Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1gcm-AS2ChldFAR0NZaRHlV7J5s.roa
File: 1gcm-AS2ChldFAR0NZaRHlV7J5s.roa (raw, json)
Hash identifier: bBloVWekEoXBn7yAs6ZzPRlJADZAfRQs93BXj3tddBg=
Subject key identifier: D6:07:26:F8:04:B6:0A:19:5D:14:04:74:35:96:91:1E:55:7B:27:9B
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0197C7B2068F390EEEAB1D1DBD5FD0A29D7D
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1gcm-AS2ChldFAR0NZaRHlV7J5s.roa
Signing time: Tue 01 Jul 2025 20:33:42 +0000
ROA not before: Tue 01 Jul 2025 20:33:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55201
IP address blocks: 84.247.59.0/24 maxlen: 24
86.104.8.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
192.200.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:b2:06:8f:39:0e:ee:ab:1d:1d:bd:5f:d0:a2:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 1 20:33:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d60726f804b60a195d1404743596911e557b279b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8f:0b:89:80:a2:10:a3:45:2d:88:d8:e2:31:
4f:28:f3:29:2b:35:2c:9a:0c:db:fb:f3:0a:34:c0:
92:54:5d:57:49:d1:af:be:b7:e4:16:48:d2:2a:7d:
aa:2c:fb:0b:37:d6:55:75:29:88:35:b0:fa:0e:eb:
81:3f:35:76:d4:a1:f5:db:2b:f4:68:b4:47:15:43:
5f:70:44:aa:83:78:db:6d:51:a6:8e:fa:3b:bc:7f:
1e:e2:e4:35:95:4f:cd:fd:9a:0b:3d:67:6c:a1:64:
25:1f:a4:d4:ab:37:a2:f6:e7:18:51:db:bb:d1:b8:
de:ef:20:8e:cd:e5:7d:b1:5d:57:23:dd:b8:df:bf:
63:1c:8f:ee:34:7a:11:5c:ad:8a:74:40:f6:6c:b2:
4d:7b:47:90:16:65:61:69:ef:76:f2:30:32:df:a9:
67:63:68:63:4c:b3:a6:87:e9:a0:75:66:fe:27:69:
69:09:21:3d:9a:1a:2a:54:69:5d:85:48:c9:79:e0:
94:8c:73:5f:14:16:ac:00:4e:d0:24:b6:1d:47:62:
22:91:ad:be:d2:13:c0:84:c9:7b:91:b7:d5:c2:9b:
c7:6e:eb:82:99:bf:ef:58:2b:d3:38:41:35:97:cc:
8e:f4:46:42:3c:39:3f:3b:bb:8b:ab:80:27:99:5b:
a8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:07:26:F8:04:B6:0A:19:5D:14:04:74:35:96:91:1E:55:7B:27:9B
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1gcm-AS2ChldFAR0NZaRHlV7J5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.8.0/24
89.42.40.0/24
192.200.192.0/19
Signature Algorithm: sha256WithRSAEncryption
72:a8:bb:c1:42:47:c4:f3:ce:93:f7:6a:76:f9:9e:b3:ac:35:
34:40:68:28:76:73:28:cd:cd:5c:75:df:a1:00:c9:ea:da:b4:
9c:03:a3:61:bb:0d:f1:fe:2f:c2:90:f0:a2:c6:eb:06:a9:02:
a8:3e:c4:8e:d2:bc:09:b8:58:50:c0:3e:32:1b:16:53:ee:73:
d8:d6:e0:34:5e:0d:0c:8a:af:49:7e:b4:59:39:d2:d0:76:e9:
f6:ba:ff:7b:bc:44:ea:e7:24:30:01:5b:07:65:24:df:5e:93:
71:82:aa:d5:e9:e9:56:95:33:5c:a2:de:a7:f4:9b:2a:85:5f:
ae:d7:7f:c4:e4:48:7f:36:f1:d9:a1:e0:a4:e3:68:46:37:a3:
27:f7:77:60:f5:a7:ab:c4:be:a1:bc:e6:bc:dd:3e:54:b7:38:
66:31:08:97:aa:4e:f3:54:d1:c4:d4:49:cd:98:09:47:96:7f:
e8:12:e1:a0:0c:ab:b6:52:6b:24:7c:e0:84:83:e1:df:8a:bf:
1d:be:2a:44:04:ba:b7:aa:1f:b8:01:2a:14:91:48:27:71:7b:
72:e2:d1:58:ca:7b:96:ed:ac:08:74:93:77:3a:f7:98:90:1c:
e7:0e:ba:5e:c0:5d:27:f2:0b:86:bf:9e:cd:fe:49:f1:3c:22:
97:7d:1d:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfHsgaPOQ7uqx0dvV/Qop19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNzAxMjAzMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA3MjZmODA0YjYwYTE5NWQxNDA0NzQzNTk2OTExZTU1N2IyNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY8LiYCiEKNFLYjY4jFPKPMpKzUs
mgzb+/MKNMCSVF1XSdGvvrfkFkjSKn2qLPsLN9ZVdSmINbD6DuuBPzV21KH12yv0
aLRHFUNfcESqg3jbbVGmjvo7vH8e4uQ1lU/N/ZoLPWdsoWQlH6TUqzei9ucYUdu7
0bje7yCOzeV9sV1XI924379jHI/uNHoRXK2KdED2bLJNe0eQFmVhae928jAy36ln
Y2hjTLOmh+mgdWb+J2lpCSE9mhoqVGldhUjJeeCUjHNfFBasAE7QJLYdR2Iika2+
0hPAhMl7kbfVwpvHbuuCmb/vWCvTOEE1l8yO9EZCPDk/O7uLq4AnmVuoSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNYHJvgEtgoZXRQEdDWWkR5VeyebMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMWdjbS1BUzJDaGxkRkFSME5aYVJIbFY3SjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVPc7AwQA
VmgIAwQAWSooAwQFwMjAMA0GCSqGSIb3DQEBCwUAA4IBAQByqLvBQkfE886T92p2
+Z6zrDU0QGgodnMozc1cdd+hAMnq2rScA6Nhuw3x/i/CkPCixusGqQKoPsSO0rwJ
uFhQwD4yGxZT7nPY1uA0Xg0Miq9JfrRZOdLQdun2uv97vETq5yQwAVsHZSTfXpNx
gqrV6elWlTNcot6n9JsqhV+u13/E5Eh/NvHZoeCk42hGN6Mn93dg9aerxL6hvOa8
3T5UtzhmMQiXqk7zVNHE1EnNmAlHln/oEuGgDKu2UmskfOCEg+Hfir8dvipEBLq3
qh+4ASoUkUgncXty4tFYynuW7awIdJN3OveYkBznDrpewF0n8guGv57N/knxPCKX
fR31
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:08:58 2025 by rpki-client