Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/G5pTEUK3mSWPaol-JhqZmDFdXKE.roa
File: G5pTEUK3mSWPaol-JhqZmDFdXKE.roa (raw, json)
Hash identifier: a7gO50ZmyEH4YVpF99U8sG+ggdEjj1JWwWgIktNnEz8=
Subject key identifier: 1B:9A:53:11:42:B7:99:25:8F:6A:89:7E:26:1A:99:98:31:5D:5C:A1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CAAE1067F38B5E731FE187E7E8000
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/G5pTEUK3mSWPaol-JhqZmDFdXKE.roa
Signing time: Wed 01 Jan 2025 01:48:19 +0000
ROA not before: Wed 01 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47507
IP address blocks: 86.105.234.0/24 maxlen: 24
185.43.252.0/22 maxlen: 24
193.91.0.0/24 maxlen: 24
193.91.10.0/24 maxlen: 24
212.104.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:aa:e1:06:7f:38:b5:e7:31:fe:18:7e:7e:80:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b9a531142b799258f6a897e261a9998315d5ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:75:6e:3e:09:ee:72:78:23:e7:5d:de:73:
ad:09:31:60:b3:60:da:26:22:eb:9a:86:71:b9:55:
0d:5a:62:d9:72:ae:5a:2e:fb:1f:75:d5:7f:11:0f:
bd:a4:d6:96:66:ed:57:20:d8:a6:a6:08:2c:ab:cc:
ea:96:48:d0:28:b9:c7:77:f4:5a:cc:c4:93:3f:ae:
16:02:f6:c0:a4:11:80:78:69:ef:fd:b4:3d:9e:90:
8d:32:db:d6:74:92:5c:88:25:1f:1a:a6:38:79:1c:
bb:1a:d1:79:8d:ae:14:df:c2:e5:78:78:3b:52:9e:
df:eb:3f:19:86:df:1d:20:d4:27:f6:8f:0f:be:28:
d3:11:2a:cc:59:eb:81:f7:99:48:a8:1c:4f:d1:38:
9b:56:14:ba:e3:94:79:7b:39:f8:67:9c:01:44:9f:
8e:05:ca:78:21:08:d0:06:da:53:a6:50:0c:c7:45:
8d:cc:40:c2:1f:7d:02:b0:6c:34:b5:d2:f3:b8:78:
2c:6b:40:84:b1:87:50:ea:12:f5:fd:85:f7:b6:ae:
a9:c5:6c:f7:93:bb:7a:30:a2:ab:b7:27:08:2a:14:
e1:1e:54:68:8e:9f:14:c0:c7:b7:1b:12:44:2b:6a:
c6:56:6e:d4:f2:ec:54:49:07:1b:1c:47:87:4a:d5:
f9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9A:53:11:42:B7:99:25:8F:6A:89:7E:26:1A:99:98:31:5D:5C:A1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/G5pTEUK3mSWPaol-JhqZmDFdXKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.234.0/24
185.43.252.0/22
193.91.0.0/24
193.91.10.0/24
212.104.160.0/19
Signature Algorithm: sha256WithRSAEncryption
35:12:d0:92:9f:66:f2:a7:be:e0:41:24:50:20:ea:f7:09:40:
38:c6:44:25:13:6f:87:df:52:c5:31:27:18:23:0f:51:d3:0c:
bb:4c:86:c8:32:e6:fe:88:e6:c2:36:8a:78:76:83:37:2c:3a:
23:c8:6e:8b:d8:5f:52:50:e4:5b:a0:9d:a1:6f:1b:9c:73:d0:
96:f4:06:6e:dc:72:d5:6a:96:92:b8:8f:e2:bc:0c:00:86:bc:
48:08:a7:89:f7:6d:bb:1c:f5:ed:74:a8:d8:de:b4:a9:c0:9a:
4f:90:b3:ed:77:03:aa:18:bc:92:5f:46:da:74:3a:fc:c4:67:
8d:37:2c:70:ce:6a:c2:29:84:e9:09:d7:63:1c:2f:08:f9:52:
9e:39:cb:ca:23:3b:d3:b3:d0:eb:a6:e2:6e:cc:44:fc:76:4c:
b6:24:b8:11:20:c3:3f:5e:cd:7f:a1:d0:7b:e6:cc:9b:80:80:
61:59:d3:c2:f8:9a:32:eb:c6:25:cf:ea:f1:e4:66:dc:cb:88:
67:f2:5a:18:27:cd:ea:04:e1:67:f4:5a:87:3b:6e:90:f4:26:
b5:0c:a9:e7:5f:b6:a9:9e:88:98:13:e3:08:98:b5:34:eb:0d:
31:c4:ab:8d:26:0e:ef:4b:5c:67:4d:e6:64:22:ca:75:de:9c:
52:d3:22:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjKrhBn84tecx/hh+foAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjlhNTMxMTQyYjc5OTI1OGY2YTg5N2UyNjFhOTk5ODMxNWQ1Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1F1bj4J7nJ4I+dd3nOtCTFgs2Da
JiLrmoZxuVUNWmLZcq5aLvsfddV/EQ+9pNaWZu1XINimpggsq8zqlkjQKLnHd/Ra
zMSTP64WAvbApBGAeGnv/bQ9npCNMtvWdJJciCUfGqY4eRy7GtF5ja4U38LleHg7
Up7f6z8Zht8dINQn9o8PvijTESrMWeuB95lIqBxP0TibVhS645R5ezn4Z5wBRJ+O
Bcp4IQjQBtpTplAMx0WNzEDCH30CsGw0tdLzuHgsa0CEsYdQ6hL1/YX3tq6pxWz3
k7t6MKKrtycIKhThHlRojp8UwMe3GxJEK2rGVm7U8uxUSQcbHEeHStX5pQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBuaUxFCt5klj2qJfiYamZgxXVyhMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvRzVwVEVVSzNtU1dQYW9sLUpocVptREZkWEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmnqAwQC
uSv8AwQAwVsAAwQAwVsKAwQF1GigMA0GCSqGSIb3DQEBCwUAA4IBAQA1EtCSn2by
p77gQSRQIOr3CUA4xkQlE2+H31LFMScYIw9R0wy7TIbIMub+iObCNop4doM3LDoj
yG6L2F9SUORboJ2hbxucc9CW9AZu3HLVapaSuI/ivAwAhrxICKeJ9227HPXtdKjY
3rSpwJpPkLPtdwOqGLySX0badDr8xGeNNyxwzmrCKYTpCddjHC8I+VKeOcvKIzvT
s9DrpuJuzET8dky2JLgRIMM/Xs1/odB75sybgIBhWdPC+Joy68Ylz+rx5Gbcy4hn
8loYJ83qBOFn9FqHO26Q9Ca1DKnnX7apnoiYE+MImLU06w0xxKuNJg7vS1xnTeZk
Isp13pxS0yJ9
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:57 2025 by rpki-client