Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/gke9BdDbXXpTpUVbz61tFK8Ltm8.roa
File: gke9BdDbXXpTpUVbz61tFK8Ltm8.roa (raw, json)
Hash identifier: Y8sMPcYCJQoktPdu1Oun8egw9U/WNPwFUrra8uvbkc0=
Subject key identifier: 82:47:BD:05:D0:DB:5D:7A:53:A5:45:5B:CF:AD:6D:14:AF:0B:B6:6F
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 0196FCD22EE2467D63993A783DBCDFAA11EF
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/gke9BdDbXXpTpUVbz61tFK8Ltm8.roa
Signing time: Fri 23 May 2025 11:05:55 +0000
ROA not before: Fri 23 May 2025 11:05:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 195.254.165.0/24 maxlen: 24
2a05:9080::/48 maxlen: 48
2a05:9080:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:d2:2e:e2:46:7d:63:99:3a:78:3d:bc:df:aa:11:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 23 11:05:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8247bd05d0db5d7a53a5455bcfad6d14af0bb66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e5:99:73:37:cb:6e:64:c4:20:c9:12:17:da:
1c:ed:bf:0b:08:bb:5f:7c:69:d7:57:c7:47:8a:a3:
67:93:47:c8:df:12:a0:40:41:62:61:c5:09:43:92:
d7:54:de:2e:3c:da:24:99:7e:54:77:d9:45:4c:46:
d2:06:2a:b4:86:70:0d:01:4b:7d:1c:a7:d2:18:7d:
90:9b:46:47:28:c6:60:73:02:47:77:89:61:70:4f:
03:ee:4a:e2:ce:74:98:84:1b:c5:b8:03:b9:4d:d5:
a1:c5:96:31:c4:d0:21:2e:79:cb:47:9b:e7:c1:12:
cb:e7:bb:e9:bd:76:69:09:e0:f5:9f:b2:73:d8:33:
e7:6a:2e:6a:fd:d7:ef:a5:c9:47:7e:4e:90:cb:f9:
d7:f4:d2:83:79:2f:73:17:08:6d:96:ca:23:93:60:
9f:9d:6b:9b:08:02:a8:0f:51:a9:f3:8d:93:8a:27:
89:66:ad:67:31:1f:47:a9:09:1c:e8:47:3f:05:b8:
f4:c0:29:cd:cc:24:e5:ef:cb:e4:b7:6f:59:84:93:
fd:05:12:f4:8c:a2:05:bd:3c:81:88:51:a7:73:f4:
26:92:e9:c0:30:16:5b:34:fd:96:e3:0d:db:96:57:
73:a6:93:62:d5:65:e9:80:f0:c6:bc:40:cc:91:07:
77:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:47:BD:05:D0:DB:5D:7A:53:A5:45:5B:CF:AD:6D:14:AF:0B:B6:6F
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/gke9BdDbXXpTpUVbz61tFK8Ltm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.165.0/24
IPv6:
2a05:9080::/48
2a05:9080:4::/48
Signature Algorithm: sha256WithRSAEncryption
48:8f:10:f2:ca:7b:48:fb:43:30:c3:78:3c:03:8f:80:7f:82:
cf:b1:6f:33:ff:82:32:5c:e1:a9:7d:94:e7:13:ed:47:21:18:
3c:ce:62:07:a8:13:0a:29:2b:9d:55:d2:75:57:f9:6f:94:b4:
a2:f0:fb:6f:96:d4:df:a0:4a:eb:6c:1b:34:f1:01:0c:a2:fa:
0d:6e:52:0c:70:19:de:cb:27:32:06:81:26:75:d6:ca:3b:88:
13:4e:44:92:89:cd:9e:0f:ce:51:f3:77:06:cd:a4:ae:d7:d9:
ce:fd:80:3a:2f:80:c6:66:d5:a9:67:db:7d:63:64:c4:50:26:
e9:5a:4d:8c:38:2e:a0:ec:2e:ec:fe:0e:6c:b0:5e:02:68:fd:
80:03:78:8c:2b:5a:f5:15:25:58:36:4a:23:36:9f:bd:f2:35:
6e:48:62:e5:cb:bc:cd:69:57:03:ce:ff:b4:16:50:69:28:e3:
ac:6b:cc:9b:a2:b1:7f:4a:b1:5e:74:35:f5:65:b4:39:70:4e:
38:a9:46:7b:fd:fe:f6:eb:17:f9:8c:27:c4:8a:89:7c:6e:07:
5c:34:27:21:63:14:7c:9e:6d:e9:73:da:8b:59:4c:2f:0b:cd:
20:53:67:75:a7:40:c5:df:a6:0c:f9:3f:be:c3:d4:0a:a9:fb:
6e:0c:07:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZb80i7iRn1jmTp4PbzfqhHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwNTIzMTEwNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ3YmQwNWQwZGI1ZDdhNTNhNTQ1NWJjZmFkNmQxNGFmMGJiNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeWZczfLbmTEIMkSF9oc7b8LCLtf
fGnXV8dHiqNnk0fI3xKgQEFiYcUJQ5LXVN4uPNokmX5Ud9lFTEbSBiq0hnANAUt9
HKfSGH2Qm0ZHKMZgcwJHd4lhcE8D7kriznSYhBvFuAO5TdWhxZYxxNAhLnnLR5vn
wRLL57vpvXZpCeD1n7Jz2DPnai5q/dfvpclHfk6Qy/nX9NKDeS9zFwhtlsojk2Cf
nWubCAKoD1Gp842TiieJZq1nMR9HqQkc6Ec/Bbj0wCnNzCTl78vkt29ZhJP9BRL0
jKIFvTyBiFGnc/QmkunAMBZbNP2W4w3blldzppNi1WXpgPDGvEDMkQd3nwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIJHvQXQ2116U6VFW8+tbRSvC7ZvMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvZ2tlOUJkRGJYWHBUcFVWYno2MXRGSzhMdG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAw/6lMBgE
AgACMBIDBwAqBZCAAAADBwAqBZCAAAQwDQYJKoZIhvcNAQELBQADggEBAEiPEPLK
e0j7QzDDeDwDj4B/gs+xbzP/gjJc4al9lOcT7UchGDzOYgeoEwopK51V0nVX+W+U
tKLw+2+W1N+gSutsGzTxAQyi+g1uUgxwGd7LJzIGgSZ11so7iBNORJKJzZ4PzlHz
dwbNpK7X2c79gDovgMZm1aln231jZMRQJulaTYw4LqDsLuz+DmywXgJo/YADeIwr
WvUVJVg2SiM2n73yNW5IYuXLvM1pVwPO/7QWUGko46xrzJuisX9KsV50NfVltDlw
TjipRnv9/vbrF/mMJ8SKiXxuB1w0JyFjFHyebelz2otZTC8LzSBTZ3WnQMXfpgz5
P77D1Aqp+24MB9A=
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:25:47 2025 by rpki-client