Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/G0GwBydSPn5Ldv-qzNm6sqeVlvQ.roa
File: G0GwBydSPn5Ldv-qzNm6sqeVlvQ.roa (raw, json)
Hash identifier: BCs7qy8dtO+z18P6D+fvtIpIut2Pr3IxWHgPCivVd8U=
Subject key identifier: 1B:41:B0:07:27:52:3E:7E:4B:76:FF:AA:CC:D9:BA:B2:A7:95:96:F4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222036518AF11E2C786F504EDAA810BF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/G0GwBydSPn5Ldv-qzNm6sqeVlvQ.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200017
IP address blocks: 176.125.249.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:36:51:8a:f1:1e:2c:78:6f:50:4e:da:a8:10:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b41b00727523e7e4b76ffaaccd9bab2a79596f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f4:69:65:90:0e:b2:d9:35:55:81:13:cc:25:
56:a2:69:09:ec:97:13:98:64:38:49:c3:a4:82:7b:
10:41:c0:1f:ce:48:d7:15:30:4d:a9:a7:95:f8:0e:
fb:1b:19:49:80:34:17:b3:da:ba:1a:c4:39:64:85:
29:bd:75:79:ff:23:f8:29:8d:1f:b4:bf:77:c6:3b:
03:fd:a0:44:89:e1:c1:ca:2d:aa:21:a9:fb:5b:a3:
11:07:a1:ae:26:84:a5:c3:ea:b9:93:3a:5f:bf:a9:
9d:58:d5:08:8e:09:5d:83:b6:2b:64:e8:9c:ed:11:
0e:0f:97:58:8b:09:28:98:98:e6:cd:10:a5:85:53:
3e:d6:e3:89:10:e2:cd:05:f9:b7:71:2f:82:89:10:
ae:4e:da:bd:e2:af:ca:ca:83:07:0f:06:53:f2:9c:
25:6a:49:1a:4f:2a:63:0f:70:cc:13:13:b6:ee:e7:
3d:63:af:82:cc:97:5a:b3:2d:21:2b:31:76:40:65:
9f:02:a2:2d:d3:d4:5e:f3:03:f3:1d:fd:e2:f6:8d:
cb:f5:88:50:fc:5b:8e:eb:f6:a0:54:54:3b:df:84:
9a:be:b6:40:81:04:11:a8:c5:7d:f8:82:72:7f:3e:
8b:bf:1a:68:df:15:e9:67:de:4d:7f:90:c9:f4:ca:
72:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:41:B0:07:27:52:3E:7E:4B:76:FF:AA:CC:D9:BA:B2:A7:95:96:F4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/G0GwBydSPn5Ldv-qzNm6sqeVlvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.249.0/24
185.126.83.0/24
185.214.100.0/24
185.228.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:20:2b:9e:88:17:cd:c1:e9:48:48:ba:11:66:09:e6:10:fa:
f4:48:e4:58:d3:75:03:de:bb:8b:47:99:4c:de:75:1a:09:e7:
85:08:21:c0:33:f3:6a:ba:79:ff:b4:80:f8:a5:8a:ed:a1:da:
b1:eb:9f:32:88:0d:66:12:5c:5c:c7:1e:6e:35:ee:77:46:51:
96:94:6b:c8:87:2d:0b:8f:1b:6a:ba:f7:a7:55:7a:f2:18:fb:
34:90:8d:97:f4:3a:19:5d:c1:9e:58:2e:d3:e7:9d:b8:e6:bc:
7c:c0:d9:71:47:00:7c:59:25:ff:e7:e0:9a:07:9e:b6:78:ae:
fd:19:81:2d:6a:57:7c:69:cf:5d:0c:bd:05:19:93:59:19:00:
d0:0d:86:fa:7d:d7:9a:af:8e:55:18:9f:39:81:71:3a:b8:35:
14:96:4f:fd:ff:f7:c3:d6:08:2e:94:62:6c:31:7a:41:ba:34:
e5:4b:f2:b1:cb:6d:46:08:48:e3:c1:4a:91:aa:ab:ff:06:3d:
32:83:65:c0:2f:07:76:ab:f4:a0:75:db:72:8a:8d:7e:0c:e8:
bf:d8:5d:84:80:92:93:ea:d4:51:7c:06:ad:c4:d5:e6:39:a5:
da:39:78:b7:d0:c6:91:9a:4a:ee:1c:77:19:15:6b:eb:7b:85:
0d:36:f0:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIDZRivEeLHhvUE7aqBC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQxYjAwNzI3NTIzZTdlNGI3NmZmYWFjY2Q5YmFiMmE3OTU5NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfRpZZAOstk1VYETzCVWomkJ7JcT
mGQ4ScOkgnsQQcAfzkjXFTBNqaeV+A77GxlJgDQXs9q6GsQ5ZIUpvXV5/yP4KY0f
tL93xjsD/aBEieHByi2qIan7W6MRB6GuJoSlw+q5kzpfv6mdWNUIjgldg7YrZOic
7REOD5dYiwkomJjmzRClhVM+1uOJEOLNBfm3cS+CiRCuTtq94q/KyoMHDwZT8pwl
akkaTypjD3DMExO27uc9Y6+CzJdasy0hKzF2QGWfAqIt09Re8wPzHf3i9o3L9YhQ
/FuO6/agVFQ734SavrZAgQQRqMV9+IJyfz6Lvxpo3xXpZ95Nf5DJ9MpyowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBtBsAcnUj5+S3b/qszZurKnlZb0MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRzBHd0J5ZFNQbjVMZHYtcXpObTZzcWVWbHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsH35AwQA
uX5TAwQAudZkAwQAueRJMA0GCSqGSIb3DQEBCwUAA4IBAQC0ICueiBfNwelISLoR
ZgnmEPr0SORY03UD3ruLR5lM3nUaCeeFCCHAM/Nqunn/tID4pYrtodqx658yiA1m
Elxcxx5uNe53RlGWlGvIhy0LjxtquvenVXryGPs0kI2X9DoZXcGeWC7T55245rx8
wNlxRwB8WSX/5+CaB562eK79GYEtald8ac9dDL0FGZNZGQDQDYb6fdear45VGJ85
gXE6uDUUlk/9//fD1ggulGJsMXpBujTlS/Kxy21GCEjjwUqRqqv/Bj0yg2XALwd2
q/Sgddtyio1+DOi/2F2EgJKT6tRRfAatxNXmOaXaOXi30MaRmkruHHcZFWvre4UN
NvAp
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:33:15 2025 by rpki-client