Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1GKSBXVaZ0ag5v475kUXdEkbQhQ.roa
File: 1GKSBXVaZ0ag5v475kUXdEkbQhQ.roa (raw, json)
Hash identifier: X9uuaeQ/DFn7eKiljliRJ9ZtnztLoEh6oYyh/D1LlZE=
Subject key identifier: D4:62:92:05:75:5A:67:46:A0:E6:FE:3B:E6:45:17:74:49:1B:42:14
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D76C667C2CDB899DF8CD3865523B3B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1GKSBXVaZ0ag5v475kUXdEkbQhQ.roa
Signing time: Wed 01 Jan 2025 21:48:28 +0000
ROA not before: Wed 01 Jan 2025 21:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203189
IP address blocks: 2a01:367:babe::/48 maxlen: 48
2a01:367:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6c:66:7c:2c:db:89:9d:f8:cd:38:65:52:3b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4629205755a6746a0e6fe3be6451774491b4214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2b:81:97:33:5d:64:81:ae:69:dc:93:eb:67:
92:d7:75:91:d9:19:3e:20:26:40:7d:ca:bf:6c:c2:
0d:ac:d6:b6:7e:78:9a:49:3a:e6:46:60:ea:97:9a:
21:a4:19:f6:bf:d9:7e:82:b7:f8:d9:e2:ad:8d:b6:
4a:2e:70:de:be:0a:f6:6f:4f:22:32:dc:d4:93:9d:
da:15:67:c4:8e:bb:76:dc:d5:2a:06:2b:19:29:7b:
4d:27:53:8e:1c:c3:78:fa:01:9c:cd:40:89:ba:bc:
78:4c:eb:30:0d:7d:e1:7f:12:04:b4:eb:1c:f0:3b:
cc:73:3c:89:07:6e:7e:4a:43:cd:44:89:6f:78:de:
7c:34:c4:5a:1d:8c:8f:3b:23:90:bc:58:99:f8:70:
bb:21:8c:0d:ad:18:ee:c2:41:d9:a9:d0:2f:c7:ba:
a2:f1:8b:dd:88:4c:9f:ca:08:c6:66:9a:bc:91:2c:
a1:4b:10:14:35:ed:1c:ee:fe:b3:4c:14:8e:3b:a2:
8d:c8:59:88:57:f4:1b:a6:fa:63:57:e4:fd:2d:2f:
26:11:f4:d9:e8:ad:07:cf:3b:46:11:2f:ee:de:79:
d2:89:4a:d5:dd:ce:10:7a:90:6d:e8:28:73:ec:a2:
dd:8a:b9:2e:83:4a:12:b0:5e:b9:0b:83:c5:5c:f7:
ee:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:62:92:05:75:5A:67:46:A0:E6:FE:3B:E6:45:17:74:49:1B:42:14
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1GKSBXVaZ0ag5v475kUXdEkbQhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:367:babe::/48
2a01:367:dead::/48
Signature Algorithm: sha256WithRSAEncryption
60:a4:3f:ea:d8:d8:ad:36:8b:84:e2:ec:12:a3:25:28:09:70:
50:1c:d2:05:cc:b5:26:42:f8:04:a6:16:33:49:a0:d5:5d:5a:
c2:c0:38:a0:1d:15:94:8b:ba:6b:b9:fe:4f:d6:ae:ad:f7:d7:
04:e4:36:46:4d:cc:39:aa:f4:94:d3:89:40:a7:a1:72:16:e9:
0c:9d:71:80:d3:92:cd:99:03:c3:5d:0f:ce:84:ef:34:c5:e5:
3c:aa:67:d9:23:44:ec:03:22:d2:28:31:f8:13:9f:e9:4a:5d:
5b:33:a2:11:60:eb:19:36:4d:8a:15:18:9b:3b:c7:39:68:68:
d4:9c:03:4c:63:28:83:a6:ce:2f:66:9f:1a:5e:14:38:d7:a0:
6c:85:c7:f0:71:9b:9d:63:8c:1e:f5:88:e8:9f:9a:32:02:5c:
99:96:52:db:f0:b9:35:b0:b2:f6:44:9d:17:db:16:b3:c0:f5:
da:30:54:a9:4f:b2:50:3d:65:20:41:b5:e3:d8:61:9b:07:2f:
96:b5:17:cc:a5:0d:76:ee:39:cf:1d:d7:0b:66:2d:28:c8:1a:
a2:61:47:18:61:9f:6e:df:bd:24:37:ea:34:1f:b9:3e:c5:dc:
f4:9c:ab:46:93:d5:6f:fd:fe:e4:92:c5:f6:f4:98:20:99:ea:
48:bb:a8:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj12xmfCzbiZ34zThlUjs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDYyOTIwNTc1NWE2NzQ2YTBlNmZlM2JlNjQ1MTc3NDQ5MWI0MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CuBlzNdZIGuadyT62eS13WR2Rk+
ICZAfcq/bMINrNa2fniaSTrmRmDql5ohpBn2v9l+grf42eKtjbZKLnDevgr2b08i
MtzUk53aFWfEjrt23NUqBisZKXtNJ1OOHMN4+gGczUCJurx4TOswDX3hfxIEtOsc
8DvMczyJB25+SkPNRIlveN58NMRaHYyPOyOQvFiZ+HC7IYwNrRjuwkHZqdAvx7qi
8YvdiEyfygjGZpq8kSyhSxAUNe0c7v6zTBSOO6KNyFmIV/QbpvpjV+T9LS8mEfTZ
6K0HzztGES/u3nnSiUrV3c4QepBt6Chz7KLdirkug0oSsF65C4PFXPfuyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRikgV1WmdGoOb+O+ZFF3RJG0IUMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMUdLU0JYVmFaMGFnNXY0NzVrVVhkRWtiUWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgEDZ7q+
AwcAKgEDZ96tMA0GCSqGSIb3DQEBCwUAA4IBAQBgpD/q2NitNouE4uwSoyUoCXBQ
HNIFzLUmQvgEphYzSaDVXVrCwDigHRWUi7pruf5P1q6t99cE5DZGTcw5qvSU04lA
p6FyFukMnXGA05LNmQPDXQ/OhO80xeU8qmfZI0TsAyLSKDH4E5/pSl1bM6IRYOsZ
Nk2KFRibO8c5aGjUnANMYyiDps4vZp8aXhQ416BshcfwcZudY4we9Yjon5oyAlyZ
llLb8Lk1sLL2RJ0X2xazwPXaMFSpT7JQPWUgQbXj2GGbBy+WtRfMpQ127jnPHdcL
Zi0oyBqiYUcYYZ9u370kN+o0H7k+xdz0nKtGk9Vv/f7kksX29JggmepIu6gr
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:32 2025 by rpki-client