Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/gm0FjeCIRrnMhU3d57SvCilXQ6Y.roa
File: gm0FjeCIRrnMhU3d57SvCilXQ6Y.roa (raw, json)
Hash identifier: uUS5qc0jED6lwxU3POQRNrHoJ8s1cSrD4ysUmIZNtjw=
Subject key identifier: 82:6D:05:8D:E0:88:46:B9:CC:85:4D:DD:E7:B4:AF:0A:29:57:43:A6
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 01942067F4DBB0F74E599CDE4F3CA93A046D
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/gm0FjeCIRrnMhU3d57SvCilXQ6Y.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48707
IP address blocks: 91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.238.137.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
2a0c:b40::/32 maxlen: 48
2a0c:b41::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f4:db:b0:f7:4e:59:9c:de:4f:3c:a9:3a:04:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=826d058de08846b9cc854ddde7b4af0a295743a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c6:6f:57:57:0f:09:ae:ee:6e:c9:66:90:33:
54:05:5b:cc:c6:99:21:13:75:97:9a:fa:19:70:3d:
06:b7:a7:a5:31:31:80:d8:e9:1c:be:2b:62:e9:79:
6d:23:54:36:24:6d:e7:38:04:c1:e9:8c:1d:ea:29:
48:42:09:ef:3d:e3:f9:7d:c2:f5:9b:8c:f8:73:7d:
48:69:35:2e:00:31:67:d3:4c:15:c7:34:a0:0e:41:
28:24:62:57:8d:63:6c:73:c5:03:35:58:e2:07:65:
50:fb:5f:c6:26:36:d9:a3:12:f7:f6:05:4f:9c:71:
5d:f3:25:8e:80:0f:f2:d0:2d:c0:bb:49:a2:92:7f:
9b:91:5f:ee:13:fc:97:e4:82:8c:35:1b:f2:82:1a:
7d:0c:55:d7:4a:75:79:6d:9c:e5:5c:dc:8f:23:35:
1d:34:d9:24:d6:4b:66:8d:5a:d1:b0:bf:05:06:11:
b4:fb:d9:4b:1e:7d:7f:82:21:57:89:d2:7d:e6:18:
28:f6:a1:aa:85:da:ef:ea:8d:de:f3:c9:ee:fa:9a:
54:42:90:5c:84:37:ac:00:13:d5:93:d4:a6:1e:a2:
44:96:4d:65:8f:98:97:d8:b5:5b:46:bf:28:cb:7d:
4a:c0:a2:e1:87:24:e0:93:8d:7f:3c:8b:df:ac:bf:
c5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6D:05:8D:E0:88:46:B9:CC:85:4D:DD:E7:B4:AF:0A:29:57:43:A6
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/gm0FjeCIRrnMhU3d57SvCilXQ6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.238.137.0/24
185.253.212.0/22
195.2.208.0/23
IPv6:
2a0c:b40::/31
Signature Algorithm: sha256WithRSAEncryption
88:ab:0e:43:0f:c9:ca:31:c9:0e:7c:ab:7c:df:d0:f7:73:cf:
ae:ac:2f:a8:a3:78:6c:7e:fb:51:66:df:cb:64:66:8c:88:59:
19:76:28:db:ac:d8:2c:51:7a:34:f7:9c:71:8c:00:0b:c1:48:
d0:7a:80:f5:58:c7:8d:c9:af:cc:9e:64:ab:a9:b3:87:d5:34:
df:4a:c8:b7:9e:ca:02:68:dd:07:96:73:d8:e0:0e:e2:6d:8c:
54:a5:4d:35:22:cd:2e:62:0e:cc:d2:d9:04:84:17:d6:30:89:
8c:c5:f1:6d:37:6b:87:ec:d9:01:04:2a:84:46:4f:e3:6b:a3:
44:65:9a:9d:80:ae:91:e0:50:63:81:a1:49:1a:de:c0:12:ed:
06:1a:28:0a:9a:2f:c3:89:6d:29:51:89:30:ae:07:89:9d:4f:
61:85:18:1a:2d:64:d2:a5:12:37:be:53:8d:27:62:ba:10:f7:
58:44:13:57:f5:c8:b1:93:28:00:3c:62:de:35:2f:a4:fc:b6:
c8:7d:e9:55:38:c9:b4:99:0e:17:c1:c4:2c:8b:0d:df:7d:fd:
a2:f1:0a:64:e2:54:3a:34:b0:a8:fd:0e:74:04:78:42:55:2e:
5f:0a:d2:dc:b1:9d:3f:92:78:70:4a:bf:d5:97:20:83:be:6a:
8a:6a:1f:32
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQgZ/TbsPdOWZzeTzypOgRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjZkMDU4ZGUwODg0NmI5Y2M4NTRkZGRlN2I0YWYwYTI5NTc0M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cZvV1cPCa7ubslmkDNUBVvMxpkh
E3WXmvoZcD0Gt6elMTGA2Okcviti6XltI1Q2JG3nOATB6Ywd6ilIQgnvPeP5fcL1
m4z4c31IaTUuADFn00wVxzSgDkEoJGJXjWNsc8UDNVjiB2VQ+1/GJjbZoxL39gVP
nHFd8yWOgA/y0C3Au0mikn+bkV/uE/yX5IKMNRvyghp9DFXXSnV5bZzlXNyPIzUd
NNkk1ktmjVrRsL8FBhG0+9lLHn1/giFXidJ95hgo9qGqhdrv6o3e88nu+ppUQpBc
hDesABPVk9SmHqJElk1lj5iX2LVbRr8oy31KwKLhhyTgk41/PIvfrL/F4wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIJtBY3giEa5zIVN3ee0rwopV0OmMB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvZ20wRmplQ0lScm5NaFUzZDU3U3ZDaWxYUTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBANb5sgD
BAFb5swDBAK57RwDBAC57okDBAK5/dQDBAHDAtAwDQQCAAIwBwMFASoMC0AwDQYJ
KoZIhvcNAQELBQADggEBAIirDkMPycoxyQ58q3zf0Pdzz66sL6ijeGx++1Fm38tk
ZoyIWRl2KNus2CxRejT3nHGMAAvBSNB6gPVYx43Jr8yeZKups4fVNN9KyLeeygJo
3QeWc9jgDuJtjFSlTTUizS5iDszS2QSEF9YwiYzF8W03a4fs2QEEKoRGT+Nro0Rl
mp2ArpHgUGOBoUka3sAS7QYaKAqaL8OJbSlRiTCuB4mdT2GFGBotZNKlEje+U40n
YroQ91hEE1f1yLGTKAA8Yt41L6T8tsh96VU4ybSZDhfBxCyLDd99/aLxCmTiVDo0
sKj9DnQEeEJVLl8K0tyxnT+SeHBKv9WXIIO+aopqHzI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:22 2025 by rpki-client