Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/GcsSEat9NsqT_94yQpD14Wkz5bM.roa
File: GcsSEat9NsqT_94yQpD14Wkz5bM.roa (raw, json)
Hash identifier: Z+N4jmA9jyUUH+rZkvbQnNXcsocdrdSVNKIh39tULtg=
Subject key identifier: 19:CB:12:11:AB:7D:36:CA:93:FF:DE:32:42:90:F5:E1:69:33:E5:B3
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01953C1F720F5F92AEE6E5F8A9E5C270555F
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/GcsSEat9NsqT_94yQpD14Wkz5bM.roa
Signing time: Tue 25 Feb 2025 08:00:48 +0000
ROA not before: Tue 25 Feb 2025 08:00:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.140.57.0/24 maxlen: 24
45.140.58.0/24 maxlen: 24
45.149.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:1f:72:0f:5f:92:ae:e6:e5:f8:a9:e5:c2:70:55:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Feb 25 08:00:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19cb1211ab7d36ca93ffde324290f5e16933e5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1f:10:5a:a3:84:4d:72:a0:86:2c:71:c5:6b:
50:46:e8:a7:17:f8:f3:8e:5d:dc:9d:5b:83:7f:51:
42:58:90:ad:9b:c4:04:dd:b6:73:c3:f7:e6:e1:df:
6d:a4:58:a7:2a:d8:55:8a:72:14:2f:1a:e8:b1:57:
bf:6b:dd:b6:50:bb:67:b1:ec:37:03:a8:e9:ff:e6:
14:bd:17:94:d1:ab:74:85:16:20:98:68:29:e9:c2:
a6:d3:6e:c9:b1:48:fc:08:98:11:c9:07:8c:59:95:
5a:b2:0f:64:f1:c6:77:07:6e:98:93:4f:3c:e7:a7:
91:79:c0:67:17:2e:2d:38:c4:c2:0b:52:d6:e0:07:
5b:c0:6e:8d:84:ef:33:0b:85:8c:f2:96:d7:67:2e:
6a:08:08:83:a7:0a:4f:08:7a:09:ce:a1:e8:8d:02:
49:37:42:d6:2b:1e:37:d1:eb:d2:af:55:15:67:9b:
67:e0:ba:c0:4c:4c:5a:42:e0:aa:4e:42:b3:32:c7:
c4:2c:fd:2b:e8:de:c7:23:ac:1c:17:33:35:ee:69:
cf:3b:54:79:fd:3f:68:15:76:09:59:62:6f:a0:bd:
2c:95:29:3a:5b:4d:b9:e2:13:9a:dc:64:59:5f:d7:
db:d3:e1:af:f1:c5:02:cc:f0:a0:57:92:86:44:34:
7e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CB:12:11:AB:7D:36:CA:93:FF:DE:32:42:90:F5:E1:69:33:E5:B3
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/GcsSEat9NsqT_94yQpD14Wkz5bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.57.0-45.140.58.255
45.149.4.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d5:4a:44:cc:75:aa:c1:8f:d4:47:23:01:75:88:59:3b:5a:
7f:6f:d6:c2:c6:8d:e8:d8:f2:48:db:8e:d9:56:81:7c:36:8d:
9e:33:8d:db:28:5a:aa:73:3e:f5:54:f9:b4:38:69:9a:68:a1:
72:47:13:f1:ac:78:e8:da:a4:81:56:63:b0:cd:0f:e9:a0:4e:
20:f4:49:4e:ee:a4:1a:21:d1:24:a3:58:cf:f1:36:77:47:ac:
b3:cf:2d:b9:ec:36:75:d6:dc:d3:7a:31:10:3c:25:a4:34:03:
cf:5d:b2:28:24:06:2b:3d:32:d7:b8:60:f7:8e:10:a0:2e:22:
1c:3c:3c:bf:4b:9d:a7:53:8c:33:82:56:50:5f:1a:99:fb:8c:
de:41:c2:56:3b:87:3e:b6:4c:c5:73:13:76:8a:91:b0:39:67:
4f:17:b1:62:21:91:72:31:eb:bf:7a:99:14:6b:25:ac:2c:46:
49:47:72:8c:2b:b7:b5:28:20:bf:80:de:d3:e9:e1:5d:2d:70:
a2:d0:87:aa:d7:69:2a:4d:a6:19:82:ae:ed:46:6d:08:a8:6b:
b2:9d:6f:cc:25:dd:b7:0e:07:3b:4c:50:16:9f:41:ad:bb:cd:
ef:e3:a0:2f:48:b5:ed:73:3c:a8:fe:4f:b3:7a:ac:da:04:d5:
ce:9a:a4:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZU8H3IPX5Ku5uX4qeXCcFVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMjI1MDgwMDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNiMTIxMWFiN2QzNmNhOTNmZmRlMzI0MjkwZjVlMTY5MzNlNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R8QWqOETXKghixxxWtQRuinF/jz
jl3cnVuDf1FCWJCtm8QE3bZzw/fm4d9tpFinKthVinIULxrosVe/a922ULtnsew3
A6jp/+YUvReU0at0hRYgmGgp6cKm027JsUj8CJgRyQeMWZVasg9k8cZ3B26Yk088
56eRecBnFy4tOMTCC1LW4AdbwG6NhO8zC4WM8pbXZy5qCAiDpwpPCHoJzqHojQJJ
N0LWKx430evSr1UVZ5tn4LrATExaQuCqTkKzMsfELP0r6N7HI6wcFzM17mnPO1R5
/T9oFXYJWWJvoL0slSk6W0254hOa3GRZX9fb0+Gv8cUCzPCgV5KGRDR+RQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBnLEhGrfTbKk//eMkKQ9eFpM+WzMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvR2NzU0VhdDlOc3FUXzk0eVFwRDE0V2t6NWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtjDkD
BAAtjDoDBAAtlQQwDQYJKoZIhvcNAQELBQADggEBAFfVSkTMdarBj9RHIwF1iFk7
Wn9v1sLGjejY8kjbjtlWgXw2jZ4zjdsoWqpzPvVU+bQ4aZpooXJHE/GseOjapIFW
Y7DND+mgTiD0SU7upBoh0SSjWM/xNndHrLPPLbnsNnXW3NN6MRA8JaQ0A89dsigk
Bis9Mte4YPeOEKAuIhw8PL9LnadTjDOCVlBfGpn7jN5BwlY7hz62TMVzE3aKkbA5
Z08XsWIhkXIx6796mRRrJawsRklHcowrt7UoIL+A3tPp4V0tcKLQh6rXaSpNphmC
ru1GbQioa7Kdb8wl3bcOBztMUBafQa27ze/joC9Ite1zPKj+T7N6rNoE1c6apG8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:07:36 2025 by rpki-client