Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/GdFZWMri9TOgFT_NeIYkh_SHlw0.roa
File: GdFZWMri9TOgFT_NeIYkh_SHlw0.roa (raw, json)
Hash identifier: NbWz1qM9hdBHH2+QMgdXpTZoVY8ecNxlY44TCKHTwLo=
Subject key identifier: 19:D1:59:58:CA:E2:F5:33:A0:15:3F:CD:78:86:24:87:F4:87:97:0D
Certificate issuer: /CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Certificate serial: 0194228D67B29A72371FF2F470D211BDCB7A
Authority key identifier: A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/GdFZWMri9TOgFT_NeIYkh_SHlw0.roa
Signing time: Wed 01 Jan 2025 15:47:59 +0000
ROA not before: Wed 01 Jan 2025 15:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6856
IP address blocks: 46.164.192.0/18 maxlen: 18
83.139.128.0/18 maxlen: 18
92.244.224.0/19 maxlen: 19
94.141.32.0/19 maxlen: 19
195.98.64.0/20 maxlen: 20
195.98.80.0/20 maxlen: 20
217.25.224.0/20 maxlen: 20
2a00:1af8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/p72rJYCrs79ii11PidSXzZ2SpOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/p72rJYCrs79ii11PidSXzZ2SpOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:67:b2:9a:72:37:1f:f2:f4:70:d2:11:bd:cb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Validity
Not Before: Jan 1 15:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19d15958cae2f533a0153fcd78862487f487970d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ac:a1:5b:b0:5e:33:3b:9f:40:19:05:4b:d0:
44:3f:f5:3b:6b:c4:59:b4:63:63:88:da:a0:2d:01:
54:22:d1:e1:ab:8b:2c:d5:b8:1f:47:29:11:c2:f0:
6c:3d:a9:57:37:3f:db:22:3b:e4:32:c9:05:66:e4:
37:eb:f4:4f:8a:06:14:aa:96:3f:f1:3c:f8:e2:91:
14:8e:bb:b2:fc:ef:73:50:e5:da:91:f6:9c:f2:c7:
b7:2e:e5:50:bf:eb:ac:df:91:4f:31:49:dc:94:66:
47:14:80:a2:44:52:ee:8e:a0:ea:4d:1a:06:b0:7c:
94:21:22:82:d8:6b:e4:16:19:0b:9d:1a:48:7f:4f:
3f:e3:15:4e:97:38:2e:fe:cd:d9:84:fa:bc:2f:c7:
6e:63:0c:14:7e:90:eb:97:d7:17:80:84:dd:5b:68:
89:f1:b1:a8:23:23:c8:f4:32:d0:fa:29:4e:ea:ee:
98:d9:49:22:3e:f5:4f:a5:6d:9a:f2:d6:65:b7:dc:
01:5d:dd:19:6e:e0:d5:87:f5:06:b5:23:b5:c1:9e:
d4:fd:48:16:54:73:56:03:d2:cd:68:8c:e7:6a:a4:
94:4e:09:56:28:4e:80:01:92:44:cb:b6:0f:83:9f:
ad:ff:12:f5:ab:0d:71:e0:c5:95:9a:05:d5:15:dd:
bc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D1:59:58:CA:E2:F5:33:A0:15:3F:CD:78:86:24:87:F4:87:97:0D
X509v3 Authority Key Identifier:
keyid:A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/GdFZWMri9TOgFT_NeIYkh_SHlw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/p72rJYCrs79ii11PidSXzZ2SpOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.164.192.0/18
83.139.128.0/18
92.244.224.0/19
94.141.32.0/19
195.98.64.0/19
217.25.224.0/20
IPv6:
2a00:1af8::/32
Signature Algorithm: sha256WithRSAEncryption
04:d8:07:d4:43:67:e5:85:4c:f0:0f:43:03:3d:06:24:90:70:
cf:15:7f:9e:ed:a4:f9:0f:96:d0:d1:9c:a8:03:fc:30:e1:16:
e2:b7:12:34:1a:f6:64:3f:1d:19:30:c8:51:a2:2c:b1:64:09:
89:2d:57:6d:e8:2c:91:9b:a1:f0:ae:87:6d:e8:06:28:51:f4:
1c:c3:6b:be:ba:ea:30:30:dd:32:fa:9a:52:2c:15:3c:ea:2c:
96:93:0a:25:88:a3:30:62:b9:68:69:28:8d:1f:26:c5:a8:83:
b7:72:a4:82:b1:34:0c:98:b5:59:a1:ea:cd:b7:5d:d3:14:1c:
3f:b4:02:8e:3b:81:38:9b:85:7d:e3:fe:00:59:62:0b:98:84:
74:fe:3c:70:f7:86:a7:ac:d2:7a:cc:33:0c:d4:54:72:c3:1f:
24:69:ec:11:ad:a2:a4:10:b2:80:90:11:f9:f4:90:53:1e:b3:
68:3a:99:a9:a3:6c:9b:44:f3:38:d0:4e:2b:ad:6e:49:49:89:
06:5c:1e:0d:62:a9:dd:08:1b:b3:a9:d6:7e:69:e6:4f:ab:b1:
5c:ca:b7:5f:f6:76:80:cb:5d:4c:78:9f:51:af:2d:01:ad:ab:
e4:51:56:e2:11:7d:c5:26:80:5d:1b:15:26:5a:7e:36:5b:20:
56:9d:40:a7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQijWeymnI3H/L0cNIRvct6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmRhYjI1ODBhYmIzYmY2MjhiNWQ0Zjg5ZDQ5N2NkOWQ5
MmE0ZTMwHhcNMjUwMTAxMTU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQxNTk1OGNhZTJmNTMzYTAxNTNmY2Q3ODg2MjQ4N2Y0ODc5NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qyhW7BeMzufQBkFS9BEP/U7a8RZ
tGNjiNqgLQFUItHhq4ss1bgfRykRwvBsPalXNz/bIjvkMskFZuQ36/RPigYUqpY/
8Tz44pEUjruy/O9zUOXakfac8se3LuVQv+us35FPMUnclGZHFICiRFLujqDqTRoG
sHyUISKC2GvkFhkLnRpIf08/4xVOlzgu/s3ZhPq8L8duYwwUfpDrl9cXgITdW2iJ
8bGoIyPI9DLQ+ilO6u6Y2UkiPvVPpW2a8tZlt9wBXd0ZbuDVh/UGtSO1wZ7U/UgW
VHNWA9LNaIznaqSUTglWKE6AAZJEy7YPg5+t/xL1qw1x4MWVmgXVFd28xQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBnRWVjK4vUzoBU/zXiGJIf0h5cNMB8GA1UdIwQY
MBaAFKe9qyWAq7O/YotdT4nUl82dkqTjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDcyckpZQ3JzNzlpaTExUGlkU1h6WjJTcE9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84ZjFiNDYtYTRiMS00ZmYyLWJiZWMt
MWQ3MDlhNWM2MTZiLzEvR2RGWldNcmk5VE9nRlRfTmVJWWtoX1NIbHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84ZjFiNDYtYTRiMS00ZmYyLWJiZWMtMWQ3MDlhNWM2MTZi
LzEvcDcyckpZQ3JzNzlpaTExUGlkU1h6WjJTcE9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGLqTAAwQG
U4uAAwQFXPTgAwQFXo0gAwQFw2JAAwQE2RngMA0EAgACMAcDBQAqABr4MA0GCSqG
SIb3DQEBCwUAA4IBAQAE2AfUQ2flhUzwD0MDPQYkkHDPFX+e7aT5D5bQ0ZyoA/ww
4RbitxI0GvZkPx0ZMMhRoiyxZAmJLVdt6CyRm6Hwrodt6AYoUfQcw2u+uuowMN0y
+ppSLBU86iyWkwoliKMwYrloaSiNHybFqIO3cqSCsTQMmLVZoerNt13TFBw/tAKO
O4E4m4V94/4AWWILmIR0/jxw94anrNJ6zDMM1FRywx8kaewRraKkELKAkBH59JBT
HrNoOpmpo2ybRPM40E4rrW5JSYkGXB4NYqndCBuzqdZ+aeZPq7Fcyrdf9naAy11M
eJ9Rry0BravkUVbiEX3FJoBdGxUmWn42WyBWnUCn
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:44:07 2025 by rpki-client