Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/GZloKAlNjoz3XqCPEm1hG7NatS4.roa
File: GZloKAlNjoz3XqCPEm1hG7NatS4.roa (raw, json)
Hash identifier: 8eh4qVR8sPOLuprIgQpWCtpZheryazvSABEayh5f4b8=
Subject key identifier: 19:99:68:28:09:4D:8E:8C:F7:5E:A0:8F:12:6D:61:1B:B3:5A:B5:2E
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 019424448D30ABA18D8375AF27F6F3399170
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/GZloKAlNjoz3XqCPEm1hG7NatS4.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 145.219.8.0/24 maxlen: 24
145.219.9.0/24 maxlen: 24
145.219.10.0/24 maxlen: 24
145.219.11.0/24 maxlen: 24
145.219.12.0/24 maxlen: 24
145.219.13.0/24 maxlen: 24
145.219.14.0/24 maxlen: 24
145.219.15.0/24 maxlen: 24
145.219.16.0/24 maxlen: 24
145.219.17.0/24 maxlen: 24
2a04:b0c0::/45 maxlen: 45
2a04:b0c0:8::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8d:30:ab:a1:8d:83:75:af:27:f6:f3:39:91:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19996828094d8e8cf75ea08f126d611bb35ab52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:38:fa:db:49:77:b2:af:67:ff:e4:0c:b9:09:
a0:06:1c:47:f5:55:94:48:6b:6d:f3:4a:a5:26:57:
80:7b:24:e8:65:04:80:ca:af:2e:7d:cf:94:53:bf:
77:a5:e1:63:0d:c1:2d:fa:50:33:5b:e7:f5:42:6d:
de:10:94:eb:a0:36:67:23:3e:09:17:cd:d7:b7:a6:
9f:c0:8a:d1:aa:1b:96:3d:f2:6f:c9:6a:97:5f:bb:
e0:9e:e2:1a:a1:98:6f:47:d1:48:42:19:38:e3:9f:
26:da:3d:cd:a4:71:1a:a4:e3:88:3f:4f:51:6d:eb:
47:61:8a:61:66:3c:f5:44:11:cc:b2:72:72:37:f1:
38:d5:a1:09:ff:64:53:8c:92:2f:df:7a:f1:31:1b:
12:b4:12:64:53:c2:8b:87:73:81:3e:18:86:1f:7f:
fd:87:a8:90:e2:08:9a:0b:0e:df:7e:cd:14:5e:94:
60:83:11:0e:da:1c:f4:0b:59:3c:d3:1a:19:46:f2:
cf:d4:38:f3:68:8f:7a:3d:7e:e6:4d:ab:99:01:01:
85:fe:55:2a:50:10:ca:01:9e:b1:07:b2:c4:70:f7:
e0:02:0a:6c:39:79:68:47:f3:e8:3b:e8:cb:e8:fd:
22:4e:b6:fb:b2:b2:7d:82:4c:7e:63:ae:86:87:d3:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:99:68:28:09:4D:8E:8C:F7:5E:A0:8F:12:6D:61:1B:B3:5A:B5:2E
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/GZloKAlNjoz3XqCPEm1hG7NatS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.8.0-145.219.17.255
IPv6:
2a04:b0c0::/44
Signature Algorithm: sha256WithRSAEncryption
54:1c:cc:37:11:c3:90:79:a1:a8:9a:69:97:6e:0d:e0:cd:6b:
31:6b:84:cd:64:ab:0e:d4:d7:f7:f0:52:93:6d:2e:a7:44:29:
08:c0:00:b5:4f:b2:5d:f6:51:70:21:95:9a:76:fa:f9:0b:54:
47:22:c3:fe:2c:ee:cd:b9:29:f0:7d:39:61:f5:6e:e8:f5:b7:
2e:47:3d:8d:1e:28:78:ca:e6:16:b6:8f:70:00:bf:50:dd:04:
86:35:4e:e3:4a:12:c9:38:23:91:f2:85:42:5e:00:80:54:dd:
3a:1c:15:34:2d:bf:1b:7a:ac:3a:41:fd:3f:35:35:29:95:f2:
31:35:7b:1e:96:49:8b:97:0f:75:f1:53:fb:79:dd:12:27:82:
e2:ee:90:c1:c1:e3:7f:9e:51:d2:4e:e9:9c:8e:02:28:85:b3:
13:21:0c:f7:e0:b5:25:9b:36:dd:92:bb:70:ec:64:65:f4:de:
76:26:ea:de:b5:29:74:c1:76:3c:80:64:b8:ff:a4:1b:4a:b2:
c4:56:9a:4c:c7:13:47:ab:85:90:40:b5:20:ed:b3:84:11:fb:
03:bc:13:28:90:bd:33:6d:a3:25:4b:c8:0b:2f:cc:70:fe:96:
df:61:7c:66:dc:61:ec:1e:c5:16:b7:bc:9f:39:cd:4d:bf:0e:
a2:5f:51:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQkRI0wq6GNg3WvJ/bzOZFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk5NjgyODA5NGQ4ZThjZjc1ZWEwOGYxMjZkNjExYmIzNWFiNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Tj620l3sq9n/+QMuQmgBhxH9VWU
SGtt80qlJleAeyToZQSAyq8ufc+UU793peFjDcEt+lAzW+f1Qm3eEJTroDZnIz4J
F83Xt6afwIrRqhuWPfJvyWqXX7vgnuIaoZhvR9FIQhk4458m2j3NpHEapOOIP09R
betHYYphZjz1RBHMsnJyN/E41aEJ/2RTjJIv33rxMRsStBJkU8KLh3OBPhiGH3/9
h6iQ4giaCw7ffs0UXpRggxEO2hz0C1k80xoZRvLP1DjzaI96PX7mTauZAQGF/lUq
UBDKAZ6xB7LEcPfgAgpsOXloR/PoO+jL6P0iTrb7srJ9gkx+Y66Gh9PsJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmZaCgJTY6M916gjxJtYRuzWrUuMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvR1psb0tBbE5qb3ozWHFDUEVtMWhHN05hdFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAOR2wgD
BAGR2xAwDwQCAAIwCQMHBCoEsMAAADANBgkqhkiG9w0BAQsFAAOCAQEAVBzMNxHD
kHmhqJppl24N4M1rMWuEzWSrDtTX9/BSk20up0QpCMAAtU+yXfZRcCGVmnb6+QtU
RyLD/izuzbkp8H05YfVu6PW3Lkc9jR4oeMrmFraPcAC/UN0EhjVO40oSyTgjkfKF
Ql4AgFTdOhwVNC2/G3qsOkH9PzU1KZXyMTV7HpZJi5cPdfFT+3ndEieC4u6QwcHj
f55R0k7pnI4CKIWzEyEM9+C1JZs23ZK7cOxkZfTedibq3rUpdMF2PIBkuP+kG0qy
xFaaTMcTR6uFkEC1IO2zhBH7A7wTKJC9M22jJUvICy/McP6W32F8Ztxh7B7FFre8
nznNTb8Ool9Rfw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:34 2025 by rpki-client