Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/gTSl0s8ecjgcIAeVeUFH15zCuTo.roa
File: gTSl0s8ecjgcIAeVeUFH15zCuTo.roa (raw, json)
Hash identifier: NI2Bkr1fj2ydaK7ynlfqI3wFAzEUjTgFHJwBlzpASFI=
Subject key identifier: 81:34:A5:D2:CF:1E:72:38:1C:20:07:95:79:41:47:D7:9C:C2:B9:3A
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0194228DCB0A737FE42E235FE3511C69A33E
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/gTSl0s8ecjgcIAeVeUFH15zCuTo.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208914
IP address blocks: 2a10:4741:32::/48 maxlen: 48
2a10:4741:33::/48 maxlen: 48
2a10:4741:34::/48 maxlen: 48
2a10:4741:35::/48 maxlen: 48
2a10:4741:36::/48 maxlen: 48
2a10:4741:37::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cb:0a:73:7f:e4:2e:23:5f:e3:51:1c:69:a3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8134a5d2cf1e72381c200795794147d79cc2b93a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:b3:ab:c9:8a:00:fa:1e:97:87:47:ba:94:
91:43:ea:ba:21:69:34:ee:b5:61:d0:e3:6a:9d:2e:
7a:9f:3a:d0:54:59:87:96:49:2c:6f:08:98:91:d4:
ca:6a:a9:2c:33:53:3f:67:ab:ed:9f:e1:ef:8d:14:
d6:09:97:a6:23:5a:6c:95:8a:f4:8a:9e:60:d8:61:
0d:53:5a:eb:15:f3:0f:de:b1:db:96:ce:18:c1:06:
c7:c0:a3:98:4b:75:63:7a:42:61:19:4a:b4:62:24:
90:ad:d3:c0:28:6b:56:09:30:16:14:5b:66:27:dd:
e9:8c:e5:72:82:a7:6e:d2:07:f1:eb:1f:67:e3:49:
05:dd:f6:49:2e:9e:55:2d:ab:c0:62:cc:43:04:68:
4f:f3:10:03:57:29:38:8e:c8:40:f5:25:b6:79:e2:
72:47:e7:ba:12:a2:d3:d8:2e:46:56:af:31:de:bf:
4d:05:64:6a:c3:64:3d:d3:55:15:d7:dd:54:3c:3e:
b8:ef:e9:49:81:a4:d1:74:22:ec:2c:39:2d:84:8e:
cb:7e:02:29:2c:b8:4e:4e:f5:27:25:f1:ea:82:3b:
47:7d:e8:92:69:57:af:18:06:4a:74:17:40:5a:f7:
3b:aa:3c:cb:21:4b:19:26:ed:e4:dd:9c:95:0d:de:
6a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:34:A5:D2:CF:1E:72:38:1C:20:07:95:79:41:47:D7:9C:C2:B9:3A
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/gTSl0s8ecjgcIAeVeUFH15zCuTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:32::-2a10:4741:37:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:22:20:f9:ba:f7:ef:62:67:7e:3e:95:ff:d7:42:0f:cd:fc:
87:9a:ab:d6:b9:00:64:1d:b6:c0:e8:91:c9:8b:46:83:ed:a3:
26:35:c1:ea:6e:2b:00:f7:36:76:23:60:8b:9e:72:b8:54:92:
08:d4:96:d1:6d:09:69:2e:5f:96:54:a6:40:6c:97:e6:ea:f1:
b1:72:00:1a:8b:ca:e1:57:37:50:79:9e:b7:db:05:7b:d6:e7:
30:28:34:46:49:04:36:ba:d4:84:c7:cc:01:e1:90:e1:77:6a:
f9:94:74:fa:c2:50:ff:f5:ee:60:db:96:e4:79:5e:17:3f:17:
b5:34:dd:10:e8:fc:34:e2:bb:8c:4d:97:14:a9:88:2a:4d:5d:
00:1f:e6:40:f6:a6:57:ea:57:ca:3f:ad:c1:bc:54:37:9c:5c:
d1:5e:a5:b0:e3:c8:b0:98:19:0f:68:12:c2:54:4b:aa:ee:f1:
52:26:fd:c9:33:ba:a7:e7:0d:9e:4e:0f:e0:03:0c:7b:15:03:
17:d5:86:e2:8e:02:17:1a:96:04:f7:62:21:26:b1:70:0a:a3:
a7:d0:f2:6d:25:bb:03:de:6f:8c:86:d8:d1:99:3e:64:00:22:
65:80:2c:ce:27:ee:f7:61:70:1c:89:a4:e7:54:eb:ab:67:8e:
b5:06:c8:ac
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQijcsKc3/kLiNf41EcaaM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM0YTVkMmNmMWU3MjM4MWMyMDA3OTU3OTQxNDdkNzljYzJiOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXezq8mKAPoel4dHupSRQ+q6IWk0
7rVh0ONqnS56nzrQVFmHlkksbwiYkdTKaqksM1M/Z6vtn+HvjRTWCZemI1pslYr0
ip5g2GENU1rrFfMP3rHbls4YwQbHwKOYS3VjekJhGUq0YiSQrdPAKGtWCTAWFFtm
J93pjOVygqdu0gfx6x9n40kF3fZJLp5VLavAYsxDBGhP8xADVyk4jshA9SW2eeJy
R+e6EqLT2C5GVq8x3r9NBWRqw2Q901UV191UPD647+lJgaTRdCLsLDkthI7LfgIp
LLhOTvUnJfHqgjtHfeiSaVevGAZKdBdAWvc7qjzLIUsZJu3k3ZyVDd5q1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIE0pdLPHnI4HCAHlXlBR9ecwrk6MB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvZ1RTbDBzOGVjamdjSUFlVmVVRkgxNXpDdVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqEEdB
ADIDBwMqEEdBADAwDQYJKoZIhvcNAQELBQADggEBAJ4iIPm69+9iZ34+lf/XQg/N
/Ieaq9a5AGQdtsDokcmLRoPtoyY1wepuKwD3NnYjYIuecrhUkgjUltFtCWkuX5ZU
pkBsl+bq8bFyABqLyuFXN1B5nrfbBXvW5zAoNEZJBDa61ITHzAHhkOF3avmUdPrC
UP/17mDbluR5Xhc/F7U03RDo/DTiu4xNlxSpiCpNXQAf5kD2plfqV8o/rcG8VDec
XNFepbDjyLCYGQ9oEsJUS6ru8VIm/ckzuqfnDZ5OD+ADDHsVAxfVhuKOAhcalgT3
YiEmsXAKo6fQ8m0luwPeb4yG2NGZPmQAImWALM4n7vdhcByJpOdU66tnjrUGyKw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:28:53 2025 by rpki-client