Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gICrNhXc_bftgrVW7cnsPDqRllw.roa
File: gICrNhXc_bftgrVW7cnsPDqRllw.roa (raw, json)
Hash identifier: eBybvDN3QxWfLd72ZvAqMA/aF9LTCEYDGwFCAMPhmiY=
Subject key identifier: 80:80:AB:36:15:DC:FD:B7:ED:82:B5:56:ED:C9:EC:3C:3A:91:96:5C
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64B1571B72199979E5BFAF8ED554EC
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gICrNhXc_bftgrVW7cnsPDqRllw.roa
Signing time: Thu 09 Jan 2025 09:28:20 +0000
ROA not before: Thu 09 Jan 2025 09:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48917
IP address blocks: 78.128.5.0/24 maxlen: 24
78.128.66.0/24 maxlen: 24
79.124.32.0/21 maxlen: 24
91.148.142.0/23 maxlen: 24
130.185.192.0/20 maxlen: 24
130.185.208.0/20 maxlen: 24
130.185.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:b1:57:1b:72:19:99:79:e5:bf:af:8e:d5:54:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8080ab3615dcfdb7ed82b556edc9ec3c3a91965c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:fb:d1:aa:c3:84:6b:e4:51:b2:f2:96:52:
db:86:c8:04:39:6c:02:de:b4:37:f3:93:c4:81:d5:
a4:67:5e:61:13:79:a3:73:70:f4:03:1a:23:7f:f8:
9c:5c:48:55:b7:62:da:74:4e:c1:f0:8a:a7:96:f4:
24:33:e9:b9:4f:0e:1f:97:6b:63:c7:bc:17:25:6a:
29:9f:a8:c4:74:bd:85:a9:27:a5:a5:5c:ac:84:e1:
bf:22:d6:42:e8:a7:98:63:a4:d9:44:22:8a:76:4b:
83:54:fb:5d:74:2b:7d:34:79:5b:c0:87:71:c4:eb:
8d:44:70:48:1a:ba:b0:97:b4:18:98:ad:48:3e:e5:
57:15:a3:e7:e2:8d:c9:73:e6:9b:28:6d:e0:de:ed:
92:08:39:69:8d:24:c9:5a:ca:df:2a:1b:89:b7:8d:
30:d9:cb:1c:61:cc:e9:8a:0c:eb:bb:f8:f3:02:02:
87:08:07:6c:06:20:ec:65:e4:61:5e:2c:2d:45:3f:
34:3f:7f:9f:0d:f3:e6:2a:d6:b3:35:a1:e8:9e:97:
eb:67:65:a7:a2:3b:29:29:4b:93:6c:04:80:20:56:
a3:99:f2:ec:37:5f:6d:45:d1:28:02:71:49:3c:86:
de:91:bb:7a:f6:fc:af:3c:e3:51:1c:17:96:af:7c:
38:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:80:AB:36:15:DC:FD:B7:ED:82:B5:56:ED:C9:EC:3C:3A:91:96:5C
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gICrNhXc_bftgrVW7cnsPDqRllw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.5.0/24
78.128.66.0/24
79.124.32.0/21
91.148.142.0/23
130.185.192.0/19
130.185.240.0/21
Signature Algorithm: sha256WithRSAEncryption
75:00:28:65:76:fd:96:a0:ed:85:15:0d:ce:c0:ad:0b:51:79:
34:50:7a:20:ee:46:ec:c0:87:5b:25:9a:52:d2:a2:df:26:9e:
1e:00:5d:9d:fc:d0:c5:48:85:11:f7:38:65:4b:db:80:ff:a6:
2c:87:39:ef:94:86:06:87:9e:f9:59:5b:a5:0d:ba:e4:44:6f:
6c:cf:53:b7:3a:f3:6f:1b:59:d5:c0:a8:7a:3e:28:51:2c:11:
ad:b2:6b:0a:3b:2c:88:2e:21:0c:d3:3d:18:32:2c:87:c0:8e:
18:a0:da:43:35:7f:4d:fc:7a:cf:f1:9d:c3:f8:db:33:03:6d:
50:e4:d3:6f:69:a3:76:78:37:79:4c:ef:7a:da:b3:2d:7d:84:
c4:1c:5f:03:67:80:7f:ac:e6:78:88:7a:8b:da:2b:a3:ff:95:
a0:e8:b0:f1:33:75:1d:2e:dd:10:95:ae:44:e0:d5:cc:87:eb:
c0:b2:3c:6b:be:7f:ab:83:00:c3:84:7e:49:61:8f:3d:7e:76:
2f:e6:8e:52:1a:75:d5:0c:67:50:84:00:2e:27:11:93:70:9b:
f8:1a:24:cd:ec:3f:8d:f5:d2:6c:3d:ea:69:46:21:4d:d1:d7:
13:05:0b:1c:c8:04:34:d4:91:fb:9f:0d:78:07:94:ea:50:2c:
2b:00:1e:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRKZLFXG3IZmXnlv6+O1VTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDgwYWIzNjE1ZGNmZGI3ZWQ4MmI1NTZlZGM5ZWMzYzNhOTE5NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Kz70arDhGvkUbLyllLbhsgEOWwC
3rQ385PEgdWkZ15hE3mjc3D0Axojf/icXEhVt2LadE7B8IqnlvQkM+m5Tw4fl2tj
x7wXJWopn6jEdL2FqSelpVyshOG/ItZC6KeYY6TZRCKKdkuDVPtddCt9NHlbwIdx
xOuNRHBIGrqwl7QYmK1IPuVXFaPn4o3Jc+abKG3g3u2SCDlpjSTJWsrfKhuJt40w
2cscYczpigzru/jzAgKHCAdsBiDsZeRhXiwtRT80P3+fDfPmKtazNaHonpfrZ2Wn
ojspKUuTbASAIFajmfLsN19tRdEoAnFJPIbekbt69vyvPONRHBeWr3w4hwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFICAqzYV3P237YK1Vu3J7Dw6kZZcMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ0lDck5oWGNfYmZ0Z3JWVzdjbnNQRHFSbGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAToAFAwQA
ToBCAwQDT3wgAwQBW5SOAwQFgrnAAwQDgrnwMA0GCSqGSIb3DQEBCwUAA4IBAQB1
AChldv2WoO2FFQ3OwK0LUXk0UHog7kbswIdbJZpS0qLfJp4eAF2d/NDFSIUR9zhl
S9uA/6YshznvlIYGh575WVulDbrkRG9sz1O3OvNvG1nVwKh6PihRLBGtsmsKOyyI
LiEM0z0YMiyHwI4YoNpDNX9N/HrP8Z3D+NszA21Q5NNvaaN2eDd5TO962rMtfYTE
HF8DZ4B/rOZ4iHqL2iuj/5Wg6LDxM3UdLt0Qla5E4NXMh+vAsjxrvn+rgwDDhH5J
YY89fnYv5o5SGnXVDGdQhAAuJxGTcJv4GiTN7D+N9dJsPeppRiFN0dcTBQscyAQ0
1JH7nw14B5TqUCwrAB6W
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:33 2025 by rpki-client