Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/GjUJtXzmRKM2Vtkil_fh95z7NdM.roa
File: GjUJtXzmRKM2Vtkil_fh95z7NdM.roa (raw, json)
Hash identifier: NJXWhpjg7woXcdhVu/ucxszei5ss2Dto0kjEgZT65S0=
Subject key identifier: 1A:35:09:B5:7C:E6:44:A3:36:56:D9:22:97:F7:E1:F7:9C:FB:35:D3
Certificate issuer: /CN=9532b4f2b47bbe1934a224081cc37f170d7248d2
Certificate serial: 019420682406C82AA82746DAC459666AA445
Authority key identifier: 95:32:B4:F2:B4:7B:BE:19:34:A2:24:08:1C:C3:7F:17:0D:72:48:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTK08rR7vhk0oiQIHMN_Fw1ySNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/GjUJtXzmRKM2Vtkil_fh95z7NdM.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12355
IP address blocks: 83.216.224.0/19 maxlen: 32
88.208.128.0/18 maxlen: 32
185.166.176.0/22 maxlen: 32
188.136.0.0/17 maxlen: 32
212.37.32.0/19 maxlen: 32
2001:14f0::/29 maxlen: 128
2001:14f0::/32 maxlen: 128
2001:14f1::/32 maxlen: 128
2001:14f2::/32 maxlen: 128
2001:14f3::/32 maxlen: 128
2001:14f4::/32 maxlen: 128
2001:14f5::/32 maxlen: 128
2001:14f6::/32 maxlen: 128
2001:14f7::/32 maxlen: 128
2001:14f7::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/lTK08rR7vhk0oiQIHMN_Fw1ySNI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/lTK08rR7vhk0oiQIHMN_Fw1ySNI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lTK08rR7vhk0oiQIHMN_Fw1ySNI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:24:06:c8:2a:a8:27:46:da:c4:59:66:6a:a4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9532b4f2b47bbe1934a224081cc37f170d7248d2
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a3509b57ce644a33656d92297f7e1f79cfb35d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b4:16:37:ed:3b:ac:70:a4:b3:f9:b6:f6:a6:
2a:63:26:95:fe:5e:1f:c8:28:a4:73:0f:25:a4:67:
86:7e:d3:f9:b2:49:76:1a:05:a9:2f:6e:54:dd:19:
96:5c:37:45:d6:8a:b2:ad:51:53:cd:53:5a:cf:f0:
e5:ed:92:a7:84:6b:bc:58:87:79:bf:16:c3:bd:d4:
cc:95:58:49:ed:6f:37:71:bb:25:c3:96:48:9d:2d:
f4:42:e0:dd:5a:03:99:bc:a1:96:f5:d5:1d:44:71:
9d:4f:06:9f:72:fc:04:dc:26:f4:e0:94:4e:88:bb:
6e:d5:69:23:56:52:b0:d1:b7:34:2a:5a:b4:0b:29:
1e:94:fb:32:32:82:16:0a:27:d9:2d:69:a7:2e:2d:
c0:cb:c5:7b:5a:28:8b:76:41:6b:83:4b:93:d4:30:
6f:ce:9c:5d:46:75:c4:d5:68:45:f6:7d:51:2e:f0:
44:78:45:e0:97:a8:94:71:7a:89:28:e4:f7:e5:fd:
33:77:94:fb:4f:4c:4e:04:58:3b:d3:6d:91:63:e3:
47:32:8b:47:be:33:96:90:6d:93:07:37:ac:c9:a2:
d8:13:72:31:3f:8d:be:d1:17:68:75:ae:bd:6b:0e:
9f:bc:a9:19:68:3a:bc:5c:52:1f:dc:c9:0b:4b:5c:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:35:09:B5:7C:E6:44:A3:36:56:D9:22:97:F7:E1:F7:9C:FB:35:D3
X509v3 Authority Key Identifier:
keyid:95:32:B4:F2:B4:7B:BE:19:34:A2:24:08:1C:C3:7F:17:0D:72:48:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTK08rR7vhk0oiQIHMN_Fw1ySNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/GjUJtXzmRKM2Vtkil_fh95z7NdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/124dd5-cab0-46ec-be67-42040df3b6af/1/lTK08rR7vhk0oiQIHMN_Fw1ySNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.216.224.0/19
88.208.128.0/18
185.166.176.0/22
188.136.0.0/17
212.37.32.0/19
IPv6:
2001:14f0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:e1:80:f0:fe:94:29:60:c2:0d:a7:c3:17:ad:72:f4:95:19:
e3:db:06:f9:b7:65:cb:58:58:9a:be:65:58:7f:cd:96:64:56:
a9:9b:3b:d5:53:48:18:6d:1b:1b:2c:c9:17:0a:a5:5e:b9:e7:
95:22:d4:b8:ab:46:87:0d:af:d5:ce:9c:89:4f:06:91:5c:91:
5f:bf:0f:b5:11:33:d0:db:08:d7:64:1a:78:78:4d:80:bd:80:
c2:a7:2c:9b:db:8a:d9:45:97:1e:df:81:5b:84:4b:c9:18:39:
22:e9:91:e3:0d:b7:21:d9:23:67:1c:7c:5c:ad:61:bb:9b:6b:
66:38:d5:e3:49:a6:69:37:a6:58:f9:7d:fa:a2:40:fc:96:9f:
83:38:5d:7c:ff:56:11:97:0d:a3:2d:fd:4a:4c:7f:2d:3f:f1:
fd:63:48:4c:0c:2b:be:0d:02:01:f2:23:31:3f:8f:47:e1:55:
5e:db:ac:1a:84:7d:55:5d:00:ed:0f:f8:7c:49:77:26:1f:fd:
65:bf:1f:9c:58:0a:d7:ef:d8:98:76:1a:ee:66:f7:80:b9:25:
24:f3:96:56:31:df:cd:0a:4d:33:1e:ac:cb:25:3a:b7:d3:b9:
86:33:19:da:f8:87:f8:99:50:9e:3e:7d:87:43:31:9b:5d:81:
45:b0:42:e7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQgaCQGyCqoJ0baxFlmaqRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MzJiNGYyYjQ3YmJlMTkzNGEyMjQwODFjYzM3ZjE3MGQ3
MjQ4ZDIwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM1MDliNTdjZTY0NGEzMzY1NmQ5MjI5N2Y3ZTFmNzljZmIzNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLQWN+07rHCks/m29qYqYyaV/l4f
yCikcw8lpGeGftP5skl2GgWpL25U3RmWXDdF1oqyrVFTzVNaz/Dl7ZKnhGu8WId5
vxbDvdTMlVhJ7W83cbslw5ZInS30QuDdWgOZvKGW9dUdRHGdTwafcvwE3Cb04JRO
iLtu1WkjVlKw0bc0Klq0CykelPsyMoIWCifZLWmnLi3Ay8V7WiiLdkFrg0uT1DBv
zpxdRnXE1WhF9n1RLvBEeEXgl6iUcXqJKOT35f0zd5T7T0xOBFg7022RY+NHMotH
vjOWkG2TBzesyaLYE3IxP42+0Rdoda69aw6fvKkZaDq8XFIf3MkLS1xbsQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBo1CbV85kSjNlbZIpf34fec+zXTMB8GA1UdIwQY
MBaAFJUytPK0e74ZNKIkCBzDfxcNckjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRLMDhyUjd2aGswb2lRSUhNTl9GdzF5U05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xMjRkZDUtY2FiMC00NmVjLWJlNjct
NDIwNDBkZjNiNmFmLzEvR2pVSnRYem1SS00yVnRraWxfZmg5NXo3TmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xMjRkZDUtY2FiMC00NmVjLWJlNjctNDIwNDBkZjNiNmFm
LzEvbFRLMDhyUjd2aGswb2lRSUhNTl9GdzF5U05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFU9jgAwQG
WNCAAwQCuaawAwQHvIgAAwQF1CUgMA0EAgACMAcDBQMgARTwMA0GCSqGSIb3DQEB
CwUAA4IBAQBt4YDw/pQpYMINp8MXrXL0lRnj2wb5t2XLWFiavmVYf82WZFapmzvV
U0gYbRsbLMkXCqVeueeVItS4q0aHDa/VzpyJTwaRXJFfvw+1ETPQ2wjXZBp4eE2A
vYDCpyyb24rZRZce34FbhEvJGDki6ZHjDbch2SNnHHxcrWG7m2tmONXjSaZpN6ZY
+X36okD8lp+DOF18/1YRlw2jLf1KTH8tP/H9Y0hMDCu+DQIB8iMxP49H4VVe26wa
hH1VXQDtD/h8SXcmH/1lvx+cWArX79iYdhruZveAuSUk85ZWMd/NCk0zHqzLJTq3
07mGMxna+If4mVCePn2HQzGbXYFFsELn
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:34 2025 by rpki-client