Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gcuaKbWiLRAqD1xrvBDRzfBkVeU.roa
File: gcuaKbWiLRAqD1xrvBDRzfBkVeU.roa (raw, json)
Hash identifier: MYRkpp3C/+/7CVoLi3E6bNhfk9dnUCR3GBhUtM2O0YU=
Subject key identifier: 81:CB:9A:29:B5:A2:2D:10:2A:0F:5C:6B:BC:10:D1:CD:F0:64:55:E5
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A6AEB02B9C32C913903A69B635E0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gcuaKbWiLRAqD1xrvBDRzfBkVeU.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198468
IP address blocks: 93.185.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a6:ae:b0:2b:9c:32:c9:13:90:3a:69:b6:35:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81cb9a29b5a22d102a0f5c6bbc10d1cdf06455e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:be:0a:40:17:55:34:c8:95:14:29:17:83:f3:
75:98:e8:9b:ee:dd:57:5c:08:54:b4:89:76:ee:41:
2e:24:b6:5b:2c:d3:5c:16:fe:ff:ed:25:50:a8:fc:
e4:23:ce:ab:e7:76:ef:e6:f6:34:6d:ad:45:7d:37:
d0:89:b6:2c:94:aa:ca:63:a3:3d:c7:9f:ce:ff:8c:
c5:63:ee:65:be:05:59:72:49:23:1b:3f:9c:bc:0a:
3f:57:cc:0e:b2:c4:71:07:cb:9b:90:f9:2d:ca:34:
f3:67:8a:ad:7c:dc:04:5f:e6:96:bf:ec:b8:ae:34:
38:96:6a:5a:12:3a:14:e8:f3:11:b3:26:e1:3a:66:
97:f9:df:f3:d8:95:31:0c:0b:ce:76:14:0a:bb:df:
e2:73:7e:af:cf:1c:ea:36:92:7c:cf:11:85:fe:08:
6d:1e:68:eb:6f:c5:64:3a:cb:47:67:b3:3c:82:99:
09:a7:c2:c4:4d:f8:bf:60:0c:da:7c:23:54:df:44:
c4:89:f8:1d:5b:08:09:64:55:ee:98:e9:36:01:32:
fb:1f:5c:85:75:97:6c:79:e7:24:4d:b7:4e:a1:65:
5d:19:b4:08:e8:8c:cb:e2:fd:71:75:93:d2:c0:65:
8d:bf:a9:5f:56:74:a8:f9:8d:3b:cd:72:af:26:94:
f9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CB:9A:29:B5:A2:2D:10:2A:0F:5C:6B:BC:10:D1:CD:F0:64:55:E5
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gcuaKbWiLRAqD1xrvBDRzfBkVeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:1a:96:cc:14:68:a6:df:8e:9d:3e:4c:8f:11:0f:58:a4:56:
93:a3:4e:4a:4d:45:ba:ec:00:90:bb:64:34:07:4c:54:ee:67:
51:c6:93:e3:39:62:41:e8:07:2f:31:0e:31:c1:5e:f7:2f:08:
22:80:ba:2f:0c:17:fd:b1:e5:c4:54:c0:2e:8a:93:4a:1c:72:
52:a1:cb:45:41:10:51:4f:db:98:af:c0:6f:79:83:40:8c:06:
85:68:49:fb:df:4d:60:31:4b:85:0b:7e:a8:4a:e0:38:bc:ff:
82:0b:58:a9:df:00:bf:9e:92:9e:97:8c:39:99:93:ca:35:79:
81:c4:d9:84:b2:21:51:81:13:62:c8:5e:64:8e:ea:21:e2:99:
f3:12:ca:d8:6a:71:31:86:cd:d2:31:f1:38:0f:03:28:e2:f7:
04:9f:fd:bd:85:4c:96:1e:72:04:25:78:ea:f2:74:4f:ea:6d:
1d:2d:7a:a2:cd:d1:1c:62:26:af:f1:64:b6:ba:45:19:1f:c4:
82:7e:79:12:06:3b:02:41:2f:d6:51:65:5a:df:d2:57:55:66:
e4:42:a8:5f:73:41:73:44:9b:14:d9:11:c4:56:7e:6a:39:93:
03:53:c4:e8:01:da:97:f8:7c:65:34:24:78:b2:b4:97:00:b8:
2f:01:bc:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns6ausCucMskTkDpptjXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWNiOWEyOWI1YTIyZDEwMmEwZjVjNmJiYzEwZDFjZGYwNjQ1NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr4KQBdVNMiVFCkXg/N1mOib7t1X
XAhUtIl27kEuJLZbLNNcFv7/7SVQqPzkI86r53bv5vY0ba1FfTfQibYslKrKY6M9
x5/O/4zFY+5lvgVZckkjGz+cvAo/V8wOssRxB8ubkPktyjTzZ4qtfNwEX+aWv+y4
rjQ4lmpaEjoU6PMRsybhOmaX+d/z2JUxDAvOdhQKu9/ic36vzxzqNpJ8zxGF/ght
Hmjrb8VkOstHZ7M8gpkJp8LETfi/YAzafCNU30TEifgdWwgJZFXumOk2ATL7H1yF
dZdseeckTbdOoWVdGbQI6IzL4v1xdZPSwGWNv6lfVnSo+Y07zXKvJpT5+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHLmim1oi0QKg9ca7wQ0c3wZFXlMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZ2N1YUtiV2lMUkFxRDF4cnZCRFJ6ZkJrVmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbmjMA0G
CSqGSIb3DQEBCwUAA4IBAQC1GpbMFGim346dPkyPEQ9YpFaTo05KTUW67ACQu2Q0
B0xU7mdRxpPjOWJB6AcvMQ4xwV73LwgigLovDBf9seXEVMAuipNKHHJSoctFQRBR
T9uYr8BveYNAjAaFaEn7301gMUuFC36oSuA4vP+CC1ip3wC/npKel4w5mZPKNXmB
xNmEsiFRgRNiyF5kjuoh4pnzEsrYanExhs3SMfE4DwMo4vcEn/29hUyWHnIEJXjq
8nRP6m0dLXqizdEcYiav8WS2ukUZH8SCfnkSBjsCQS/WUWVa39JXVWbkQqhfc0Fz
RJsU2RHEVn5qOZMDU8ToAdqX+HxlNCR4srSXALgvAbzO
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:37 2025 by rpki-client