Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/GRpxJM6uak1q4A4UBjGhlwT7Cps.roa
File: GRpxJM6uak1q4A4UBjGhlwT7Cps.roa (raw, json)
Hash identifier: wNBRbInhIrKHJa8W7MC+iDamgy4K7A7SioRTK7a6kK0=
Subject key identifier: 19:1A:71:24:CE:AE:6A:4D:6A:E0:0E:14:06:31:A1:97:04:FB:0A:9B
Certificate issuer: /CN=34b8d5f9138568b52cb0936e2b4c94f77ce57aec
Certificate serial: 01942444CB4C920BFD7A7C5A3F5E01A594DC
Authority key identifier: 34:B8:D5:F9:13:85:68:B5:2C:B0:93:6E:2B:4C:94:F7:7C:E5:7A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLjV-ROFaLUssJNuK0yU93zleuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/GRpxJM6uak1q4A4UBjGhlwT7Cps.roa
Signing time: Wed 01 Jan 2025 23:47:55 +0000
ROA not before: Wed 01 Jan 2025 23:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197870
IP address blocks: 176.57.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/NLjV-ROFaLUssJNuK0yU93zleuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/NLjV-ROFaLUssJNuK0yU93zleuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLjV-ROFaLUssJNuK0yU93zleuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:cb:4c:92:0b:fd:7a:7c:5a:3f:5e:01:a5:94:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b8d5f9138568b52cb0936e2b4c94f77ce57aec
Validity
Not Before: Jan 1 23:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=191a7124ceae6a4d6ae00e140631a19704fb0a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c9:dd:be:45:b3:cd:11:4e:e0:76:88:4e:0d:
d1:a9:e2:a9:29:b1:38:c4:e0:d0:da:79:e3:65:47:
b2:82:e9:2a:16:ad:60:cd:a6:94:de:ed:39:4f:c7:
07:0c:6d:b1:6d:88:50:1a:43:aa:d7:c2:be:f8:b9:
11:3b:46:e8:6a:d2:d2:25:a0:2b:36:b2:72:64:87:
2f:d0:d9:cb:98:61:7b:0b:b1:24:e4:46:1c:ec:f2:
a3:43:d6:60:b4:6f:d7:8d:56:17:34:3c:56:5b:79:
c0:3f:05:3e:c6:23:30:62:61:0d:a0:6f:fa:33:39:
fd:98:3e:3a:84:b7:df:9c:65:5e:7b:20:68:e1:54:
18:d9:35:11:8a:39:83:61:82:91:26:1b:ac:bc:35:
a3:43:84:6c:5f:d5:63:f7:ba:1a:41:25:bd:ee:7f:
78:93:00:cd:40:26:0b:a2:79:38:5a:bd:70:bf:25:
5b:4e:43:fe:3f:33:18:47:77:20:3c:64:91:bd:6e:
0c:99:85:11:95:34:ce:3b:9e:a7:d4:ed:91:ae:23:
97:c5:00:f3:1d:3d:fb:18:07:ad:90:14:e5:c2:b9:
de:c3:aa:7f:d4:b0:f7:84:78:06:60:4c:e1:da:95:
18:bd:a9:28:47:5e:09:09:d7:ba:9e:f3:f4:ec:4e:
a0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1A:71:24:CE:AE:6A:4D:6A:E0:0E:14:06:31:A1:97:04:FB:0A:9B
X509v3 Authority Key Identifier:
keyid:34:B8:D5:F9:13:85:68:B5:2C:B0:93:6E:2B:4C:94:F7:7C:E5:7A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLjV-ROFaLUssJNuK0yU93zleuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/GRpxJM6uak1q4A4UBjGhlwT7Cps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc5820-8197-4f3d-b625-e20ebbd085e1/1/NLjV-ROFaLUssJNuK0yU93zleuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:09:03:4f:91:c5:ba:a4:e0:4d:2d:8d:28:50:3d:fd:73:7d:
77:17:a9:c8:f4:52:cf:94:59:ab:59:4e:13:4b:13:2a:ec:ab:
86:1c:be:83:68:88:31:25:e2:6a:8d:f9:f3:2e:fd:fc:57:11:
b3:2d:85:c3:ad:b7:f3:3a:33:14:b6:e8:1b:9a:80:83:63:35:
10:3a:f0:f5:50:af:86:65:e0:13:5d:65:07:b0:71:22:79:e9:
1d:7e:c4:42:fa:35:d7:0e:dd:77:f2:c4:a3:ab:b8:3a:34:47:
02:85:fd:32:85:10:19:ed:8d:e5:8f:4c:f9:fb:0c:c1:70:be:
06:b3:7f:b8:7a:7b:fe:32:34:a8:80:2a:e5:8d:4c:d9:be:54:
d7:ad:96:9d:1f:da:cb:b4:ef:5d:67:ea:19:40:38:85:14:cb:
01:01:f5:be:a6:a6:18:ce:06:93:aa:23:f8:72:7a:18:71:b4:
2a:4f:fd:2e:62:a7:d0:de:65:18:57:3d:f8:a0:03:f1:29:95:
cc:03:9e:a1:5b:6d:83:61:78:d4:d3:9b:07:37:25:b4:bd:56:
61:69:ec:06:4f:98:24:3f:91:b2:f1:6c:73:0f:97:82:a7:d7:
44:43:ef:e1:ed:df:0b:bd:ff:03:7d:d6:a5:41:b1:4a:fd:04:
32:0f:42:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRMtMkgv9enxaP14BpZTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjhkNWY5MTM4NTY4YjUyY2IwOTM2ZTJiNGM5NGY3N2Nl
NTdhZWMwHhcNMjUwMTAxMjM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFhNzEyNGNlYWU2YTRkNmFlMDBlMTQwNjMxYTE5NzA0ZmIwYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMndvkWzzRFO4HaITg3RqeKpKbE4
xODQ2nnjZUeygukqFq1gzaaU3u05T8cHDG2xbYhQGkOq18K++LkRO0boatLSJaAr
NrJyZIcv0NnLmGF7C7Ek5EYc7PKjQ9ZgtG/XjVYXNDxWW3nAPwU+xiMwYmENoG/6
Mzn9mD46hLffnGVeeyBo4VQY2TURijmDYYKRJhusvDWjQ4RsX9Vj97oaQSW97n94
kwDNQCYLonk4Wr1wvyVbTkP+PzMYR3cgPGSRvW4MmYURlTTOO56n1O2RriOXxQDz
HT37GAetkBTlwrnew6p/1LD3hHgGYEzh2pUYvakoR14JCde6nvP07E6gVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkacSTOrmpNauAOFAYxoZcE+wqbMB8GA1UdIwQY
MBaAFDS41fkThWi1LLCTbitMlPd85XrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxqVi1ST0ZhTFVzc0pOdUsweVU5M3psZXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mYzU4MjAtODE5Ny00ZjNkLWI2MjUt
ZTIwZWJiZDA4NWUxLzEvR1JweEpNNnVhazFxNEE0VUJqR2hsd1Q3Q3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mYzU4MjAtODE5Ny00ZjNkLWI2MjUtZTIwZWJiZDA4NWUx
LzEvTkxqVi1ST0ZhTFVzc0pOdUsweVU5M3psZXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsDkoMA0G
CSqGSIb3DQEBCwUAA4IBAQAdCQNPkcW6pOBNLY0oUD39c313F6nI9FLPlFmrWU4T
SxMq7KuGHL6DaIgxJeJqjfnzLv38VxGzLYXDrbfzOjMUtugbmoCDYzUQOvD1UK+G
ZeATXWUHsHEieekdfsRC+jXXDt138sSjq7g6NEcChf0yhRAZ7Y3lj0z5+wzBcL4G
s3+4env+MjSogCrljUzZvlTXrZadH9rLtO9dZ+oZQDiFFMsBAfW+pqYYzgaTqiP4
cnoYcbQqT/0uYqfQ3mUYVz34oAPxKZXMA56hW22DYXjU05sHNyW0vVZhaewGT5gk
P5Gy8WxzD5eCp9dEQ+/h7d8Lvf8DfdalQbFK/QQyD0IO
-----END CERTIFICATE-----
Generated at Sun Mar 9 17:57:47 2025 by rpki-client