:32:94:60:c7:69:0f:34:16:25:63:2b:40:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a1101b3b7cc3945362a378f3676d42c72911e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:d5:d5:90:07:32:98:75:26:1c:ab:0f:eb:
c5:32:d8:1f:0e:3f:4f:85:67:80:9e:cc:3c:7c:72:
c6:74:35:21:0d:d6:fe:f9:1a:84:87:4d:38:9d:69:
ba:1f:08:58:d7:16:a0:30:dd:de:33:94:40:14:23:
3d:67:8c:12:8e:53:e6:13:06:29:7c:3e:65:8c:9e:
95:b3:06:e6:0d:a9:d2:e8:1f:f3:56:c2:b5:75:97:
a2:b3:55:c5:54:0f:99:07:7a:b3:9a:86:14:36:60:
71:2a:9f:a5:cd:da:f7:48:0a:32:31:1e:79:7d:e6:
1a:ec:98:f9:06:e6:87:f7:f0:7f:22:e5:b2:3e:a9:
95:2c:d6:85:27:44:9b:dd:30:b6:c0:60:94:49:f1:
da:19:f6:f2:86:1d:a8:d0:80:4f:6f:c9:14:f3:70:
19:6a:67:c3:3f:1a:88:19:c6:49:48:ea:2e:ce:73:
4f:48:cd:9b:f7:70:d0:02:86:12:72:4e:02:9a:c0:
d5:62:e8:43:4e:dc:83:85:d3:5b:2a:bd:95:9f:86:
1f:e8:95:0c:f0:fc:bb:8c:3b:c4:03:49:97:51:6e:
98:50:e6:74:b0:91:c3:f7:0b:c4:36:8a:b6:42:2c:
79:8e:4f:fd:1c:0c:49:ea:1d:96:ca:8f:cb:80:d3:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:11:01:B3:B7:CC:39:45:36:2A:37:8F:36:76:D4:2C:72:91:1E:80
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/GhEBs7fMOUU2KjePNnbULHKRHoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.80.0/22
185.166.100.0/22
IPv6:
2a03:f4c0::/32
2a0c:d040::/32
Signature Algorithm: sha256WithRSAEncryption
36:ab:67:74:42:cf:3a:da:52:54:0f:12:61:ac:c5:2b:d0:d0:
d2:47:35:d0:9d:21:72:85:44:a1:85:8a:49:17:0a:7a:c2:e7:
34:b7:e3:06:4b:49:80:12:03:23:a3:66:5d:02:17:9c:54:8f:
17:05:d6:fd:35:7f:17:90:e3:c7:a8:f0:49:97:a0:b9:f4:9b:
79:a1:42:1d:35:d2:9a:4b:f1:78:0f:9a:30:52:fb:dc:09:72:
a4:3a:a0:ae:eb:93:d4:9b:d4:c9:e7:14:bd:c5:c8:84:a3:b2:
81:cb:31:48:07:b4:01:39:88:49:50:cc:99:33:22:89:f7:e0:
44:9e:5b:7d:a9:c1:e8:4c:9c:34:db:e1:2e:71:0f:0c:51:7e:
bb:d1:89:90:b8:cf:0f:cd:86:38:fd:1e:42:18:20:4f:58:9d:
cc:b7:4a:01:fe:0f:20:b4:66:23:6b:93:71:44:a1:eb:56:cd:
12:04:eb:8d:d8:f2:33:23:b6:72:ce:50:6d:7f:5b:55:ec:97:
81:7d:7a:09:b8:28:47:01:b4:9f:82:3d:46:84:d3:e0:35:30:
93:12:86:8d:25:29:60:b9:8c:78:f0:e1:19:33:02:dd:46:dd:
e3:50:10:16:ff:ba:e9:b5:ae:65:92:b6:ef:72:cb:5f:33:bf:
33:27:84:b6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQiH6MylGDHaQ80FiVjK0CGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTExMDFiM2I3Y2MzOTQ1MzYyYTM3OGYzNjc2ZDQyYzcyOTExZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD3V1ZAHMph1JhyrD+vFMtgfDj9P
hWeAnsw8fHLGdDUhDdb++RqEh004nWm6HwhY1xagMN3eM5RAFCM9Z4wSjlPmEwYp
fD5ljJ6VswbmDanS6B/zVsK1dZeis1XFVA+ZB3qzmoYUNmBxKp+lzdr3SAoyMR55
feYa7Jj5BuaH9/B/IuWyPqmVLNaFJ0Sb3TC2wGCUSfHaGfbyhh2o0IBPb8kU83AZ
amfDPxqIGcZJSOouznNPSM2b93DQAoYSck4CmsDVYuhDTtyDhdNbKr2Vn4Yf6JUM
8Py7jDvEA0mXUW6YUOZ0sJHD9wvENoq2Qix5jk/9HAxJ6h2Wyo/LgNOfuQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBoRAbO3zDlFNio3jzZ21CxykR6AMB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEvR2hFQnM3Zk1PVVUyS2plUE5uYlVMSEtSSG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRJQAwQC
uaZkMBQEAgACMA4DBQAqA/TAAwUAKgzQQDANBgkqhkiG9w0BAQsFAAOCAQEANqtn
dELPOtpSVA8SYazFK9DQ0kc10J0hcoVEoYWKSRcKesLnNLfjBktJgBIDI6NmXQIX
nFSPFwXW/TV/F5Djx6jwSZegufSbeaFCHTXSmkvxeA+aMFL73AlypDqgruuT1JvU
yecUvcXIhKOygcsxSAe0ATmISVDMmTMiiffgRJ5bfanB6EycNNvhLnEPDFF+u9GJ
kLjPD82GOP0eQhggT1idzLdKAf4PILRmI2uTcUSh61bNEgTrjdjyMyO2cs5QbX9b
VeyXgX16CbgoRwG0n4I9RoTT4DUwkxKGjSUpYLmMePDhGTMC3Ubd41AQFv+66bWu
ZZK273LLXzO/MyeEtg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:34:27 2025 by rpki-client