Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/GM4FjF5iGCwwZrvF5OPLK7EJcKc.roa
File: GM4FjF5iGCwwZrvF5OPLK7EJcKc.roa (raw, json)
Hash identifier: TNBXDdJILbU4GHZNotTea3UIv8zTS99ELWCKcINIuvk=
Subject key identifier: 18:CE:05:8C:5E:62:18:2C:30:66:BB:C5:E4:E3:CB:2B:B1:09:70:A7
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 019427B54467FDE6C42F1042C3B03487B87D
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/GM4FjF5iGCwwZrvF5OPLK7EJcKc.roa
Signing time: Thu 02 Jan 2025 15:49:38 +0000
ROA not before: Thu 02 Jan 2025 15:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206352
IP address blocks: 185.188.253.0/24 maxlen: 24
185.188.254.0/23 maxlen: 23
185.217.48.0/23 maxlen: 23
185.217.50.0/23 maxlen: 23
185.248.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:44:67:fd:e6:c4:2f:10:42:c3:b0:34:87:b8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Jan 2 15:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18ce058c5e62182c3066bbc5e4e3cb2bb10970a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5f:ea:52:42:97:ec:4a:f3:b0:b8:41:23:95:
c4:86:d4:3c:1b:0d:e5:1c:ed:93:c9:a9:40:66:ef:
62:4a:2c:7b:72:b5:e7:16:cb:7d:7a:16:d5:fd:48:
7c:a8:1d:a5:f5:e3:c6:af:35:3a:db:e5:4c:89:8a:
a0:5a:60:dd:4c:72:14:b0:de:b0:01:a6:ca:01:62:
49:e0:56:7f:d1:67:cb:3b:89:a3:9d:25:68:51:5e:
00:c8:25:21:5d:d3:b7:36:8c:1a:cc:af:d2:21:27:
fc:63:95:16:03:c5:ed:f6:45:38:09:93:6e:39:62:
8d:6d:60:57:65:a8:af:6f:fc:80:21:f8:ab:2c:b7:
b5:41:fb:63:4a:69:06:fa:65:9b:31:13:82:f2:d5:
62:1f:ed:8e:29:21:dd:c2:2f:a9:f6:6d:b3:9c:f7:
fa:f5:50:b5:82:f5:9e:e4:98:53:19:aa:d5:35:c5:
1d:e2:35:e9:61:fe:4e:c0:94:23:07:89:8a:c7:90:
b2:c6:4f:f1:cd:71:c4:0a:3e:69:20:f7:f8:1c:e4:
70:d8:75:8c:bf:93:65:62:28:cc:85:88:38:73:34:
41:93:42:31:5e:92:05:46:f2:4b:06:dd:e6:06:97:
48:5a:45:7a:80:5a:c9:c7:af:7e:65:db:8c:4e:ec:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CE:05:8C:5E:62:18:2C:30:66:BB:C5:E4:E3:CB:2B:B1:09:70:A7
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/GM4FjF5iGCwwZrvF5OPLK7EJcKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.253.0-185.188.255.255
185.217.48.0/22
185.248.2.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:f9:be:0e:1e:9b:15:8f:62:3d:88:c1:db:b2:ec:f8:f2:5e:
e7:90:d2:a4:34:5e:9a:23:c8:79:92:fa:f5:9e:9f:df:69:70:
bd:bf:44:7b:86:0d:da:15:b0:9f:49:79:b8:c7:61:2e:03:c5:
88:fc:eb:c3:0e:e2:31:d2:97:8e:f9:b9:04:e1:5f:00:9d:de:
65:59:bf:52:19:53:29:78:95:fb:ef:38:77:ba:46:16:0f:2f:
2d:1b:19:29:c7:31:8b:92:bf:c9:fa:d1:8d:34:4e:8b:e6:ef:
cb:95:8f:a5:97:29:29:32:e8:32:56:9e:07:2f:6a:32:48:e6:
c2:45:e3:11:f3:c6:cf:8a:07:df:a1:4e:d8:ff:16:ab:5c:2f:
b3:3b:00:15:4e:30:b8:1a:77:44:b6:c4:12:de:31:12:ee:4d:
68:01:b2:ee:5e:f8:e0:f7:8a:4b:43:59:d9:0a:82:01:bb:5d:
64:7e:38:67:12:37:fc:97:8b:d4:8e:ac:43:c9:4f:b5:94:44:
9a:d9:e6:43:56:52:51:49:1d:28:4e:03:21:e4:33:54:78:63:
a2:4d:64:5b:58:8b:b4:f3:97:4a:2d:a4:53:94:88:68:c5:3c:
55:fe:c4:2a:b6:9a:aa:51:73:6d:63:89:75:4a:60:dd:57:a1:
0f:a3:d4:c3
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQntURn/ebELxBCw7A0h7h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjUwMTAyMTU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGNlMDU4YzVlNjIxODJjMzA2NmJiYzVlNGUzY2IyYmIxMDk3MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl/qUkKX7ErzsLhBI5XEhtQ8Gw3l
HO2TyalAZu9iSix7crXnFst9ehbV/Uh8qB2l9ePGrzU62+VMiYqgWmDdTHIUsN6w
AabKAWJJ4FZ/0WfLO4mjnSVoUV4AyCUhXdO3NowazK/SISf8Y5UWA8Xt9kU4CZNu
OWKNbWBXZaivb/yAIfirLLe1QftjSmkG+mWbMROC8tViH+2OKSHdwi+p9m2znPf6
9VC1gvWe5JhTGarVNcUd4jXpYf5OwJQjB4mKx5Cyxk/xzXHECj5pIPf4HORw2HWM
v5NlYijMhYg4czRBk0IxXpIFRvJLBt3mBpdIWkV6gFrJx69+ZduMTuwaQwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFBjOBYxeYhgsMGa7xeTjyyuxCXCnMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvR000RmpGNWlHQ3d3WnJ2RjVPUExLN0VKY0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgtODg1OGE1NTlmMjUx
LzEvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDBAC5vP0D
AwC5vAMEArnZMAMEAbn4AjANBgkqhkiG9w0BAQsFAAOCAQEAXfm+Dh6bFY9iPYjB
27Ls+PJe55DSpDRemiPIeZL69Z6f32lwvb9Ee4YN2hWwn0l5uMdhLgPFiPzrww7i
MdKXjvm5BOFfAJ3eZVm/UhlTKXiV++84d7pGFg8vLRsZKccxi5K/yfrRjTROi+bv
y5WPpZcpKTLoMlaeBy9qMkjmwkXjEfPGz4oH36FO2P8Wq1wvszsAFU4wuBp3RLbE
Et4xEu5NaAGy7l744PeKS0NZ2QqCAbtdZH44ZxI3/JeL1I6sQ8lPtZREmtnmQ1ZS
UUkdKE4DIeQzVHhjok1kW1iLtPOXSi2kU5SIaMU8Vf7EKraaqlFzbWOJdUpg3Veh
D6PUww==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:12:41 2025 by rpki-client