Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GlBIvLE2Z8tiyL49GTsQK7lduKE.roa
File: GlBIvLE2Z8tiyL49GTsQK7lduKE.roa (raw, json)
Hash identifier: vAajlG2r6hQ+KZ7fHzwW8mJ2HOGbuxr/gE8Vd94rXfU=
Subject key identifier: 1A:50:48:BC:B1:36:67:CB:62:C8:BE:3D:19:3B:10:2B:B9:5D:B8:A1
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019527520AE6860A7B639A1728BE32F34E03
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GlBIvLE2Z8tiyL49GTsQK7lduKE.roa
Signing time: Fri 21 Feb 2025 07:04:02 +0000
ROA not before: Fri 21 Feb 2025 07:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 2.56.136.0/24 maxlen: 24
194.32.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:0a:e6:86:0a:7b:63:9a:17:28:be:32:f3:4e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Feb 21 07:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a5048bcb13667cb62c8be3d193b102bb95db8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c0:d6:43:ed:dd:b8:5c:14:a5:30:f3:a2:ad:
22:11:15:f4:c5:d1:9c:a7:04:49:14:46:3e:8e:5c:
fc:9e:14:7d:c3:5f:ce:16:c5:8b:e3:35:11:4d:52:
68:4d:b6:c8:39:db:de:9d:b7:a4:2e:20:5e:70:46:
48:a5:53:67:c2:5d:60:3a:00:2b:ab:26:77:da:b0:
65:92:aa:36:bc:6d:3b:b4:35:64:48:b4:43:ee:18:
9f:66:a5:2b:e8:35:76:d1:0b:b9:f9:5f:18:1b:b3:
4b:63:8b:1b:52:11:10:20:bc:ea:a4:7f:2b:6a:92:
bf:71:a0:58:5f:17:95:78:f2:8a:87:63:c5:1d:93:
d8:ff:04:e2:f9:50:09:d6:1c:1a:3d:d7:3a:de:d5:
41:55:a6:fa:79:71:7d:be:a9:34:36:bd:da:af:4b:
96:51:cf:4d:d1:c9:05:43:48:5e:32:57:57:7f:1b:
bb:de:d1:e4:11:3b:82:e8:37:83:d5:ba:40:ef:31:
31:53:2f:32:d7:c3:c1:47:7c:f8:dc:bd:4f:dc:a4:
09:5d:9e:98:40:67:56:68:cb:89:02:3b:8d:f9:61:
d0:21:29:fa:ef:9e:06:82:45:52:50:c1:73:c2:0e:
b5:6b:a5:9d:ca:c1:67:58:78:f6:79:fa:a7:eb:28:
f8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:50:48:BC:B1:36:67:CB:62:C8:BE:3D:19:3B:10:2B:B9:5D:B8:A1
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GlBIvLE2Z8tiyL49GTsQK7lduKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.136.0/24
194.32.228.0/24
Signature Algorithm: sha256WithRSAEncryption
65:0c:1b:9a:5d:75:93:a9:6a:d7:b8:e0:ff:bf:65:78:50:34:
07:87:75:4c:ca:fc:15:98:a1:71:80:38:f2:1e:3c:90:62:47:
7e:f6:b5:4e:1f:ec:72:45:4d:cb:03:0d:e1:46:da:d4:e3:b2:
c7:a1:8a:7b:75:45:9a:1a:9c:48:ba:f9:43:af:bb:26:18:1a:
06:f6:e6:7a:5b:f3:ad:6a:f5:06:35:b6:88:66:d1:99:f0:72:
61:f3:7c:64:72:75:29:c8:ab:40:45:90:90:b0:a1:b5:16:c4:
cc:da:db:6d:43:9d:95:b2:0c:01:16:03:b5:e8:d9:33:64:06:
c2:89:a0:94:c5:bb:c1:63:58:77:c0:e5:c5:97:80:a2:98:cd:
a0:41:68:b0:30:05:11:b8:13:2b:59:5a:c9:9e:c8:fb:08:34:
98:34:34:76:8d:cb:56:53:4a:1d:34:e6:7c:a4:13:ca:bb:44:
d7:12:1b:2c:df:6b:e7:5e:66:d1:ae:f3:3f:90:9c:fc:2c:54:
18:d3:c4:30:8b:30:96:19:7f:c3:3f:c5:f4:df:bf:a4:9e:00:
b1:f7:5b:6a:51:c8:d2:93:1f:76:be:ec:0d:12:90:75:14:2f:
19:da:bd:3f:67:21:b9:08:90:05:70:85:c4:2b:ae:5f:bb:1a:
e8:57:78:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUnUgrmhgp7Y5oXKL4y804DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMjIxMDcwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUwNDhiY2IxMzY2N2NiNjJjOGJlM2QxOTNiMTAyYmI5NWRiOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsDWQ+3duFwUpTDzoq0iERX0xdGc
pwRJFEY+jlz8nhR9w1/OFsWL4zURTVJoTbbIOdvenbekLiBecEZIpVNnwl1gOgAr
qyZ32rBlkqo2vG07tDVkSLRD7hifZqUr6DV20Qu5+V8YG7NLY4sbUhEQILzqpH8r
apK/caBYXxeVePKKh2PFHZPY/wTi+VAJ1hwaPdc63tVBVab6eXF9vqk0Nr3ar0uW
Uc9N0ckFQ0heMldXfxu73tHkETuC6DeD1bpA7zExUy8y18PBR3z43L1P3KQJXZ6Y
QGdWaMuJAjuN+WHQISn6754GgkVSUMFzwg61a6WdysFnWHj2efqn6yj4TwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpQSLyxNmfLYsi+PRk7ECu5XbihMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvR2xCSXZMRTJaOHRpeUw0OUdUc1FLN2xkdUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjiIAwQA
wiDkMA0GCSqGSIb3DQEBCwUAA4IBAQBlDBuaXXWTqWrXuOD/v2V4UDQHh3VMyvwV
mKFxgDjyHjyQYkd+9rVOH+xyRU3LAw3hRtrU47LHoYp7dUWaGpxIuvlDr7smGBoG
9uZ6W/OtavUGNbaIZtGZ8HJh83xkcnUpyKtARZCQsKG1FsTM2tttQ52VsgwBFgO1
6NkzZAbCiaCUxbvBY1h3wOXFl4CimM2gQWiwMAURuBMrWVrJnsj7CDSYNDR2jctW
U0odNOZ8pBPKu0TXEhss32vnXmbRrvM/kJz8LFQY08QwizCWGX/DP8X037+kngCx
91tqUcjSkx92vuwNEpB1FC8Z2r0/ZyG5CJAFcIXEK65fuxroV3i0
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:32:34 2025 by rpki-client