Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/aGSLmvFLVXoIvh13M3Bc3T8RXCM.roa
File: aGSLmvFLVXoIvh13M3Bc3T8RXCM.roa (raw, json)
Hash identifier: dS9surSZvcmxnONCf51E9KFCQeozx73p7BXszsFgnWA=
Subject key identifier: 68:64:8B:9A:F1:4B:55:7A:08:BE:1D:77:33:70:5C:DD:3F:11:5C:23
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 0194A2A4080D40139C8914967A5AA94E86F4
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/aGSLmvFLVXoIvh13M3Bc3T8RXCM.roa
Signing time: Sun 26 Jan 2025 12:44:06 +0000
ROA not before: Sun 26 Jan 2025 12:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212077
IP address blocks: 195.234.80.0/24 maxlen: 24
2a13:7b40:1::/48 maxlen: 48
2a13:7b40:11::/48 maxlen: 48
2a13:7b40:a1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a2:a4:08:0d:40:13:9c:89:14:96:7a:5a:a9:4e:86:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: Jan 26 12:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68648b9af14b557a08be1d7733705cdd3f115c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:cd:2c:fc:f7:e5:2e:fa:2b:bb:63:62:10:
c7:f5:cc:21:11:19:6c:fd:a3:cb:e5:27:ec:eb:4f:
2f:d4:43:75:19:bb:bf:7c:d3:ba:44:32:c0:98:d2:
80:08:13:b0:76:5b:53:01:6a:18:2d:cb:76:8e:d3:
05:5e:cd:65:3e:31:b1:37:0e:6c:33:21:01:55:8b:
b8:fc:69:d2:18:42:af:67:a2:93:bc:19:52:7a:94:
8e:0d:fd:ea:2f:47:46:51:c0:90:fd:31:04:e1:99:
23:46:34:9a:8e:36:a2:11:57:95:e5:f1:d3:b2:e8:
60:da:07:f2:8b:6c:e5:6d:ba:15:4a:46:56:84:b4:
14:14:10:29:38:2f:be:0d:e5:1f:d5:f8:16:3e:b0:
f5:89:1b:17:90:fd:05:47:49:d3:15:aa:f0:8d:0a:
39:46:ea:51:60:f5:3c:0e:11:6d:98:27:fa:22:d5:
c8:a3:c7:0e:66:92:8d:c2:1e:ce:df:c2:5d:79:f2:
95:2b:8e:72:78:e5:c1:00:b9:84:b5:ce:5d:6f:24:
a6:47:c7:f1:17:97:41:db:f4:0b:5d:da:a1:b2:e9:
c9:06:2f:ac:2a:c3:3f:8e:61:24:45:53:0c:7d:1b:
6c:4d:70:f7:6a:b8:2c:0e:8f:64:ac:28:8d:1f:2c:
07:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:64:8B:9A:F1:4B:55:7A:08:BE:1D:77:33:70:5C:DD:3F:11:5C:23
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/aGSLmvFLVXoIvh13M3Bc3T8RXCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.80.0/24
IPv6:
2a13:7b40:1::/48
2a13:7b40:11::/48
2a13:7b40:a1::/48
Signature Algorithm: sha256WithRSAEncryption
3f:eb:1d:12:b5:75:bd:04:14:d0:f1:98:15:9e:80:48:97:11:
19:95:9e:03:a6:0d:03:9a:47:6e:21:cd:d3:15:6a:f8:11:bb:
6a:21:4b:d7:c0:5b:35:e9:74:09:e3:54:56:af:5d:75:c9:65:
e1:ed:be:f7:b8:c9:69:aa:27:96:72:73:2a:86:67:6e:0d:0e:
93:04:da:26:a8:b5:03:5e:34:10:dc:27:60:35:47:5b:5d:c7:
e5:5d:df:64:e9:5d:41:af:9c:bf:cd:2b:a8:1b:6f:76:26:27:
f9:37:ae:5e:55:66:d1:84:2e:90:49:49:2e:99:74:24:a2:7b:
84:3b:52:1b:8b:4a:91:70:a3:4a:80:b0:67:2a:b1:6f:81:2b:
8d:f9:75:9e:71:b1:95:9e:aa:54:7d:c4:a3:e2:05:32:6b:d6:
a8:00:7c:8f:0b:84:4b:66:8c:ce:2f:a2:73:63:6e:4e:15:a3:
0c:15:e1:4e:93:6c:d2:6c:d9:72:31:0b:48:85:d2:78:aa:a3:
71:dd:94:c1:2f:4d:65:11:88:16:a5:9e:31:17:83:1f:d6:93:
35:bc:dd:68:77:e3:a5:19:a9:f3:31:0c:61:e8:85:d8:82:06:
72:72:33:2f:78:e9:e3:f5:64:fe:06:7b:bf:7a:5c:91:2e:0d:
f1:b4:12:36
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZSipAgNQBOciRSWelqpTob0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjUwMTI2MTI0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY0OGI5YWYxNGI1NTdhMDhiZTFkNzczMzcwNWNkZDNmMTE1YzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3/NLPz35S76K7tjYhDH9cwhERls
/aPL5Sfs608v1EN1Gbu/fNO6RDLAmNKACBOwdltTAWoYLct2jtMFXs1lPjGxNw5s
MyEBVYu4/GnSGEKvZ6KTvBlSepSODf3qL0dGUcCQ/TEE4ZkjRjSajjaiEVeV5fHT
suhg2gfyi2zlbboVSkZWhLQUFBApOC++DeUf1fgWPrD1iRsXkP0FR0nTFarwjQo5
RupRYPU8DhFtmCf6ItXIo8cOZpKNwh7O38JdefKVK45yeOXBALmEtc5dbySmR8fx
F5dB2/QLXdqhsunJBi+sKsM/jmEkRVMMfRtsTXD3argsDo9krCiNHywHyQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGhki5rxS1V6CL4ddzNwXN0/EVwjMB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvYUdTTG12RkxWWG9JdmgxM00zQmMzVDhSWENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAw+pQMCEE
AgACMBsDBwAqE3tAAAEDBwAqE3tAABEDBwAqE3tAAKEwDQYJKoZIhvcNAQELBQAD
ggEBAD/rHRK1db0EFNDxmBWegEiXERmVngOmDQOaR24hzdMVavgRu2ohS9fAWzXp
dAnjVFavXXXJZeHtvve4yWmqJ5ZycyqGZ24NDpME2iaotQNeNBDcJ2A1R1tdx+Vd
32TpXUGvnL/NK6gbb3YmJ/k3rl5VZtGELpBJSS6ZdCSie4Q7UhuLSpFwo0qAsGcq
sW+BK435dZ5xsZWeqlR9xKPiBTJr1qgAfI8LhEtmjM4vonNjbk4VowwV4U6TbNJs
2XIxC0iF0niqo3HdlMEvTWURiBalnjEXgx/WkzW83Wh346UZqfMxDGHohdiCBnJy
My946eP1ZP4Ge796XJEuDfG0EjY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:23:46 2025 by rpki-client