Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/G_k9NL-0qSjxQ-N8gyE0UgbOo9M.roa
File: G_k9NL-0qSjxQ-N8gyE0UgbOo9M.roa (raw, json)
Hash identifier: sfKsed8cbHTfZnhsfNvOSJ3wM7bTV9Orf16wnTecseo=
Subject key identifier: 1B:F9:3D:34:BF:B4:A9:28:F1:43:E3:7C:83:21:34:52:06:CE:A3:D3
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01942068254DCAD6B0C6A5ECF708591856A5
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/G_k9NL-0qSjxQ-N8gyE0UgbOo9M.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200711
IP address blocks: 185.50.88.0/22 maxlen: 22
2a01:a7e0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:25:4d:ca:d6:b0:c6:a5:ec:f7:08:59:18:56:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bf93d34bfb4a928f143e37c8321345206cea3d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:21:8c:cb:e0:8d:3d:1d:5f:13:25:fe:3f:
1e:2a:10:17:3c:98:30:c3:5c:22:15:10:9c:5d:ab:
bc:0c:7a:ec:92:d3:8f:cc:04:86:21:e2:55:50:21:
00:bd:11:cb:2a:1e:e1:f4:a3:b2:6c:73:14:53:a8:
14:5a:2b:d6:b8:6f:7c:f9:76:67:04:b8:a5:8e:d9:
6d:f2:25:74:d6:05:87:5d:62:84:66:51:be:b0:02:
43:59:a6:88:1c:fb:e6:38:f5:83:cb:6f:68:d8:37:
75:64:3c:21:5e:65:7d:f2:11:c7:a7:1d:59:96:b5:
03:3e:23:43:6c:c9:7c:22:58:08:21:8d:9e:55:ff:
fe:bf:25:42:d1:55:ec:48:3d:6f:70:f5:c2:ef:94:
aa:04:71:00:1f:6b:1d:d2:e3:ea:ea:10:47:fd:01:
5a:e9:1c:1e:b6:e9:9d:e4:d5:0c:0f:9d:45:ab:8a:
47:bb:68:90:17:f6:01:dc:b1:66:ac:ba:0f:6f:a4:
40:ef:94:6f:30:ec:f6:49:5c:7d:0b:34:73:e0:5a:
9a:61:44:dd:d4:d2:98:30:93:c2:46:2b:80:4f:f4:
ea:ae:05:83:54:47:70:a0:e7:d1:b3:d9:34:15:bd:
8e:0e:62:46:90:6b:fd:6a:03:d1:d8:30:49:fd:f3:
de:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F9:3D:34:BF:B4:A9:28:F1:43:E3:7C:83:21:34:52:06:CE:A3:D3
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/G_k9NL-0qSjxQ-N8gyE0UgbOo9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.88.0/22
IPv6:
2a01:a7e0::/36
Signature Algorithm: sha256WithRSAEncryption
35:b5:54:13:54:e4:51:cd:c2:e3:79:03:19:bd:2d:21:63:a4:
78:3b:2c:4d:db:f8:2e:03:50:e8:06:e0:09:ac:9e:07:38:b9:
f6:2f:13:bb:72:48:1b:ff:11:f8:09:53:11:af:34:39:ee:6c:
4e:36:f9:b8:c8:8b:be:c9:6f:3a:05:bd:76:d9:7e:b7:ba:a8:
95:03:e5:c9:0d:43:64:9c:fa:d8:ed:d6:f8:32:93:e7:4a:ab:
cb:c6:dc:72:c5:15:40:b0:a2:e0:84:4e:b1:7c:7e:b4:50:fb:
64:ce:79:c6:2a:a5:3a:bf:30:83:68:54:7d:a1:08:16:a7:c2:
25:09:68:1e:63:12:43:43:fd:fe:e2:c1:ef:a2:5d:a0:78:4b:
d7:a9:ff:e3:d4:c2:f7:97:e3:fa:55:4d:6f:83:14:ce:4e:e2:
1e:62:e2:0f:66:30:6c:e5:3b:3c:09:db:4b:ed:03:db:3e:c2:
84:86:07:37:e1:eb:52:f5:4b:df:43:53:1f:88:93:e6:b9:0d:
10:15:6f:26:fb:8f:06:39:59:17:a9:47:7c:d7:1a:ce:6e:1b:
fc:6f:96:01:24:7a:33:a7:d6:34:09:f9:8e:2a:b5:5d:99:66:
7b:75:1b:71:65:f8:d6:df:68:5f:3f:68:d9:ea:8f:19:f1:f7:
49:69:1b:0f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQgaCVNytawxqXs9whZGFalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY5M2QzNGJmYjRhOTI4ZjE0M2UzN2M4MzIxMzQ1MjA2Y2VhM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/UhjMvgjT0dXxMl/j8eKhAXPJgw
w1wiFRCcXau8DHrsktOPzASGIeJVUCEAvRHLKh7h9KOybHMUU6gUWivWuG98+XZn
BLiljtlt8iV01gWHXWKEZlG+sAJDWaaIHPvmOPWDy29o2Dd1ZDwhXmV98hHHpx1Z
lrUDPiNDbMl8IlgIIY2eVf/+vyVC0VXsSD1vcPXC75SqBHEAH2sd0uPq6hBH/QFa
6Rwetumd5NUMD51Fq4pHu2iQF/YB3LFmrLoPb6RA75RvMOz2SVx9CzRz4FqaYUTd
1NKYMJPCRiuAT/TqrgWDVEdwoOfRs9k0Fb2ODmJGkGv9agPR2DBJ/fPesQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBv5PTS/tKko8UPjfIMhNFIGzqPTMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvR19rOU5MLTBxU2p4US1OOGd5RTBVZ2JPbzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuTJYMA4E
AgACMAgDBgQqAafgADANBgkqhkiG9w0BAQsFAAOCAQEANbVUE1TkUc3C43kDGb0t
IWOkeDssTdv4LgNQ6AbgCayeBzi59i8Tu3JIG/8R+AlTEa80Oe5sTjb5uMiLvslv
OgW9dtl+t7qolQPlyQ1DZJz62O3W+DKT50qry8bccsUVQLCi4IROsXx+tFD7ZM55
xiqlOr8wg2hUfaEIFqfCJQloHmMSQ0P9/uLB76JdoHhL16n/49TC95fj+lVNb4MU
zk7iHmLiD2YwbOU7PAnbS+0D2z7ChIYHN+HrUvVL30NTH4iT5rkNEBVvJvuPBjlZ
F6lHfNcazm4b/G+WASR6M6fWNAn5jiq1XZlme3UbcWX41t9oXz9o2eqPGfH3SWkb
Dw==
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:55 2025 by rpki-client