Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/GDkJM0lrFwKj0pA-1b6WqbIKy5U.roa
File: GDkJM0lrFwKj0pA-1b6WqbIKy5U.roa (raw, json)
Hash identifier: AJLBt3MjV7p+Y7RRJ8TCQIrAHHyRPR0203cHSf77IXw=
Subject key identifier: 18:39:09:33:49:6B:17:02:A3:D2:90:3E:D5:BE:96:A9:B2:0A:CB:95
Certificate issuer: /CN=6e489fe1c7e20a0b0c63842c45c16c57631785d3
Certificate serial: 01942368F4CDB592E6FC40B57FC536C1A39B
Authority key identifier: 6E:48:9F:E1:C7:E2:0A:0B:0C:63:84:2C:45:C1:6C:57:63:17:85:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/GDkJM0lrFwKj0pA-1b6WqbIKy5U.roa
Signing time: Wed 01 Jan 2025 19:47:48 +0000
ROA not before: Wed 01 Jan 2025 19:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34958
IP address blocks: 193.43.215.0/24 maxlen: 24
193.189.147.0/24 maxlen: 24
2001:67c:25e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f4:cd:b5:92:e6:fc:40:b5:7f:c5:36:c1:a3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e489fe1c7e20a0b0c63842c45c16c57631785d3
Validity
Not Before: Jan 1 19:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18390933496b1702a3d2903ed5be96a9b20acb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:91:53:ee:c9:a9:2d:e9:ef:d8:8f:8d:3f:
02:ba:c8:c0:cc:d5:91:5a:2b:43:a9:5e:46:ee:d2:
71:41:25:75:84:22:6b:2b:04:1d:a4:0f:e9:c7:d6:
ac:22:49:17:97:f1:1d:e7:00:77:b0:9a:ae:42:8e:
4d:0b:ea:03:ef:3d:83:0f:26:71:0c:5f:0a:5e:0a:
d9:01:e0:c2:33:06:b7:8e:89:94:68:0c:ff:3e:a7:
dd:96:4d:a7:86:5d:c0:a9:2b:35:95:6c:ab:76:73:
46:0f:15:29:77:c9:b8:dd:86:f2:cb:7d:f0:23:fe:
2c:f0:61:a7:51:7a:27:92:fb:12:0a:f9:b5:82:e3:
10:13:92:43:8a:42:12:99:38:62:56:31:20:bc:d2:
17:59:a1:b0:ce:bd:70:29:9f:c5:93:e4:fc:d9:0c:
95:bf:e1:84:38:b9:16:01:d5:6c:88:ab:a7:6a:1c:
ce:38:ce:4f:2e:f8:b8:52:f2:cd:a9:8e:17:76:fa:
01:b7:e6:ed:3e:78:25:66:bf:10:f6:91:65:c8:94:
cf:5c:29:27:73:f9:70:7b:81:0c:0c:ec:c5:0c:8a:
9a:df:f1:b2:a1:65:fa:b6:5e:1b:ec:5d:b4:26:16:
aa:f4:38:38:8a:c6:79:fa:7f:4f:55:eb:cd:ce:91:
cd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:39:09:33:49:6B:17:02:A3:D2:90:3E:D5:BE:96:A9:B2:0A:CB:95
X509v3 Authority Key Identifier:
keyid:6E:48:9F:E1:C7:E2:0A:0B:0C:63:84:2C:45:C1:6C:57:63:17:85:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkif4cfiCgsMY4QsRcFsV2MXhdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/GDkJM0lrFwKj0pA-1b6WqbIKy5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/f84198-2bdb-447d-8722-d8869311499a/1/bkif4cfiCgsMY4QsRcFsV2MXhdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.215.0/24
193.189.147.0/24
IPv6:
2001:67c:25e8::/48
Signature Algorithm: sha256WithRSAEncryption
62:7f:0e:25:0f:1c:5b:d7:02:2d:82:5e:1e:f5:e6:a4:a1:7d:
c4:f1:21:b3:28:93:cd:9f:de:c5:3e:3f:ae:9a:1b:47:3d:8f:
1b:7f:e8:69:19:65:5d:5a:0f:ae:8f:82:86:cf:71:49:a9:d4:
00:39:4a:3b:fd:f1:fa:40:a6:35:4a:3e:5e:91:3b:47:22:96:
f8:b1:8a:39:6b:2e:c4:ee:b6:eb:5b:cb:84:3f:d8:4d:97:75:
83:67:18:70:dd:5f:53:c6:fb:af:6b:a3:d9:60:14:5d:7a:5b:
16:1c:c7:2c:93:1c:57:91:07:9e:46:6d:a8:bb:71:7a:04:79:
5a:ca:f5:f3:ce:65:f8:9b:a9:45:9e:46:1a:da:e4:c1:de:f0:
aa:90:97:9f:09:88:f2:3e:3c:09:63:bb:a0:16:89:f5:6e:d8:
a0:70:d9:31:80:e5:23:6c:cb:96:65:45:f0:3d:c5:06:9e:2c:
45:76:46:94:92:d4:5d:5c:85:12:fa:67:9a:b6:a4:1d:ae:91:
e9:f5:29:47:79:d0:92:e2:61:ee:17:9d:8b:df:08:3e:80:5c:
2d:b0:62:9d:72:54:5c:c9:02:bb:ec:3b:89:91:74:24:2b:71:
68:ea:cc:58:69:49:e2:27:77:e4:58:36:95:c3:8b:02:62:2b:
ce:35:26:60
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaPTNtZLm/EC1f8U2waObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDg5ZmUxYzdlMjBhMGIwYzYzODQyYzQ1YzE2YzU3NjMx
Nzg1ZDMwHhcNMjUwMTAxMTk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM5MDkzMzQ5NmIxNzAyYTNkMjkwM2VkNWJlOTZhOWIyMGFjYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuORU+7JqS3p79iPjT8CusjAzNWR
WitDqV5G7tJxQSV1hCJrKwQdpA/px9asIkkXl/Ed5wB3sJquQo5NC+oD7z2DDyZx
DF8KXgrZAeDCMwa3jomUaAz/Pqfdlk2nhl3AqSs1lWyrdnNGDxUpd8m43Ybyy33w
I/4s8GGnUXonkvsSCvm1guMQE5JDikISmThiVjEgvNIXWaGwzr1wKZ/Fk+T82QyV
v+GEOLkWAdVsiKunahzOOM5PLvi4UvLNqY4XdvoBt+btPnglZr8Q9pFlyJTPXCkn
c/lwe4EMDOzFDIqa3/GyoWX6tl4b7F20Jhaq9Dg4isZ5+n9PVevNzpHNWQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBg5CTNJaxcCo9KQPtW+lqmyCsuVMB8GA1UdIwQY
MBaAFG5In+HH4goLDGOELEXBbFdjF4XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtpZjRjZmlDZ3NNWTRRc1JjRnNWMk1YaGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9mODQxOTgtMmJkYi00NDdkLTg3MjIt
ZDg4NjkzMTE0OTlhLzEvR0RrSk0wbHJGd0tqMHBBLTFiNldxYklLeTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9mODQxOTgtMmJkYi00NDdkLTg3MjItZDg4NjkzMTE0OTlh
LzEvYmtpZjRjZmlDZ3NNWTRRc1JjRnNWMk1YaGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwSvXAwQA
wb2TMA8EAgACMAkDBwAgAQZ8JegwDQYJKoZIhvcNAQELBQADggEBAGJ/DiUPHFvX
Ai2CXh715qShfcTxIbMok82f3sU+P66aG0c9jxt/6GkZZV1aD66PgobPcUmp1AA5
Sjv98fpApjVKPl6RO0cilvixijlrLsTututby4Q/2E2XdYNnGHDdX1PG+69ro9lg
FF16WxYcxyyTHFeRB55Gbai7cXoEeVrK9fPOZfibqUWeRhra5MHe8KqQl58JiPI+
PAlju6AWifVu2KBw2TGA5SNsy5ZlRfA9xQaeLEV2RpSS1F1chRL6Z5q2pB2uken1
KUd50JLiYe4XnYvfCD6AXC2wYp1yVFzJArvsO4mRdCQrcWjqzFhpSeInd+RYNpXD
iwJiK841JmA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:56:24 2025 by rpki-client