Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/GNRL3UXk7g6OcDAGH7Yy1P9BNQI.roa
File: GNRL3UXk7g6OcDAGH7Yy1P9BNQI.roa (raw, json)
Hash identifier: ou7tiqr74kLwCl4+yNF40huO3uxU0RHXk9OIjHLjDwQ=
Subject key identifier: 18:D4:4B:DD:45:E4:EE:0E:8E:70:30:06:1F:B6:32:D4:FF:41:35:02
Certificate issuer: /CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Certificate serial: 019423D804E999FEE3F195AB3D8291092ACF
Authority key identifier: 33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/GNRL3UXk7g6OcDAGH7Yy1P9BNQI.roa
Signing time: Wed 01 Jan 2025 21:49:07 +0000
ROA not before: Wed 01 Jan 2025 21:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 165.220.128.0/17 maxlen: 24
185.136.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:04:e9:99:fe:e3:f1:95:ab:3d:82:91:09:2a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Validity
Not Before: Jan 1 21:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18d44bdd45e4ee0e8e7030061fb632d4ff413502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f2:e1:a6:8f:0f:da:a4:c2:12:b5:2d:3b:f8:
f9:69:bc:33:0b:9a:25:5f:81:06:62:65:d6:24:6e:
5d:50:ea:b4:8e:b7:6e:8e:26:69:98:9b:55:bf:98:
c3:a6:3e:df:ee:b7:5c:fb:b5:23:97:72:9a:5f:bb:
02:83:e9:3d:8b:56:dc:a7:70:2c:9f:f0:af:59:02:
6b:01:54:c8:ad:ea:37:f4:7f:29:44:4f:ec:8d:86:
21:4e:bd:ae:c0:2b:ad:9b:b9:e5:79:55:3f:83:47:
95:ec:06:17:3f:e8:bc:b8:a8:70:9c:50:54:14:8e:
ca:ca:16:89:d7:13:13:fb:05:e6:ba:ed:1f:6b:4a:
e1:75:4f:79:7f:0f:94:ef:a0:98:da:26:cb:3c:17:
08:ee:32:03:52:fc:1c:f5:26:87:15:fb:a6:ea:70:
ef:64:51:50:87:8e:4f:c7:de:4a:5c:94:de:db:e0:
4c:be:27:7a:79:5b:73:87:d1:84:a0:4a:4d:01:15:
e7:ae:6c:43:35:d3:c2:f4:24:90:84:07:39:86:40:
2b:39:4f:60:34:38:5f:71:22:38:a0:da:b2:72:aa:
4d:78:f4:73:54:03:44:6e:39:83:f2:ad:b3:3e:a9:
d7:d6:f6:b5:e2:11:ce:a3:b1:35:93:cc:bf:64:20:
b9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D4:4B:DD:45:E4:EE:0E:8E:70:30:06:1F:B6:32:D4:FF:41:35:02
X509v3 Authority Key Identifier:
keyid:33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/GNRL3UXk7g6OcDAGH7Yy1P9BNQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.220.128.0/17
185.136.44.0/22
Signature Algorithm: sha256WithRSAEncryption
30:1e:37:29:54:ca:8c:24:57:82:53:b5:a6:19:02:99:e8:c6:
41:8d:d9:66:8d:71:71:cd:bc:56:9d:93:e4:1a:00:fc:d6:b0:
dc:1c:38:22:b9:0d:47:31:2b:39:88:45:b5:f8:67:e2:35:fd:
8a:24:ce:44:c2:d2:ee:ef:a7:a5:57:27:60:ab:ab:93:88:e8:
59:08:dc:ec:cb:c6:be:52:f3:29:09:a7:cc:10:b4:90:f5:dd:
40:3a:cf:eb:11:3e:e0:f7:0d:ac:21:bd:55:8c:23:4c:ec:23:
cd:86:6e:32:76:b0:07:82:ad:86:aa:6a:42:17:b2:94:44:bd:
fa:93:e0:a7:90:4e:8b:c5:ec:5c:72:70:7c:29:02:d1:81:9e:
57:bd:2f:66:9f:f2:a4:53:3d:08:84:12:2b:2f:75:68:4d:4c:
e3:7f:31:c1:21:a4:a3:89:d2:68:9d:6b:f1:9b:4c:0f:e9:f3:
a9:69:8c:a5:7c:21:72:0d:39:4e:17:ff:aa:69:2a:46:b0:80:
ff:08:8d:22:c3:12:a3:15:c4:c1:71:e1:80:9e:de:e5:81:a8:
a7:34:a1:0a:ad:43:0e:0b:03:12:c9:44:ad:e8:1c:54:c6:93:
8b:b4:0c:db:42:71:32:5e:74:28:8d:1a:35:24:01:28:d1:10:
93:6c:ff:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj2ATpmf7j8ZWrPYKRCSrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjIyMzQ0ZjI5ZTZiNjQyMGJmZWJjMzhiYjY3YTMwZjQ0
NTNmNzEwHhcNMjUwMTAxMjE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ0NGJkZDQ1ZTRlZTBlOGU3MDMwMDYxZmI2MzJkNGZmNDEzNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vLhpo8P2qTCErUtO/j5abwzC5ol
X4EGYmXWJG5dUOq0jrdujiZpmJtVv5jDpj7f7rdc+7Ujl3KaX7sCg+k9i1bcp3As
n/CvWQJrAVTIreo39H8pRE/sjYYhTr2uwCutm7nleVU/g0eV7AYXP+i8uKhwnFBU
FI7KyhaJ1xMT+wXmuu0fa0rhdU95fw+U76CY2ibLPBcI7jIDUvwc9SaHFfum6nDv
ZFFQh45Px95KXJTe2+BMvid6eVtzh9GEoEpNARXnrmxDNdPC9CSQhAc5hkArOU9g
NDhfcSI4oNqycqpNePRzVANEbjmD8q2zPqnX1va14hHOo7E1k8y/ZCC5IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBjUS91F5O4OjnAwBh+2MtT/QTUCMB8GA1UdIwQY
MBaAFDNiI0TynmtkIL/rw4u2ejD0RT9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTct
NmM2NjU4YmQ5NTJlLzEvR05STDNVWGs3ZzZPY0RBR0g3WXkxUDlCTlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTctNmM2NjU4YmQ5NTJl
LzEvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHpdyAAwQC
uYgsMA0GCSqGSIb3DQEBCwUAA4IBAQAwHjcpVMqMJFeCU7WmGQKZ6MZBjdlmjXFx
zbxWnZPkGgD81rDcHDgiuQ1HMSs5iEW1+GfiNf2KJM5EwtLu76elVydgq6uTiOhZ
CNzsy8a+UvMpCafMELSQ9d1AOs/rET7g9w2sIb1VjCNM7CPNhm4ydrAHgq2GqmpC
F7KURL36k+CnkE6LxexccnB8KQLRgZ5XvS9mn/KkUz0IhBIrL3VoTUzjfzHBIaSj
idJonWvxm0wP6fOpaYylfCFyDTlOF/+qaSpGsID/CI0iwxKjFcTBceGAnt7lgain
NKEKrUMOCwMSyUSt6BxUxpOLtAzbQnEyXnQojRo1JAEo0RCTbP+V
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:00:31 2025 by rpki-client