Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Gs6wyM63OMnbKZMOf0cda_N7OHI.roa
File: Gs6wyM63OMnbKZMOf0cda_N7OHI.roa (raw, json)
Hash identifier: klxL/qsoExOmtoi4MkmdkNuAIFKSpx+D0u3x1SSJEX0=
Subject key identifier: 1A:CE:B0:C8:CE:B7:38:C9:DB:29:93:0E:7F:47:1D:6B:F3:7B:38:72
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019425214A947AC12D47B6C41C9B8FB08CF8
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Gs6wyM63OMnbKZMOf0cda_N7OHI.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 91.190.186.0/24 maxlen: 24
91.190.191.0/24 maxlen: 24
92.61.107.0/24 maxlen: 24
92.61.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:4a:94:7a:c1:2d:47:b6:c4:1c:9b:8f:b0:8c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1aceb0c8ceb738c9db29930e7f471d6bf37b3872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5f:1a:9c:26:33:18:89:8b:33:6c:d8:fb:f2:
36:3e:26:2d:51:3c:17:35:ed:3f:85:56:b1:34:f3:
3f:73:f4:10:dc:c6:bb:99:47:9a:b3:af:4a:cb:4a:
47:b5:54:c1:53:e0:74:63:b0:37:f4:8c:13:ee:34:
59:28:ce:a5:3f:74:f2:b2:4a:8c:ac:24:df:bc:f9:
cd:76:2c:d8:32:80:b9:6f:ab:f7:f4:0f:8d:c6:48:
ce:d4:df:e9:21:c9:65:80:05:7a:69:7b:cc:5b:d5:
bd:a7:57:24:e5:64:ab:42:bf:16:5a:c9:88:1f:ca:
2e:17:99:78:d4:c9:a9:19:aa:44:64:34:04:a6:1a:
75:67:ea:aa:c1:79:b5:62:a6:ac:3a:f1:06:c4:1f:
6d:df:a2:a4:6a:f3:25:15:b3:b3:61:72:27:64:30:
06:83:58:b6:27:08:c4:fd:e3:09:bb:53:29:88:68:
9f:e7:fc:fd:60:9c:6f:35:ed:df:07:88:5f:cf:82:
20:9b:5d:0c:da:e3:f6:97:e6:49:0b:79:34:76:a2:
69:f0:05:87:d8:be:2c:fb:3f:43:ea:6c:de:92:5c:
58:1e:1c:e6:33:7d:c1:ff:55:24:5d:76:42:f4:de:
43:2a:ed:93:26:95:66:70:c0:16:39:d0:4a:89:b0:
2d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:CE:B0:C8:CE:B7:38:C9:DB:29:93:0E:7F:47:1D:6B:F3:7B:38:72
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/Gs6wyM63OMnbKZMOf0cda_N7OHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.186.0/24
91.190.191.0/24
92.61.107.0/24
92.61.110.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:36:7e:63:c7:b9:43:6e:b0:80:58:1b:bc:27:cc:d8:3a:f8:
d2:ec:f1:ae:df:76:e8:3b:43:04:ab:16:07:2c:65:5d:7f:ae:
51:96:b7:7d:00:29:bd:0a:03:f1:a4:a3:de:b4:88:cd:4f:e1:
6a:eb:5a:6f:ea:6d:05:40:47:83:ad:61:3c:b0:f9:2b:2e:5c:
15:bf:9f:fe:4d:a3:04:b1:c5:b7:f5:74:78:0c:8a:47:4a:f0:
e3:ac:20:89:2d:38:e9:84:b6:8b:20:18:4d:ac:ab:ab:74:87:
21:f6:c3:98:67:00:8a:23:42:e1:29:58:de:a7:96:06:42:78:
43:dd:36:c4:95:71:2e:3a:8e:7c:66:8a:e0:64:d3:27:1d:16:
d7:e0:5b:54:e6:de:15:aa:70:bb:1e:2a:88:e4:38:c2:fb:25:
fe:87:66:b8:0f:ef:f4:99:86:00:1a:2b:b3:6b:51:51:27:9f:
67:6b:69:ed:37:53:b5:39:3b:1f:f7:8f:d5:bc:5b:67:fe:9f:
19:a6:7a:c8:ee:bb:e7:09:c7:de:0c:d8:33:7d:bc:8e:a6:5c:
b2:88:aa:68:31:f3:67:c9:3b:e3:c8:1f:65:74:15:c7:9c:72:
81:c9:01:7a:40:35:2d:90:fe:ce:f1:75:c1:1c:11:85:61:8e:
44:70:ff:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIUqUesEtR7bEHJuPsIz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWNlYjBjOGNlYjczOGM5ZGIyOTkzMGU3ZjQ3MWQ2YmYzN2IzODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw18anCYzGImLM2zY+/I2PiYtUTwX
Ne0/hVaxNPM/c/QQ3Ma7mUeas69Ky0pHtVTBU+B0Y7A39IwT7jRZKM6lP3TyskqM
rCTfvPnNdizYMoC5b6v39A+NxkjO1N/pIcllgAV6aXvMW9W9p1ck5WSrQr8WWsmI
H8ouF5l41MmpGapEZDQEphp1Z+qqwXm1YqasOvEGxB9t36KkavMlFbOzYXInZDAG
g1i2JwjE/eMJu1MpiGif5/z9YJxvNe3fB4hfz4Igm10M2uP2l+ZJC3k0dqJp8AWH
2L4s+z9D6mzeklxYHhzmM33B/1UkXXZC9N5DKu2TJpVmcMAWOdBKibAtVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBrOsMjOtzjJ2ymTDn9HHWvzezhyMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvR3M2d3lNNjNPTW5iS1pNT2YwY2RhX043T0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW766AwQA
W76/AwQAXD1rAwQAXD1uMA0GCSqGSIb3DQEBCwUAA4IBAQA/Nn5jx7lDbrCAWBu8
J8zYOvjS7PGu33boO0MEqxYHLGVdf65Rlrd9ACm9CgPxpKPetIjNT+Fq61pv6m0F
QEeDrWE8sPkrLlwVv5/+TaMEscW39XR4DIpHSvDjrCCJLTjphLaLIBhNrKurdIch
9sOYZwCKI0LhKVjep5YGQnhD3TbElXEuOo58ZorgZNMnHRbX4FtU5t4VqnC7HiqI
5DjC+yX+h2a4D+/0mYYAGiuza1FRJ59na2ntN1O1OTsf94/VvFtn/p8ZpnrI7rvn
CcfeDNgzfbyOplyyiKpoMfNnyTvjyB9ldBXHnHKByQF6QDUtkP7O8XXBHBGFYY5E
cP+7
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:14:03 2025 by rpki-client