Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/gvJBtDmrBY4y1m9tVe-S6ndjy20.roa
File: gvJBtDmrBY4y1m9tVe-S6ndjy20.roa (raw, json)
Hash identifier: e9qz/rQIxQf43DTjLpdblCilaun5V9rCKHAnrG6oKJA=
Subject key identifier: 82:F2:41:B4:39:AB:05:8E:32:D6:6F:6D:55:EF:92:EA:77:63:CB:6D
Certificate issuer: /CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Certificate serial: 019421B1A4422CFC355020C55027E5D42490
Authority key identifier: 69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/gvJBtDmrBY4y1m9tVe-S6ndjy20.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 193.134.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 20:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a4:42:2c:fc:35:50:20:c5:50:27:e5:d4:24:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82f241b439ab058e32d66f6d55ef92ea7763cb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:6f:41:62:89:fd:23:b0:8e:f4:de:20:66:
9b:b1:11:0d:74:7e:4a:a7:54:eb:6f:63:d4:09:e5:
ac:2e:ac:72:0f:cd:ee:22:50:92:02:5f:ed:9d:40:
c8:40:3b:33:66:12:7c:ac:aa:10:3c:9f:77:74:65:
2f:88:a4:f0:43:24:dd:26:40:fe:d7:06:41:77:68:
23:5a:0b:42:8f:14:ba:06:c5:e0:f4:21:47:f4:ba:
c0:bd:b2:16:c1:54:33:2a:3c:a2:1e:17:3a:b9:31:
55:3c:d2:02:0e:30:cc:19:5b:7d:b9:d7:ba:d7:4c:
71:3e:0f:40:6b:45:c7:d0:34:9b:a4:7e:05:de:03:
37:29:8c:2d:81:f8:4e:3e:c1:2c:ef:4d:65:60:32:
04:6d:a8:5d:05:aa:04:29:76:25:4c:b5:3d:93:df:
4b:b1:4a:31:b3:ca:e9:5a:1a:c3:a2:70:cf:73:da:
2d:a5:71:e5:ad:81:77:82:da:6f:c5:58:77:e3:20:
a2:42:74:69:ad:2d:c1:9c:b5:20:78:9b:31:b3:ba:
e5:38:45:1c:bb:bb:8f:62:49:d0:23:e4:00:c5:e8:
bc:83:89:d2:57:80:0f:ea:27:14:b7:69:e3:77:25:
7e:e6:e2:4c:4a:71:bf:e7:14:29:61:8d:fc:28:b4:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F2:41:B4:39:AB:05:8E:32:D6:6F:6D:55:EF:92:EA:77:63:CB:6D
X509v3 Authority Key Identifier:
keyid:69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/gvJBtDmrBY4y1m9tVe-S6ndjy20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.200.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:1b:77:3e:f4:15:70:15:07:00:59:78:da:32:2a:af:f8:2e:
46:14:6c:1f:c1:5a:19:e9:dd:a5:74:18:ad:aa:c1:6e:21:7d:
17:f7:45:ce:73:b3:7e:5e:a0:4d:2d:ad:fa:c7:97:98:6b:97:
54:bc:35:76:93:87:03:ea:02:ef:49:94:2d:79:7f:01:dc:3c:
b6:1a:55:f5:19:3c:69:97:d7:27:f2:93:14:ca:d7:69:a3:f7:
f0:bc:f5:b0:16:0f:3f:9d:2d:08:22:44:1b:cf:4e:6c:e8:0b:
f4:47:3a:2c:5f:4e:ff:82:6e:92:e9:7e:8a:48:39:0f:bb:f6:
bf:44:e9:32:02:c5:82:b4:bf:3e:a4:66:9d:fd:9b:4e:c9:eb:
fb:56:37:84:e0:08:4c:e6:f6:64:09:7d:21:c5:0c:f9:c4:5d:
f1:da:a6:de:9a:6d:64:34:79:ac:57:49:23:87:66:01:25:c8:
c8:b6:73:78:d5:7a:c3:ee:25:12:ed:24:cb:e2:a8:6f:78:8d:
a8:e2:23:84:39:23:a9:db:5a:10:1f:16:a6:8c:81:c9:e2:eb:
d0:dc:b6:df:ff:94:7f:34:7f:ff:81:1f:50:d8:b2:08:0f:39:
2b:a2:53:34:64:fe:01:28:d7:2a:5a:1a:e2:15:8f:2b:5c:8d:
3e:71:fc:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaRCLPw1UCDFUCfl1CSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTUxZDQ0NWI3NjdhYjliNjYyNzcwMmU0YTJiMzkwNGQy
MDNmNzcwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYyNDFiNDM5YWIwNThlMzJkNjZmNmQ1NWVmOTJlYTc3NjNjYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovVvQWKJ/SOwjvTeIGabsRENdH5K
p1Trb2PUCeWsLqxyD83uIlCSAl/tnUDIQDszZhJ8rKoQPJ93dGUviKTwQyTdJkD+
1wZBd2gjWgtCjxS6BsXg9CFH9LrAvbIWwVQzKjyiHhc6uTFVPNICDjDMGVt9ude6
10xxPg9Aa0XH0DSbpH4F3gM3KYwtgfhOPsEs701lYDIEbahdBaoEKXYlTLU9k99L
sUoxs8rpWhrDonDPc9otpXHlrYF3gtpvxVh34yCiQnRprS3BnLUgeJsxs7rlOEUc
u7uPYknQI+QAxei8g4nSV4AP6icUt2njdyV+5uJMSnG/5xQpYY38KLQX2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILyQbQ5qwWOMtZvbVXvkup3Y8ttMB8GA1UdIwQY
MBaAFGmlHURbdnq5tmJ3AuSis5BNID93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDkt
NzA1MjBlYTc2MzY5LzEvZ3ZKQnREbXJCWTR5MW05dFZlLVM2bmRqeTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDktNzA1MjBlYTc2MzY5
LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYbIMA0G
CSqGSIb3DQEBCwUAA4IBAQDAG3c+9BVwFQcAWXjaMiqv+C5GFGwfwVoZ6d2ldBit
qsFuIX0X90XOc7N+XqBNLa36x5eYa5dUvDV2k4cD6gLvSZQteX8B3Dy2GlX1GTxp
l9cn8pMUytdpo/fwvPWwFg8/nS0IIkQbz05s6Av0RzosX07/gm6S6X6KSDkPu/a/
ROkyAsWCtL8+pGad/ZtOyev7VjeE4AhM5vZkCX0hxQz5xF3x2qbemm1kNHmsV0kj
h2YBJcjItnN41XrD7iUS7STL4qhveI2o4iOEOSOp21oQHxamjIHJ4uvQ3Lbf/5R/
NH//gR9Q2LIIDzkrolM0ZP4BKNcqWhriFY8rXI0+cfzv
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:24:17 2025 by rpki-client