Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/GYuIoE-jlXSckwk_qSK_aV7UB4Q.roa
File: GYuIoE-jlXSckwk_qSK_aV7UB4Q.roa (raw, json)
Hash identifier: sORKouCrelcQgpTPPPbZDvGrSxjdHNUzrheoRMHaMrw=
Subject key identifier: 19:8B:88:A0:4F:A3:95:74:9C:93:09:3F:A9:22:BF:69:5E:D4:07:84
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 019420D60B8A36890E4236F7B55627BA777C
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/GYuIoE-jlXSckwk_qSK_aV7UB4Q.roa
Signing time: Wed 01 Jan 2025 07:48:06 +0000
ROA not before: Wed 01 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44222
IP address blocks: 185.83.212.0/24 maxlen: 24
185.83.213.0/24 maxlen: 24
2a05:9f00::/31 maxlen: 48
2a05:9f02::/31 maxlen: 31
2a05:9f04::/31 maxlen: 31
2a05:9f06::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.mft
rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0b:8a:36:89:0e:42:36:f7:b5:56:27:ba:77:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=198b88a04fa395749c93093fa922bf695ed40784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:56:9f:84:7c:46:fa:30:06:20:e8:f4:d5:28:
2b:58:0e:82:ec:d5:47:8e:96:19:44:5e:38:9f:11:
3f:c5:8e:36:08:4e:0a:22:19:97:d5:79:c1:2a:4c:
6a:d1:a1:f6:5a:12:ee:65:08:45:89:41:16:f6:a7:
2c:ad:21:99:26:e4:80:04:b1:b2:e5:5e:95:4b:0c:
f8:79:63:04:e9:56:16:3e:d2:3b:ce:ff:2f:50:15:
6b:94:1f:c4:56:66:3f:bc:e0:13:5a:c4:3f:cb:56:
72:81:99:28:d3:75:3e:aa:88:99:65:8e:ad:07:c3:
fe:90:d3:4c:07:9d:72:45:e3:be:4d:c2:bf:9b:d7:
af:67:62:f3:a8:21:fe:8d:f4:5e:be:f3:e5:7d:d8:
53:0b:2d:5e:3d:37:d0:f1:0b:4b:35:b3:e0:b6:80:
2d:cc:3e:f6:af:df:2c:cf:a0:c1:8a:64:f6:0d:15:
87:49:0a:81:ea:cb:76:da:87:0a:c0:7a:fc:71:84:
08:0f:4f:ab:0f:11:37:6f:db:f7:53:6a:34:49:d4:
42:5f:96:76:ec:55:ae:92:62:75:30:4e:ce:04:a9:
44:da:0d:c4:c7:c2:f0:12:dc:5e:66:bf:70:24:3f:
cc:47:fa:e7:80:85:30:40:e5:41:30:2b:cf:70:e7:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8B:88:A0:4F:A3:95:74:9C:93:09:3F:A9:22:BF:69:5E:D4:07:84
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/GYuIoE-jlXSckwk_qSK_aV7UB4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.212.0/23
IPv6:
2a05:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
c8:3a:e2:b2:3c:08:47:19:e3:69:6a:ec:50:be:17:30:27:f7:
78:e4:9b:fc:98:aa:5e:38:3e:37:2c:3d:c5:84:a3:5a:38:5d:
f7:5d:43:01:30:59:bc:ad:b0:f1:64:d7:e3:15:73:e9:e3:db:
5c:87:bf:f1:62:08:5b:26:b2:0a:b0:81:07:c4:43:ff:b5:82:
d4:ba:7b:6c:b4:a7:1f:36:64:a2:08:fb:b8:7d:28:16:63:06:
57:d4:95:b8:00:6c:64:73:9c:30:53:17:36:9f:63:ff:9c:6b:
39:d0:f8:b1:0f:20:66:48:f1:22:28:1d:48:8b:77:ad:2c:d9:
dc:31:6c:50:61:cf:ec:36:d1:36:2a:b7:b6:a2:bd:c0:91:3b:
e3:ef:9e:22:84:ca:88:f8:e6:41:18:f8:3b:87:42:ab:f2:d5:
94:4f:ef:1f:7c:bc:e6:39:e7:05:c6:10:bc:8e:8f:23:b9:ca:
d3:08:1f:56:04:8c:e9:03:bd:03:94:f3:70:68:79:c9:a2:ea:
bf:7b:15:3c:4b:84:bc:e1:51:7e:be:1c:be:40:44:fb:3d:ff:
5e:0b:e7:c2:7e:35:8e:84:ba:df:08:bb:95:48:5d:4a:31:01:
b2:97:d3:ef:2b:95:a7:a5:04:62:83:dd:c5:56:16:50:f0:19:
f7:6e:3f:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1guKNokOQjb3tVYnund8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThiODhhMDRmYTM5NTc0OWM5MzA5M2ZhOTIyYmY2OTVlZDQwNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFafhHxG+jAGIOj01SgrWA6C7NVH
jpYZRF44nxE/xY42CE4KIhmX1XnBKkxq0aH2WhLuZQhFiUEW9qcsrSGZJuSABLGy
5V6VSwz4eWME6VYWPtI7zv8vUBVrlB/EVmY/vOATWsQ/y1ZygZko03U+qoiZZY6t
B8P+kNNMB51yReO+TcK/m9evZ2LzqCH+jfRevvPlfdhTCy1ePTfQ8QtLNbPgtoAt
zD72r98sz6DBimT2DRWHSQqB6st22ocKwHr8cYQID0+rDxE3b9v3U2o0SdRCX5Z2
7FWukmJ1ME7OBKlE2g3Ex8LwEtxeZr9wJD/MR/rngIUwQOVBMCvPcOf6JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBmLiKBPo5V0nJMJP6kiv2le1AeEMB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvR1l1SW9FLWpsWFNja3drX3FTS19hVjdVQjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuVPUMA0E
AgACMAcDBQMqBZ8AMA0GCSqGSIb3DQEBCwUAA4IBAQDIOuKyPAhHGeNpauxQvhcw
J/d45Jv8mKpeOD43LD3FhKNaOF33XUMBMFm8rbDxZNfjFXPp49tch7/xYghbJrIK
sIEHxEP/tYLUuntstKcfNmSiCPu4fSgWYwZX1JW4AGxkc5wwUxc2n2P/nGs50Pix
DyBmSPEiKB1Ii3etLNncMWxQYc/sNtE2Kre2or3AkTvj754ihMqI+OZBGPg7h0Kr
8tWUT+8ffLzmOecFxhC8jo8jucrTCB9WBIzpA70DlPNwaHnJouq/exU8S4S84VF+
vhy+QET7Pf9eC+fCfjWOhLrfCLuVSF1KMQGyl9PvK5WnpQRig93FVhZQ8Bn3bj/w
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:16 2025 by rpki-client