Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/rGuulbHd9kRPQ-Vjw-QiFUOKt_A.roa
File: rGuulbHd9kRPQ-Vjw-QiFUOKt_A.roa (raw, json)
Hash identifier: B7yPzOPI+uMdkQOcYQEtalAjsrTFRRTxVc7BxeoQZ2o=
Subject key identifier: AC:6B:AE:95:B1:DD:F6:44:4F:43:E5:63:C3:E4:22:15:43:8A:B7:F0
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745CD745DDD6005EFDD2B942C991A88
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/rGuulbHd9kRPQ-Vjw-QiFUOKt_A.roa
Signing time: Thu 02 Jan 2025 13:47:53 +0000
ROA not before: Thu 02 Jan 2025 13:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42846
IP address blocks: 31.192.212.0/24 maxlen: 24
31.192.214.0/24 maxlen: 24
89.252.134.0/24 maxlen: 24
89.252.137.0/24 maxlen: 24
89.252.138.0/24 maxlen: 24
89.252.159.0/24 maxlen: 24
159.253.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:cd:74:5d:dd:60:05:ef:dd:2b:94:2c:99:1a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac6bae95b1ddf6444f43e563c3e42215438ab7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:13:62:23:2d:32:30:b4:c3:52:25:5d:b1:63:
6f:f7:f1:7e:e8:97:d3:15:53:e8:51:fe:ae:7e:8d:
9e:a5:bd:7d:f5:73:02:f8:35:44:e5:4a:63:5b:41:
25:b8:12:55:08:b9:69:8e:62:dc:41:b6:9c:6e:ba:
16:86:77:cb:69:ee:41:04:e2:8b:d0:d5:1a:80:e5:
10:aa:8f:26:1a:c6:7e:34:2f:d1:f8:1a:e4:ef:53:
85:02:2b:5a:a3:20:59:d6:20:e4:00:44:aa:c8:9e:
13:b6:c4:82:fd:4f:a1:f0:b6:7f:22:a0:63:f2:75:
06:29:5a:86:ca:3c:91:e6:39:6f:ee:f1:8a:91:c7:
94:d9:d6:86:03:92:6a:d4:e8:75:f1:33:20:22:0e:
83:48:fc:b5:36:54:8e:56:bd:2a:af:a6:70:2a:1d:
c3:33:17:55:b2:85:03:12:0b:77:a9:be:ec:4a:f5:
14:10:bf:fa:0c:6e:f0:75:4a:ac:9d:2b:9e:06:13:
30:86:d5:a1:b9:46:c9:6c:17:07:f0:cc:3c:26:8e:
f5:d2:da:16:6b:2c:d9:69:a4:a6:9c:f3:b4:4b:83:
ca:97:7a:53:32:52:ad:b3:99:6a:e1:f2:f1:0e:ed:
8c:b0:6d:f0:f3:f4:c0:18:ef:e6:89:96:79:ee:c9:
f0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6B:AE:95:B1:DD:F6:44:4F:43:E5:63:C3:E4:22:15:43:8A:B7:F0
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/rGuulbHd9kRPQ-Vjw-QiFUOKt_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.212.0/24
31.192.214.0/24
89.252.134.0/24
89.252.137.0-89.252.138.255
89.252.159.0/24
159.253.37.0/24
Signature Algorithm: sha256WithRSAEncryption
24:25:74:2d:c4:06:43:57:63:9e:8c:8f:a5:c0:eb:7e:c0:20:
41:66:87:11:d1:5a:9b:df:51:ae:b5:fc:48:7a:c0:ea:39:2f:
cb:df:e8:43:05:b6:2b:ef:df:4b:d2:8e:ca:38:0e:e5:ae:75:
5b:a2:7a:40:85:06:7c:a7:2e:19:15:d4:6b:b5:e6:1d:60:23:
a2:78:08:70:f1:2c:a5:f0:4c:cf:f5:19:f3:6f:67:2a:0d:ec:
28:34:8e:75:35:79:2b:34:c1:6a:51:73:61:e5:9e:a5:47:eb:
ac:81:e7:83:a3:1b:e8:53:3c:9a:a7:60:e3:29:c3:b3:df:40:
50:0b:5c:9a:aa:3b:24:12:09:47:c6:7d:0c:4a:86:24:10:a2:
d7:aa:e1:4f:a2:7d:ca:00:26:2b:4d:08:cb:84:71:9a:85:05:
0e:2c:5a:b5:12:5d:4b:18:05:02:00:c9:55:1e:fa:9f:47:f4:
a3:e4:cd:52:ca:16:78:a5:a7:6f:8d:5e:99:1a:c8:66:fe:49:
49:3a:0a:52:8b:2e:8a:f9:63:1f:01:a0:d3:78:8c:51:d4:66:
fb:61:33:56:16:37:e3:ed:95:25:04:79:90:8c:f8:0d:ed:a5:
fe:08:cf:79:f7:83:66:6d:dd:9a:47:88:5d:1a:1b:d5:28:1e:
dd:ab:c6:3a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQnRc10Xd1gBe/dK5QsmRqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzZiYWU5NWIxZGRmNjQ0NGY0M2U1NjNjM2U0MjIxNTQzOGFiN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xNiIy0yMLTDUiVdsWNv9/F+6JfT
FVPoUf6ufo2epb199XMC+DVE5UpjW0EluBJVCLlpjmLcQbacbroWhnfLae5BBOKL
0NUagOUQqo8mGsZ+NC/R+Brk71OFAitaoyBZ1iDkAESqyJ4TtsSC/U+h8LZ/IqBj
8nUGKVqGyjyR5jlv7vGKkceU2daGA5Jq1Oh18TMgIg6DSPy1NlSOVr0qr6ZwKh3D
MxdVsoUDEgt3qb7sSvUUEL/6DG7wdUqsnSueBhMwhtWhuUbJbBcH8Mw8Jo710toW
ayzZaaSmnPO0S4PKl3pTMlKts5lq4fLxDu2MsG3w8/TAGO/miZZ57snw7QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKxrrpWx3fZET0PlY8PkIhVDirfwMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvckd1dWxiSGQ5a1JQUS1WanctUWlGVU9LdF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAH8DUAwQA
H8DWAwQAWfyGMAwDBABZ/IkDBABZ/IoDBABZ/J8DBACf/SUwDQYJKoZIhvcNAQEL
BQADggEBACQldC3EBkNXY56Mj6XA637AIEFmhxHRWpvfUa61/Eh6wOo5L8vf6EMF
tivv30vSjso4DuWudVuiekCFBnynLhkV1Gu15h1gI6J4CHDxLKXwTM/1GfNvZyoN
7Cg0jnU1eSs0wWpRc2HlnqVH66yB54OjG+hTPJqnYOMpw7PfQFALXJqqOyQSCUfG
fQxKhiQQoteq4U+ifcoAJitNCMuEcZqFBQ4sWrUSXUsYBQIAyVUe+p9H9KPkzVLK
Fnilp2+NXpkayGb+SUk6ClKLLor5Yx8BoNN4jFHUZvthM1YWN+PtlSUEeZCM+A3t
pf4Iz3n3g2Zt3ZpHiF0aG9UoHt2rxjo=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:32:33 2025 by rpki-client