Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/g_GvERS00vvnEuzjjTbuy0EME6E.roa
File: g_GvERS00vvnEuzjjTbuy0EME6E.roa (raw, json)
Hash identifier: AUGrGa5ErDqkPdRtsLwMrCAJRra7m4bIb6p0Kv3zDt4=
Subject key identifier: 83:F1:AF:11:14:B4:D2:FB:E7:12:EC:E3:8D:36:EE:CB:41:0C:13:A1
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64B3199FEF6ED8E4F77E924CD0893E
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/g_GvERS00vvnEuzjjTbuy0EME6E.roa
Signing time: Thu 09 Jan 2025 09:28:20 +0000
ROA not before: Thu 09 Jan 2025 09:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50360
IP address blocks: 78.128.114.0/24 maxlen: 24
78.142.35.0/24 maxlen: 24
78.142.49.0/24 maxlen: 24
79.124.40.0/24 maxlen: 24
79.124.45.0/24 maxlen: 24
79.124.49.0/24 maxlen: 24
79.124.56.0/24 maxlen: 24
79.124.58.0/24 maxlen: 24
79.124.59.0/24 maxlen: 24
79.124.60.0/24 maxlen: 24
79.124.62.0/24 maxlen: 24
91.148.128.0/24 maxlen: 24
91.148.129.0/24 maxlen: 24
91.148.190.0/23 maxlen: 24
91.191.220.0/24 maxlen: 24
91.191.221.0/24 maxlen: 24
91.191.222.0/24 maxlen: 24
91.191.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:b3:19:9f:ef:6e:d8:e4:f7:7e:92:4c:d0:89:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83f1af1114b4d2fbe712ece38d36eecb410c13a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:c7:03:4c:30:3c:96:64:4a:7e:d7:70:21:
b4:1a:7a:08:f7:f1:7f:a9:fe:c5:8e:1e:14:83:05:
78:51:ce:4d:ea:da:8f:33:3d:f6:59:d5:e3:43:ef:
3b:66:e1:33:fe:96:ea:04:7e:79:9f:ad:18:f1:0e:
5d:76:ab:eb:15:ae:5a:80:75:35:5b:e7:35:6d:5d:
cc:9f:1a:e9:19:92:08:7d:89:48:a3:9b:b3:bd:d6:
ad:f6:52:03:5a:16:79:a7:c4:74:04:49:53:d1:a7:
d4:69:17:e9:88:cc:a4:74:02:87:24:16:df:39:42:
1d:29:06:a4:73:c4:f9:8a:61:18:d1:bd:d2:08:61:
10:11:17:77:51:86:eb:7e:f5:3f:88:ff:4e:3b:ae:
b7:23:f9:83:28:25:37:07:d9:67:5e:08:90:cc:91:
2d:8f:81:7d:8e:63:99:d7:ef:8e:8b:4b:56:62:e1:
9f:71:c2:69:d7:e3:09:c5:69:18:28:74:c5:47:5d:
28:f7:3a:6e:5c:65:e5:1b:ac:dc:8b:64:73:06:fd:
4d:50:d6:86:e1:33:a3:75:9b:3e:fb:d7:a4:29:59:
32:c0:1d:20:e3:c6:15:df:df:c8:8f:48:23:95:6f:
87:aa:5b:03:be:21:e1:cb:ef:25:c6:46:4b:cf:04:
03:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:AF:11:14:B4:D2:FB:E7:12:EC:E3:8D:36:EE:CB:41:0C:13:A1
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/g_GvERS00vvnEuzjjTbuy0EME6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.114.0/24
78.142.35.0/24
78.142.49.0/24
79.124.40.0/24
79.124.45.0/24
79.124.49.0/24
79.124.56.0/24
79.124.58.0-79.124.60.255
79.124.62.0/24
91.148.128.0/23
91.148.190.0/23
91.191.220.0/22
Signature Algorithm: sha256WithRSAEncryption
85:73:cf:1f:22:c7:35:be:2b:65:34:d6:ad:0f:6a:83:ea:38:
01:75:46:20:63:34:95:cb:97:cd:ce:4d:60:7e:0d:a4:b1:19:
e7:4f:48:39:e3:00:51:b1:45:6e:d9:aa:ef:95:ea:1f:08:04:
36:a4:73:61:76:1d:83:43:92:48:f7:cd:2f:47:44:b5:ca:c4:
c3:94:81:3c:82:9f:0b:b0:91:01:f2:65:9c:76:e3:85:24:3e:
0c:5d:b3:bc:c9:4a:15:94:b6:1b:bb:b9:8b:33:53:5e:64:e9:
e3:c0:3a:28:19:20:4a:09:b6:a8:a4:7f:ed:a9:c5:61:f5:aa:
b7:cc:24:c1:cc:2a:eb:21:7b:ce:0c:70:4c:7e:b8:77:85:52:
58:73:0d:f9:9d:e5:88:69:83:82:97:2e:b6:b4:63:21:cf:be:
30:f9:f7:b2:9e:b1:5a:e5:fe:29:80:49:8f:38:49:dc:41:ce:
f8:37:e9:34:ab:56:e7:ba:f4:93:cb:94:d5:05:1f:cb:d0:ce:
ac:e6:83:32:c2:ca:d7:16:67:9e:0e:8a:4d:a0:6a:6b:62:43:
38:6b:7a:56:15:d3:51:7b:e4:61:41:d1:2d:16:45:f8:17:14:
f8:5b:63:52:66:e6:fe:f7:9d:d3:76:f5:c5:14:0a:1d:6b:c4:
65:9d:e7:0c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZRKZLMZn+9u2OT3fpJM0Ik+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YxYWYxMTE0YjRkMmZiZTcxMmVjZTM4ZDM2ZWVjYjQxMGMxM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxLHA0wwPJZkSn7XcCG0GnoI9/F/
qf7Fjh4UgwV4Uc5N6tqPMz32WdXjQ+87ZuEz/pbqBH55n60Y8Q5ddqvrFa5agHU1
W+c1bV3MnxrpGZIIfYlIo5uzvdat9lIDWhZ5p8R0BElT0afUaRfpiMykdAKHJBbf
OUIdKQakc8T5imEY0b3SCGEQERd3UYbrfvU/iP9OO663I/mDKCU3B9lnXgiQzJEt
j4F9jmOZ1++Oi0tWYuGfccJp1+MJxWkYKHTFR10o9zpuXGXlG6zci2RzBv1NUNaG
4TOjdZs++9ekKVkywB0g48YV39/Ij0gjlW+HqlsDviHhy+8lxkZLzwQDwQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIPxrxEUtNL75xLs44027stBDBOhMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ19HdkVSUzAwdnZuRXV6ampUYnV5MEVNRTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAToByAwQA
To4jAwQATo4xAwQAT3woAwQAT3wtAwQAT3wxAwQAT3w4MAwDBAFPfDoDBABPfDwD
BABPfD4DBAFblIADBAFblL4DBAJbv9wwDQYJKoZIhvcNAQELBQADggEBAIVzzx8i
xzW+K2U01q0PaoPqOAF1RiBjNJXLl83OTWB+DaSxGedPSDnjAFGxRW7Zqu+V6h8I
BDakc2F2HYNDkkj3zS9HRLXKxMOUgTyCnwuwkQHyZZx244UkPgxds7zJShWUthu7
uYszU15k6ePAOigZIEoJtqikf+2pxWH1qrfMJMHMKushe84McEx+uHeFUlhzDfmd
5Yhpg4KXLra0YyHPvjD597KesVrl/imASY84SdxBzvg36TSrVue69JPLlNUFH8vQ
zqzmgzLCytcWZ54Oik2gamtiQzhrelYV01F75GFB0S0WRfgXFPhbY1Jm5v73ndN2
9cUUCh1rxGWd5ww=
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:53:51 2025 by rpki-client