Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/GofoKymii5U39NPDECdDJtD2TH0.roa
File: GofoKymii5U39NPDECdDJtD2TH0.roa (raw, json)
Hash identifier: ePVDpp/IL/yJ1aEgP104JCCy3cNXznxaF2wO6kp9DYI=
Subject key identifier: 1A:87:E8:2B:29:A2:8B:95:37:F4:D3:C3:10:27:43:26:D0:F6:4C:7D
Certificate issuer: /CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Certificate serial: 019425FDC130C336EFECAF6E70A8C3B3D24B
Authority key identifier: 2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/GofoKymii5U39NPDECdDJtD2TH0.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35665
IP address blocks: 46.18.96.0/24 maxlen: 24
46.18.97.0/24 maxlen: 24
46.18.98.0/24 maxlen: 24
46.18.99.0/24 maxlen: 24
46.18.100.0/24 maxlen: 24
46.18.101.0/24 maxlen: 24
46.18.102.0/24 maxlen: 24
46.18.103.0/24 maxlen: 24
185.177.224.0/22 maxlen: 22
195.160.188.0/24 maxlen: 24
195.160.189.0/24 maxlen: 24
213.108.232.0/23 maxlen: 23
213.108.234.0/23 maxlen: 23
213.108.236.0/23 maxlen: 23
213.108.238.0/23 maxlen: 23
2a02:2778::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/L8Q4zYqusa0kLtSbT_KHydD0Ow4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/L8Q4zYqusa0kLtSbT_KHydD0Ow4.mft
rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c1:30:c3:36:ef:ec:af:6e:70:a8:c3:b3:d2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a87e82b29a28b9537f4d3c310274326d0f64c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:7d:50:3d:00:45:2c:fc:c9:65:c7:d3:7b:
cb:d2:0c:cc:d7:79:ad:a1:75:44:ce:43:b9:50:22:
bd:7f:1c:c4:5a:4d:96:6b:6a:25:54:e6:88:36:1d:
52:be:a6:dd:cf:d9:57:11:6d:02:0d:00:0e:ad:73:
7c:74:68:4f:1e:28:ae:82:35:6e:85:98:3d:5c:45:
c3:e6:bf:6c:49:dd:9b:8a:4a:06:8a:a0:e5:24:31:
5f:11:3d:47:13:55:2e:9a:40:31:62:67:26:68:66:
3a:09:fc:26:9b:32:6d:03:4b:9d:90:99:b4:37:fb:
81:00:e7:cc:8c:19:9b:46:5d:46:a9:d9:69:09:e4:
07:dc:95:f0:a6:3a:c8:e8:c3:28:1f:7b:b5:be:61:
cd:6d:e8:36:ba:40:0e:ce:5d:20:dc:8b:39:ef:29:
95:fc:97:11:a7:23:cd:27:ab:6f:2b:f0:ca:74:ef:
d5:05:1d:01:07:12:7f:b7:7e:af:a7:fc:12:84:f4:
19:c4:00:36:b6:68:a3:ff:29:12:e7:0b:27:8e:4d:
b5:4e:c8:4a:87:24:d7:1f:67:2f:3d:21:15:5f:70:
0a:ef:50:1f:70:8a:c6:ef:e5:42:e0:87:c2:aa:61:
fc:50:07:bf:ac:f2:36:ad:4b:47:4e:5f:9c:43:2d:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:87:E8:2B:29:A2:8B:95:37:F4:D3:C3:10:27:43:26:D0:F6:4C:7D
X509v3 Authority Key Identifier:
keyid:2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/GofoKymii5U39NPDECdDJtD2TH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/L8Q4zYqusa0kLtSbT_KHydD0Ow4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.96.0/21
185.177.224.0/22
195.160.188.0/23
213.108.232.0/21
IPv6:
2a02:2778::/32
Signature Algorithm: sha256WithRSAEncryption
2d:ce:da:5e:05:6e:a5:94:64:36:4b:bc:86:3d:2f:db:23:1e:
3e:a0:c5:31:c0:ee:a8:82:af:35:c7:67:6d:41:f5:81:55:23:
5d:a3:1c:00:05:06:22:37:1f:87:38:9c:80:47:31:2a:59:35:
bf:33:89:44:dd:ae:b0:b9:7b:65:74:ae:d2:11:fb:17:79:8a:
59:9a:c1:b7:6a:0a:e7:d1:56:93:be:f2:8b:75:1b:75:8d:25:
19:65:5d:f0:07:06:fe:e4:f9:61:5e:72:3c:3b:11:83:97:26:
ab:5f:84:33:1b:92:3a:ee:dc:3c:1e:d2:39:07:44:10:35:49:
1e:e4:3f:b7:e8:d6:5e:ba:18:e9:87:1e:d5:ec:f5:a2:d7:02:
47:92:92:8b:fe:fe:d5:99:c4:0d:c9:44:0b:39:4b:a2:9a:b4:
aa:49:7f:05:11:f2:af:38:9b:15:0f:83:86:ca:19:c8:78:f6:
f7:2c:f8:8d:c0:87:bf:15:b9:76:6e:8a:d6:79:22:d7:b9:b2:
76:d7:35:4a:01:6d:28:71:7e:b0:6d:11:a0:8c:2a:34:fc:3f:
0f:e6:92:41:40:5e:bf:1c:95:17:cc:9b:4f:a2:e7:72:5d:b7:
2a:65:9e:8d:77:84:56:dc:0f:a2:5e:7a:75:39:d8:e9:e1:33:
67:65:6a:c5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQl/cEwwzbv7K9ucKjDs9JLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYzQzOGNkOGFhZWIxYWQyNDJlZDQ5YjRmZjI4N2M5ZDBm
NDNiMGUwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg3ZTgyYjI5YTI4Yjk1MzdmNGQzYzMxMDI3NDMyNmQwZjY0YzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH19UD0ARSz8yWXH03vL0gzM13mt
oXVEzkO5UCK9fxzEWk2Wa2olVOaINh1Svqbdz9lXEW0CDQAOrXN8dGhPHiiugjVu
hZg9XEXD5r9sSd2bikoGiqDlJDFfET1HE1UumkAxYmcmaGY6CfwmmzJtA0udkJm0
N/uBAOfMjBmbRl1GqdlpCeQH3JXwpjrI6MMoH3u1vmHNbeg2ukAOzl0g3Is57ymV
/JcRpyPNJ6tvK/DKdO/VBR0BBxJ/t36vp/wShPQZxAA2tmij/ykS5wsnjk21TshK
hyTXH2cvPSEVX3AK71AfcIrG7+VC4IfCqmH8UAe/rPI2rUtHTl+cQy2NiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBqH6CspoouVN/TTwxAnQybQ9kx9MB8GA1UdIwQY
MBaAFC/EOM2KrrGtJC7Um0/yh8nQ9DsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQt
MTZiNDRjNDkzNWVhLzEvR29mb0t5bWlpNVUzOU5QREVDZERKdEQyVEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQtMTZiNDRjNDkzNWVh
LzEvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhJgAwQC
ubHgAwQBw6C8AwQD1WzoMA0EAgACMAcDBQAqAid4MA0GCSqGSIb3DQEBCwUAA4IB
AQAtztpeBW6llGQ2S7yGPS/bIx4+oMUxwO6ogq81x2dtQfWBVSNdoxwABQYiNx+H
OJyARzEqWTW/M4lE3a6wuXtldK7SEfsXeYpZmsG3agrn0VaTvvKLdRt1jSUZZV3w
Bwb+5PlhXnI8OxGDlyarX4QzG5I67tw8HtI5B0QQNUke5D+36NZeuhjphx7V7PWi
1wJHkpKL/v7VmcQNyUQLOUuimrSqSX8FEfKvOJsVD4OGyhnIePb3LPiNwIe/Fbl2
borWeSLXubJ21zVKAW0ocX6wbRGgjCo0/D8P5pJBQF6/HJUXzJtPoudyXbcqZZ6N
d4RW3A+iXnp1Odjp4TNnZWrF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:12 2025 by rpki-client