Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GzLNeemJ5NyzmlXIMSE-P5qpPK0.roa
File: GzLNeemJ5NyzmlXIMSE-P5qpPK0.roa (raw, json)
Hash identifier: gMekrQRvaaYdzpl1VdoBplLf+AZyuoskovW0AOifAys=
Subject key identifier: 1B:32:CD:79:E9:89:E4:DC:B3:9A:55:C8:31:21:3E:3F:9A:A9:3C:AD
Certificate issuer: /CN=c11d08186433903069b5d6bb652f98428f53c808
Certificate serial: 0194AF22E295FB2B7DE8BB29174142C30D22
Authority key identifier: C1:1D:08:18:64:33:90:30:69:B5:D6:BB:65:2F:98:42:8F:53:C8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GzLNeemJ5NyzmlXIMSE-P5qpPK0.roa
Signing time: Tue 28 Jan 2025 22:58:06 +0000
ROA not before: Tue 28 Jan 2025 22:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200031
IP address blocks: 91.193.40.0/23 maxlen: 24
91.215.44.0/23 maxlen: 24
91.215.46.0/24 maxlen: 24
195.60.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:af:22:e2:95:fb:2b:7d:e8:bb:29:17:41:42:c3:0d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c11d08186433903069b5d6bb652f98428f53c808
Validity
Not Before: Jan 28 22:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b32cd79e989e4dcb39a55c831213e3f9aa93cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b2:c6:0c:56:c7:41:76:10:12:99:b9:27:af:
d0:b5:9c:11:1b:4c:81:1a:d1:14:a2:17:19:27:d6:
7b:68:43:fd:6b:df:c3:bb:52:d0:79:6d:35:bf:11:
fc:31:54:41:2b:86:35:24:13:97:52:5e:f9:aa:e3:
f9:d0:26:da:bf:2e:ad:14:0c:9b:cf:f1:31:13:e0:
b0:dd:e3:49:88:15:28:55:16:36:e3:20:eb:37:da:
67:5e:79:68:92:23:24:7a:7a:bc:e3:28:b3:c5:b4:
1b:c6:36:7f:4e:bc:dc:3c:83:f4:c7:47:4a:e2:d4:
d8:39:2c:56:18:02:4a:80:78:94:a1:05:18:23:ab:
04:ca:3e:5e:60:79:3e:8d:af:b7:20:9b:85:37:fd:
e8:fb:be:fa:f6:13:ce:71:0f:16:d0:72:b3:c4:37:
59:8e:c4:2b:c2:11:a7:e2:cf:fc:00:bd:b8:b6:93:
53:45:7e:fd:23:b2:bf:f8:d4:dd:2d:34:20:15:23:
db:1d:94:22:3f:dd:48:1e:46:06:9d:8d:5a:4e:6c:
38:6b:61:97:4a:f5:07:63:6d:73:aa:93:ab:1a:2c:
a9:31:1b:14:43:e3:7a:6c:fc:5e:57:30:ad:ca:62:
43:c3:6c:44:8f:e9:dd:b7:a0:dd:a2:8b:7e:72:b4:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:32:CD:79:E9:89:E4:DC:B3:9A:55:C8:31:21:3E:3F:9A:A9:3C:AD
X509v3 Authority Key Identifier:
keyid:C1:1D:08:18:64:33:90:30:69:B5:D6:BB:65:2F:98:42:8F:53:C8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wR0IGGQzkDBptda7ZS-YQo9TyAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/GzLNeemJ5NyzmlXIMSE-P5qpPK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/263352-8088-4f5b-a620-aeb5cd8de15d/1/wR0IGGQzkDBptda7ZS-YQo9TyAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.40.0/23
91.215.44.0-91.215.46.255
195.60.64.0/23
Signature Algorithm: sha256WithRSAEncryption
73:cb:29:08:db:d1:1f:89:78:d1:17:82:3b:b5:4d:07:91:c1:
36:e5:18:f4:72:d1:92:69:34:f9:af:2d:cf:66:9d:e4:6f:b5:
f9:29:10:6e:00:72:2f:c3:f4:39:27:6c:21:74:a6:a3:2a:75:
4c:b0:f1:35:03:67:cf:51:7d:77:ee:3f:0f:20:47:32:25:4f:
03:16:42:0b:a3:9a:46:b3:1d:92:de:76:64:49:ad:81:6c:48:
34:d7:18:d5:3d:1c:78:bf:db:22:70:e0:ab:5c:7d:fb:28:90:
5f:1f:e2:13:a5:b2:e2:09:ff:3b:10:7e:fb:b6:3a:04:b6:32:
e9:e1:ab:1f:74:88:9c:29:5d:2a:58:ef:9f:08:ba:01:ca:90:
57:46:31:d9:fd:1c:81:16:8d:e3:57:98:c9:86:fd:30:b0:49:
df:a9:34:1a:fc:b7:25:8b:bd:f6:eb:49:3d:da:0f:b6:9b:ed:
8f:02:9b:62:73:ec:df:06:65:b0:93:be:73:ff:20:ca:46:d7:
47:7f:c3:1e:fa:41:45:5e:98:28:f2:27:62:80:bd:4c:d0:cb:
48:0d:4e:62:e6:4a:2b:f4:72:56:ea:9b:48:2c:a8:af:91:b9:
64:05:62:b2:a0:fa:9e:a8:22:ee:77:99:6e:51:ad:03:9d:db:
4f:78:3a:6f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZSvIuKV+yt96LspF0FCww0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMWQwODE4NjQzMzkwMzA2OWI1ZDZiYjY1MmY5ODQyOGY1
M2M4MDgwHhcNMjUwMTI4MjI1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjMyY2Q3OWU5ODllNGRjYjM5YTU1YzgzMTIxM2UzZjlhYTkzY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLLGDFbHQXYQEpm5J6/QtZwRG0yB
GtEUohcZJ9Z7aEP9a9/Du1LQeW01vxH8MVRBK4Y1JBOXUl75quP50Cbavy6tFAyb
z/ExE+Cw3eNJiBUoVRY24yDrN9pnXnlokiMkenq84yizxbQbxjZ/TrzcPIP0x0dK
4tTYOSxWGAJKgHiUoQUYI6sEyj5eYHk+ja+3IJuFN/3o+7769hPOcQ8W0HKzxDdZ
jsQrwhGn4s/8AL24tpNTRX79I7K/+NTdLTQgFSPbHZQiP91IHkYGnY1aTmw4a2GX
SvUHY21zqpOrGiypMRsUQ+N6bPxeVzCtymJDw2xEj+ndt6Ddoot+crShSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBsyzXnpieTcs5pVyDEhPj+aqTytMB8GA1UdIwQY
MBaAFMEdCBhkM5AwabXWu2UvmEKPU8gIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1IwSUdHUXprREJwdGRhN1pTLVlRbzlUeUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNjMzNTItODA4OC00ZjViLWE2MjAt
YWViNWNkOGRlMTVkLzEvR3pMTmVlbUo1Tnl6bWxYSU1TRS1QNXFwUEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNjMzNTItODA4OC00ZjViLWE2MjAtYWViNWNkOGRlMTVk
LzEvd1IwSUdHUXprREJwdGRhN1pTLVlRbzlUeUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW8EoMAwD
BAJb1ywDBABb1y4DBAHDPEAwDQYJKoZIhvcNAQELBQADggEBAHPLKQjb0R+JeNEX
gju1TQeRwTblGPRy0ZJpNPmvLc9mneRvtfkpEG4Aci/D9DknbCF0pqMqdUyw8TUD
Z89RfXfuPw8gRzIlTwMWQgujmkazHZLedmRJrYFsSDTXGNU9HHi/2yJw4Ktcffso
kF8f4hOlsuIJ/zsQfvu2OgS2Munhqx90iJwpXSpY758IugHKkFdGMdn9HIEWjeNX
mMmG/TCwSd+pNBr8tyWLvfbrST3aD7ab7Y8Cm2Jz7N8GZbCTvnP/IMpG10d/wx76
QUVemCjyJ2KAvUzQy0gNTmLmSiv0clbqm0gsqK+RuWQFYrKg+p6oIu53mW5RrQOd
2094Om8=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:42 2025 by rpki-client