Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gYds0JITWToRAWO6EmM06xkOA-g.roa
File: gYds0JITWToRAWO6EmM06xkOA-g.roa (raw, json)
Hash identifier: jtWYGOQZO5pMtNPGec2KrPh/oTve8btfCfcQpgZ5xYs=
Subject key identifier: 81:87:6C:D0:92:13:59:3A:11:01:63:BA:12:63:34:EB:19:0E:03:E8
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01942825336A928DBADAA6C74C7CA5E62E34
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gYds0JITWToRAWO6EmM06xkOA-g.roa
Signing time: Thu 02 Jan 2025 17:51:54 +0000
ROA not before: Thu 02 Jan 2025 17:51:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201909
IP address blocks: 37.35.53.0/24 maxlen: 24
91.235.122.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
188.119.158.0/24 maxlen: 24
188.119.159.0/24 maxlen: 24
188.119.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:33:6a:92:8d:ba:da:a6:c7:4c:7c:a5:e6:2e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 2 17:51:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81876cd09213593a110163ba126334eb190e03e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f7:84:1c:ef:e5:ee:c8:e6:d8:bd:b6:16:48:
ab:37:98:d3:42:bb:af:55:f4:34:5b:ab:b7:26:46:
8d:e6:0c:b5:7d:79:71:58:98:60:8b:e0:21:c6:0c:
a5:ae:37:eb:e9:8b:c3:55:30:b9:88:b4:aa:ea:32:
7c:15:31:bf:bf:e3:fb:3d:2f:b0:ca:da:79:92:df:
fd:b6:f4:47:d2:f3:01:28:e4:15:1f:96:cd:53:b9:
57:44:55:f5:95:5d:b2:b2:70:2c:52:8f:dc:34:0c:
7e:d6:8d:c8:15:13:be:a1:22:b0:fc:cf:bc:32:8d:
b9:fd:e1:3d:d6:76:9f:10:f7:af:cc:22:72:e2:91:
81:33:73:47:31:a9:ea:74:d1:c8:d8:13:85:ca:29:
48:d4:d0:27:56:5f:32:d2:97:3a:88:85:78:8d:6c:
fe:35:d2:63:34:df:c1:49:54:77:f8:b7:73:43:2f:
84:f6:16:d4:3c:5e:60:72:4d:f4:1e:36:44:98:0a:
b3:e2:6f:f4:63:41:31:65:94:fc:e8:59:6d:86:97:
87:42:84:7e:c5:08:50:1d:0e:fd:f7:93:7c:f8:6e:
31:47:4c:8e:20:10:22:7c:18:62:44:75:6c:c8:39:
96:d7:e5:1d:8a:6e:7a:2c:55:fe:94:71:f8:27:b1:
0b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:87:6C:D0:92:13:59:3A:11:01:63:BA:12:63:34:EB:19:0E:03:E8
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gYds0JITWToRAWO6EmM06xkOA-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.53.0/24
91.235.122.0/24
178.157.111.0/24
188.119.158.0/23
188.119.163.0/24
Signature Algorithm: sha256WithRSAEncryption
78:23:9b:7f:a3:80:72:29:9c:f0:5f:fd:b6:c4:99:f9:d6:50:
75:fd:ee:21:bd:15:25:fb:e2:70:b6:a2:15:bf:d3:10:ef:57:
78:6e:9d:a1:9c:b3:61:f9:cf:d8:6d:40:20:e1:85:42:f1:07:
f7:44:65:75:97:52:cf:fc:94:8c:92:5f:63:ad:c1:a1:0e:3f:
de:d6:36:4d:de:43:00:74:8a:0d:c8:0e:05:09:a3:23:07:25:
d0:ec:c3:25:dc:5f:8d:5f:5c:8e:29:e5:be:35:c7:81:e3:f7:
b0:e0:5d:50:44:c3:f7:f7:f8:3e:1f:8f:29:b4:66:f1:08:2e:
4f:3b:9d:75:7b:30:8b:ef:56:0e:11:27:aa:13:c3:77:ca:b7:
18:d3:19:fe:34:6a:e8:e9:ab:b3:6d:2e:77:13:09:d8:6e:82:
50:cc:68:ee:dd:a9:dd:0f:f3:5a:29:42:a3:b4:33:91:39:0f:
10:fe:e5:0e:92:e3:a6:09:a2:ab:1d:c1:2e:83:e2:a7:15:46:
b8:0a:8c:48:e5:0a:ad:d4:1c:f8:03:98:4d:2e:b1:fe:f7:01:
a3:34:5d:ab:e0:67:a5:ee:4c:fa:34:26:80:af:7f:42:b6:94:
71:19:1d:35:47:b6:d5:90:15:57:ff:07:55:0e:a0:09:df:68:
e6:48:3d:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJTNqko262qbHTHyl5i40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTAyMTc1MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTg3NmNkMDkyMTM1OTNhMTEwMTYzYmExMjYzMzRlYjE5MGUwM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/eEHO/l7sjm2L22FkirN5jTQruv
VfQ0W6u3JkaN5gy1fXlxWJhgi+Ahxgylrjfr6YvDVTC5iLSq6jJ8FTG/v+P7PS+w
ytp5kt/9tvRH0vMBKOQVH5bNU7lXRFX1lV2ysnAsUo/cNAx+1o3IFRO+oSKw/M+8
Mo25/eE91nafEPevzCJy4pGBM3NHManqdNHI2BOFyilI1NAnVl8y0pc6iIV4jWz+
NdJjNN/BSVR3+LdzQy+E9hbUPF5gck30HjZEmAqz4m/0Y0ExZZT86FlthpeHQoR+
xQhQHQ7995N8+G4xR0yOIBAifBhiRHVsyDmW1+Udim56LFX+lHH4J7EL0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIGHbNCSE1k6EQFjuhJjNOsZDgPoMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvZ1lkczBKSVRXVG9SQVdPNkVtTTA2eGtPQS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJSM1AwQA
W+t6AwQAsp1vAwQBvHeeAwQAvHejMA0GCSqGSIb3DQEBCwUAA4IBAQB4I5t/o4By
KZzwX/22xJn51lB1/e4hvRUl++JwtqIVv9MQ71d4bp2hnLNh+c/YbUAg4YVC8Qf3
RGV1l1LP/JSMkl9jrcGhDj/e1jZN3kMAdIoNyA4FCaMjByXQ7MMl3F+NX1yOKeW+
NceB4/ew4F1QRMP39/g+H48ptGbxCC5PO511ezCL71YOESeqE8N3yrcY0xn+NGro
6auzbS53EwnYboJQzGju3andD/NaKUKjtDOROQ8Q/uUOkuOmCaKrHcEug+KnFUa4
CoxI5Qqt1Bz4A5hNLrH+9wGjNF2r4Gel7kz6NCaAr39CtpRxGR01R7bVkBVX/wdV
DqAJ32jmSD0g
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:19:57 2025 by rpki-client