Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/G2wclPtQ-NTyFu49JfeZRSYyyxY.roa
File: G2wclPtQ-NTyFu49JfeZRSYyyxY.roa (raw, json)
Hash identifier: X+HR6/7YVlIIqv7OyveCmM7668weB9c1FsbPbUXjZ6M=
Subject key identifier: 1B:6C:1C:94:FB:50:F8:D4:F2:16:EE:3D:25:F7:99:45:26:32:CB:16
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 0194228D4CBA2D4DC610CAA70450B099A66C
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/G2wclPtQ-NTyFu49JfeZRSYyyxY.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15958
IP address blocks: 109.106.224.0/20 maxlen: 20
109.245.0.0/16 maxlen: 16
109.245.0.0/21 maxlen: 21
109.245.8.0/22 maxlen: 22
109.245.16.0/20 maxlen: 20
109.245.40.0/21 maxlen: 21
109.245.48.0/20 maxlen: 20
109.245.192.0/19 maxlen: 19
109.245.228.0/22 maxlen: 22
109.245.232.0/21 maxlen: 21
109.245.240.0/20 maxlen: 20
217.65.192.0/20 maxlen: 20
217.65.196.0/22 maxlen: 22
217.65.200.0/21 maxlen: 21
217.65.201.0/24 maxlen: 24
217.65.202.0/23 maxlen: 23
217.65.204.0/22 maxlen: 22
2a01:ac80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4c:ba:2d:4d:c6:10:ca:a7:04:50:b0:99:a6:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b6c1c94fb50f8d4f216ee3d25f799452632cb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:bd:7f:c7:d0:79:e6:18:cb:c7:41:94:08:
4e:e3:06:a1:73:6b:13:ca:d6:0e:79:f9:0d:b1:a0:
15:95:79:d7:47:aa:85:87:47:ba:c2:f7:9e:b6:7b:
75:8c:0a:0c:93:02:ca:9a:98:a7:29:31:24:fd:ef:
49:9f:db:3b:e0:44:57:b9:69:e2:ae:18:e6:1f:e6:
07:30:2b:c5:23:13:f0:c0:75:f4:fb:a6:36:04:d5:
63:bc:e4:f4:c2:5c:06:de:b4:d5:14:e4:00:84:0c:
6d:5f:f8:ba:a9:11:b6:f3:29:3c:57:c7:27:ae:15:
12:cf:6b:0c:e0:d9:53:22:64:be:b4:a1:53:a3:51:
f1:27:ad:e4:77:73:36:4a:0c:e7:f2:e6:ba:9a:05:
4a:12:a4:85:ef:e1:97:56:ce:b1:13:6d:e6:9c:61:
cf:51:42:e6:77:53:b4:b5:99:34:62:96:a5:91:9c:
0d:22:e4:b4:03:b2:64:d2:4a:69:22:10:8f:c3:18:
c3:3f:87:a4:d4:bf:05:56:b6:2b:68:1b:5c:e3:17:
26:fe:33:53:f3:b9:a2:33:5b:a2:89:65:2a:ae:3f:
2a:4c:d9:ab:9a:fa:dc:b2:ea:c9:50:8d:13:5a:4b:
29:17:13:3b:e7:cc:84:5c:e2:de:a4:96:1b:4c:c0:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6C:1C:94:FB:50:F8:D4:F2:16:EE:3D:25:F7:99:45:26:32:CB:16
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/G2wclPtQ-NTyFu49JfeZRSYyyxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.224.0/20
109.245.0.0/16
217.65.192.0/20
IPv6:
2a01:ac80::/32
Signature Algorithm: sha256WithRSAEncryption
1d:e8:cd:3d:05:8e:bc:d3:84:55:fa:d9:93:33:61:a1:73:22:
e0:00:5f:90:51:8a:f1:40:0d:68:45:ca:fd:d3:b2:cc:89:4c:
53:82:19:f2:e3:9f:41:dc:6d:e2:8d:24:91:d9:b6:b5:49:03:
20:2d:07:eb:1c:7a:49:94:fc:22:a1:32:3c:12:d9:ce:8f:b8:
13:d8:a5:20:05:0d:2c:a2:e3:8b:df:cd:34:c9:99:d3:fb:61:
7c:dc:55:56:d2:b3:52:ef:9c:80:59:de:7f:2f:bc:27:df:aa:
cc:4e:de:4a:30:22:54:18:27:4c:29:43:08:7b:f5:23:a7:e5:
83:30:0f:57:17:66:1d:60:3d:12:91:bc:b2:21:b5:b5:2c:e9:
e5:da:ae:8f:1c:8f:8a:ce:96:b5:3d:b8:29:f3:fc:d2:1a:cc:
a9:c1:ae:57:d7:10:ce:69:d3:a5:79:58:03:15:50:34:7f:04:
e2:6c:5d:15:8b:66:a4:6c:20:d8:ff:ea:80:04:d2:fc:8c:7c:
18:fb:9a:d3:dd:c1:5b:a9:12:8d:6f:17:55:7b:7f:d3:3f:d5:
67:15:08:18:e7:12:fb:ca:aa:e4:55:5c:89:d9:7a:df:eb:dc:
16:65:74:a7:7a:b0:83:f4:80:42:c9:63:fb:53:51:3c:4e:a3:
ef:c5:18:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQijUy6LU3GEMqnBFCwmaZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZjMWM5NGZiNTBmOGQ0ZjIxNmVlM2QyNWY3OTk0NTI2MzJjYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD29f8fQeeYYy8dBlAhO4wahc2sT
ytYOefkNsaAVlXnXR6qFh0e6wveetnt1jAoMkwLKmpinKTEk/e9Jn9s74ERXuWni
rhjmH+YHMCvFIxPwwHX0+6Y2BNVjvOT0wlwG3rTVFOQAhAxtX/i6qRG28yk8V8cn
rhUSz2sM4NlTImS+tKFTo1HxJ63kd3M2Sgzn8ua6mgVKEqSF7+GXVs6xE23mnGHP
UULmd1O0tZk0YpalkZwNIuS0A7Jk0kppIhCPwxjDP4ek1L8FVrYraBtc4xcm/jNT
87miM1uiiWUqrj8qTNmrmvrcsurJUI0TWkspFxM758yEXOLepJYbTMC/+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBtsHJT7UPjU8hbuPSX3mUUmMssWMB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvRzJ3Y2xQdFEtTlR5RnU0OUpmZVpSU1l5eXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQEbWrgAwMA
bfUDBATZQcAwDQQCAAIwBwMFACoBrIAwDQYJKoZIhvcNAQELBQADggEBAB3ozT0F
jrzThFX62ZMzYaFzIuAAX5BRivFADWhFyv3TssyJTFOCGfLjn0HcbeKNJJHZtrVJ
AyAtB+scekmU/CKhMjwS2c6PuBPYpSAFDSyi44vfzTTJmdP7YXzcVVbSs1LvnIBZ
3n8vvCffqsxO3kowIlQYJ0wpQwh79SOn5YMwD1cXZh1gPRKRvLIhtbUs6eXaro8c
j4rOlrU9uCnz/NIazKnBrlfXEM5p06V5WAMVUDR/BOJsXRWLZqRsINj/6oAE0vyM
fBj7mtPdwVupEo1vF1V7f9M/1WcVCBjnEvvKquRVXInZet/r3BZldKd6sIP0gELJ
Y/tTUTxOo+/FGMY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:54:28 2025 by rpki-client