Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/CGfUbuDeRkllwMZF7DTrKk3yLcE.roa
File: CGfUbuDeRkllwMZF7DTrKk3yLcE.roa (raw, json)
Hash identifier: l5jsvO9CwwUl92v3ODW6ImGh3DZFw7mx9nyyajWFi54=
Subject key identifier: 08:67:D4:6E:E0:DE:46:49:65:C0:C6:45:EC:34:EB:2A:4D:F2:2D:C1
Certificate issuer: /CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Certificate serial: 01971B833C71FA63741D67616D8E9FCE1A0B
Authority key identifier: 8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/CGfUbuDeRkllwMZF7DTrKk3yLcE.roa
Signing time: Thu 29 May 2025 10:07:54 +0000
ROA not before: Thu 29 May 2025 10:07:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12324
IP address blocks: 5.201.0.0/17 maxlen: 17
87.246.192.0/19 maxlen: 19
87.246.240.0/20 maxlen: 20
212.182.0.0/18 maxlen: 18
212.182.14.0/24 maxlen: 24
212.182.64.0/20 maxlen: 20
2a04:440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:83:3c:71:fa:63:74:1d:67:61:6d:8e:9f:ce:1a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Validity
Not Before: May 29 10:07:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0867d46ee0de464965c0c645ec34eb2a4df22dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:da:6f:63:01:da:a9:75:24:dd:26:25:36:
5d:88:eb:92:66:a6:21:10:dc:c0:e8:0e:4f:e7:bb:
d4:98:da:12:2b:8d:ee:c3:f1:f4:cb:0d:74:67:91:
99:25:04:d6:24:5b:dd:3d:4d:4b:e9:60:b8:cb:5c:
a9:e3:95:70:d9:8e:08:05:7f:09:24:8e:5a:a6:68:
89:df:bd:11:a8:ca:bf:3d:63:df:ad:11:dc:e4:c1:
2f:8e:52:fc:d4:74:aa:e0:dc:64:cc:09:59:9a:49:
b8:76:f5:07:0d:23:8c:4c:f4:5f:8c:b9:fd:91:9d:
e3:e7:fa:ee:d6:a0:06:24:a3:b7:23:f0:40:a9:b1:
3b:e7:0f:3a:06:0e:a1:74:65:1f:e2:31:ed:d5:e8:
b3:a3:96:59:59:2a:2f:85:be:2c:69:ca:35:4b:19:
46:e9:72:ad:7b:d4:04:29:c3:a1:00:e4:53:6f:12:
93:19:ca:a6:38:b0:71:5e:9a:02:1e:62:c8:29:4c:
9b:25:c9:1f:78:15:78:d4:59:ee:fa:71:5a:cf:b7:
95:06:f5:6a:8b:78:1d:68:7d:35:e6:a3:56:65:3d:
31:d3:b7:20:fb:5e:13:4e:c7:62:ff:c2:f7:0e:08:
59:f4:f1:64:59:59:10:0c:38:76:2a:07:37:46:b4:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:67:D4:6E:E0:DE:46:49:65:C0:C6:45:EC:34:EB:2A:4D:F2:2D:C1
X509v3 Authority Key Identifier:
keyid:8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/CGfUbuDeRkllwMZF7DTrKk3yLcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.0.0/17
87.246.192.0/19
87.246.240.0/20
212.182.0.0-212.182.79.255
IPv6:
2a04:440::/32
Signature Algorithm: sha256WithRSAEncryption
48:dd:ae:80:5c:a1:bb:2c:9d:92:45:06:8a:2f:bb:63:ef:9a:
8e:04:29:dd:97:2d:50:86:38:cc:f3:06:2d:20:42:4c:8e:af:
b9:46:5b:af:9c:b0:79:50:3a:7f:65:f4:ba:b8:97:f5:7f:fb:
5c:45:93:a9:71:3b:97:d0:54:24:9e:64:95:53:80:9f:3e:07:
ad:e7:ab:61:90:1a:1b:1c:31:e5:2c:8e:0e:87:8a:41:34:c3:
7b:cc:fd:86:70:fb:dd:ae:80:3c:86:d7:db:d7:bf:21:3e:c9:
de:bf:97:a9:d1:f0:8e:4b:c7:36:53:ad:d5:88:af:71:13:98:
90:2b:e4:4e:ab:5b:98:fa:4f:97:a9:e3:0e:04:e1:0b:07:08:
c9:70:44:b9:dd:8b:29:30:89:cf:0e:40:64:13:80:e4:f1:f8:
6e:bc:ab:92:11:0c:58:15:99:11:47:2e:e9:1f:49:e0:78:b0:
ec:5c:d9:5f:89:68:0f:af:43:15:11:00:ff:6b:6b:01:7f:0f:
e6:e1:a8:ce:e8:1a:e1:c5:99:86:99:7a:a5:35:ed:90:8f:fd:
f0:1c:62:8e:ad:1a:c8:3d:de:d2:41:18:76:02:9a:d4:84:f6:
ba:32:73:6f:68:99:35:28:d4:76:d8:e9:1d:f2:c8:9b:1a:ef:
ea:0e:82:c0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZcbgzxx+mN0HWdhbY6fzhoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGYzZjhiYTdkY2Y1ODk0ZjJmNjExZDdkZmFiNTNkNGE2
M2MwYTkwHhcNMjUwNTI5MTAwNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY3ZDQ2ZWUwZGU0NjQ5NjVjMGM2NDVlYzM0ZWIyYTRkZjIyZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZLab2MB2ql1JN0mJTZdiOuSZqYh
ENzA6A5P57vUmNoSK43uw/H0yw10Z5GZJQTWJFvdPU1L6WC4y1yp45Vw2Y4IBX8J
JI5apmiJ370RqMq/PWPfrRHc5MEvjlL81HSq4NxkzAlZmkm4dvUHDSOMTPRfjLn9
kZ3j5/ru1qAGJKO3I/BAqbE75w86Bg6hdGUf4jHt1eizo5ZZWSovhb4saco1SxlG
6XKte9QEKcOhAORTbxKTGcqmOLBxXpoCHmLIKUybJckfeBV41Fnu+nFaz7eVBvVq
i3gdaH015qNWZT0x07cg+14TTsdi/8L3DghZ9PFkWVkQDDh2Kgc3RrRwgQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAhn1G7g3kZJZcDGRew06ypN8i3BMB8GA1UdIwQY
MBaAFI1PP4un3PWJTy9hHX36tT1KY8CpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQt
OGFjYmZlYTJlY2ZhLzEvQ0dmVWJ1RGVSa2xsd01aRjdEVHJLazN5TGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQtOGFjYmZlYTJlY2Zh
LzEvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQHBckAAwQF
V/bAAwQEV/bwMAsDAwHUtgMEBNS2QDANBAIAAjAHAwUAKgQEQDANBgkqhkiG9w0B
AQsFAAOCAQEASN2ugFyhuyydkkUGii+7Y++ajgQp3ZctUIY4zPMGLSBCTI6vuUZb
r5yweVA6f2X0uriX9X/7XEWTqXE7l9BUJJ5klVOAnz4HreerYZAaGxwx5SyODoeK
QTTDe8z9hnD73a6APIbX29e/IT7J3r+XqdHwjkvHNlOt1YivcROYkCvkTqtbmPpP
l6njDgThCwcIyXBEud2LKTCJzw5AZBOA5PH4bryrkhEMWBWZEUcu6R9J4Hiw7FzZ
X4loD69DFREA/2trAX8P5uGozuga4cWZhpl6pTXtkI/98Bxijq0ayD3e0kEYdgKa
1IT2ujJzb2iZNSjUdtjpHfLImxrv6g6CwA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:06:54 2025 by rpki-client