Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Gc4moE6h-0LPBafiLK_GmYOfnf8.roa
File: Gc4moE6h-0LPBafiLK_GmYOfnf8.roa (raw, json)
Hash identifier: B7ulvc5vYjfcQvRj4GAOq2Tqzy61ptY6XfnMhYDDe+Y=
Subject key identifier: 19:CE:26:A0:4E:A1:FB:42:CF:05:A7:E2:2C:AF:C6:99:83:9F:9D:FF
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B62440F4E9598565E44911688839F
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Gc4moE6h-0LPBafiLK_GmYOfnf8.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201476
IP address blocks: 5.183.12.0/22 maxlen: 22
185.73.100.0/22 maxlen: 32
185.73.104.0/22 maxlen: 32
185.73.108.0/22 maxlen: 32
185.167.184.0/22 maxlen: 32
217.75.214.0/23 maxlen: 32
217.75.216.0/23 maxlen: 32
2a03:4260::/29 maxlen: 48
2a03:4260::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:62:44:0f:4e:95:98:56:5e:44:91:16:88:83:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19ce26a04ea1fb42cf05a7e22cafc699839f9dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c5:6e:63:ec:21:da:79:94:9a:13:65:f8:11:
34:37:d1:6b:2e:40:c9:83:49:9d:06:93:0c:7e:82:
90:dd:f8:4b:1b:b3:53:1b:67:0a:fb:e7:66:cf:8e:
2a:5f:6e:49:55:38:aa:ca:b5:74:22:09:45:52:c7:
66:b1:97:17:d7:90:c4:96:31:5c:75:12:04:23:8d:
a4:fe:ef:e0:d2:d6:d8:58:93:01:d1:05:cc:e9:3b:
0c:44:b0:0c:b9:24:9e:94:ef:9e:b0:8d:cd:4c:27:
c5:e7:f1:c9:08:fd:32:82:ce:67:e2:d5:06:6e:5d:
c1:d1:75:5b:89:d7:36:d1:7c:3f:55:5c:9e:1c:ef:
8e:b1:ba:d3:a9:9f:95:9a:c8:41:6e:9d:9d:5a:15:
74:94:06:28:93:5c:5b:bd:ff:5a:bd:22:68:45:0c:
7f:19:59:fc:35:8e:92:97:42:93:2a:43:30:7c:13:
da:40:72:e5:f5:6c:5a:3f:d6:8d:a5:e9:d2:0b:ba:
d1:a7:cf:f4:7f:91:03:be:0e:43:0f:09:ed:fe:be:
14:e5:61:b4:e5:90:81:17:50:6e:0e:05:4d:41:ed:
e3:66:e7:4e:98:d8:e9:6c:2e:d7:6d:23:af:14:9d:
bb:9b:9d:58:99:74:37:07:80:d7:0b:15:39:b4:d3:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CE:26:A0:4E:A1:FB:42:CF:05:A7:E2:2C:AF:C6:99:83:9F:9D:FF
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Gc4moE6h-0LPBafiLK_GmYOfnf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.12.0/22
185.73.100.0-185.73.111.255
185.167.184.0/22
217.75.214.0-217.75.217.255
IPv6:
2a03:4260::/29
Signature Algorithm: sha256WithRSAEncryption
57:d0:50:a4:6c:1e:3e:1f:e6:e0:c6:4d:7c:24:ea:53:e5:a4:
1a:64:51:57:2f:f4:c0:b2:b0:f2:cc:e8:5d:1a:d3:d1:ef:b1:
70:0a:29:80:8e:a3:30:bf:c1:52:be:b0:cc:38:14:fc:8f:70:
83:bd:11:39:af:f6:b6:63:00:c0:88:a1:b7:7e:c9:bc:40:16:
19:e3:cb:93:82:52:5a:f9:ae:f4:50:79:1c:a8:71:ea:8a:0a:
2b:3f:25:32:49:b4:04:1b:4d:1a:22:bd:7d:2c:18:9d:ba:5a:
0d:cd:a5:12:51:07:b4:38:25:72:42:50:b8:d1:19:9c:db:2a:
66:09:82:9a:99:57:c0:b6:8b:1e:17:38:d7:06:59:82:31:b5:
2e:a9:6f:7b:41:35:cb:5b:7c:c0:83:6e:2c:f3:f0:f1:bf:a7:
bd:32:fb:8b:50:0b:da:a1:37:bb:e7:b2:26:c0:0b:f5:d0:fe:
87:e9:1e:1b:8f:82:8e:15:fe:e9:56:62:5b:f0:c9:de:7b:8b:
c8:d9:bc:90:87:b0:10:9e:9e:7f:1a:d6:83:77:b3:49:90:74:
8a:87:b3:ff:a6:20:3f:bd:3d:fc:57:68:ed:d2:91:d9:11:dc:
6e:e3:fe:ff:6d:d7:ab:cc:fe:1c:62:e7:bc:c1:5d:47:55:fe:
6b:bf:ac:7e
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQma2JED06VmFZeRJEWiIOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNlMjZhMDRlYTFmYjQyY2YwNWE3ZTIyY2FmYzY5OTgzOWY5ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcVuY+wh2nmUmhNl+BE0N9FrLkDJ
g0mdBpMMfoKQ3fhLG7NTG2cK++dmz44qX25JVTiqyrV0IglFUsdmsZcX15DEljFc
dRIEI42k/u/g0tbYWJMB0QXM6TsMRLAMuSSelO+esI3NTCfF5/HJCP0ygs5n4tUG
bl3B0XVbidc20Xw/VVyeHO+OsbrTqZ+VmshBbp2dWhV0lAYok1xbvf9avSJoRQx/
GVn8NY6Sl0KTKkMwfBPaQHLl9WxaP9aNpenSC7rRp8/0f5EDvg5DDwnt/r4U5WG0
5ZCBF1BuDgVNQe3jZudOmNjpbC7XbSOvFJ27m51YmXQ3B4DXCxU5tNNeTQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBnOJqBOoftCzwWn4iyvxpmDn53/MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvR2M0bW9FNmgtMExQQmFmaUxLX0dtWU9mbmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQCBbcMMAwD
BAK5SWQDBAS5SWADBAK5p7gwDAMEAdlL1gMEAdlL2DANBAIAAjAHAwUDKgNCYDAN
BgkqhkiG9w0BAQsFAAOCAQEAV9BQpGwePh/m4MZNfCTqU+WkGmRRVy/0wLKw8szo
XRrT0e+xcAopgI6jML/BUr6wzDgU/I9wg70ROa/2tmMAwIiht37JvEAWGePLk4JS
Wvmu9FB5HKhx6ooKKz8lMkm0BBtNGiK9fSwYnbpaDc2lElEHtDglckJQuNEZnNsq
ZgmCmplXwLaLHhc41wZZgjG1Lqlve0E1y1t8wINuLPPw8b+nvTL7i1AL2qE3u+ey
JsAL9dD+h+keG4+CjhX+6VZiW/DJ3nuLyNm8kIewEJ6efxrWg3ezSZB0ioez/6Yg
P709/Fdo7dKR2RHcbuP+/23Xq8z+HGLnvMFdR1X+a7+sfg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:53 2025 by rpki-client