Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/GLKnJ3LTIabZeoGVzMCaJjFByNY.roa
File: GLKnJ3LTIabZeoGVzMCaJjFByNY.roa (raw, json)
Hash identifier: +WAt95sFiKCWSXPNQeYrpYryf9q0NJaDtl61QpO/UCY=
Subject key identifier: 18:B2:A7:27:72:D3:21:A6:D9:7A:81:95:CC:C0:9A:26:31:41:C8:D6
Certificate issuer: /CN=d57831c1f5e6002542bcebadef24128ad846eaf9
Certificate serial: 0196D934EA18D11AB72AEF64AC82E1D0D809
Authority key identifier: D5:78:31:C1:F5:E6:00:25:42:BC:EB:AD:EF:24:12:8A:D8:46:EA:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/GLKnJ3LTIabZeoGVzMCaJjFByNY.roa
Signing time: Fri 16 May 2025 13:07:25 +0000
ROA not before: Fri 16 May 2025 13:07:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 185.216.13.0/24 maxlen: 24
2a13:6300::/32 maxlen: 32
2a13:6301::/32 maxlen: 32
2a13:6302::/32 maxlen: 32
2a13:6303::/32 maxlen: 32
2a13:6304::/32 maxlen: 32
2a13:6305::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 10:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d9:34:ea:18:d1:1a:b7:2a:ef:64:ac:82:e1:d0:d8:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d57831c1f5e6002542bcebadef24128ad846eaf9
Validity
Not Before: May 16 13:07:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18b2a72772d321a6d97a8195ccc09a263141c8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:47:4d:ab:b7:00:c8:17:b6:dd:89:f9:98:67:
cc:0a:6e:d9:ed:df:3f:3e:cd:eb:e6:1a:13:d3:d7:
df:40:c9:4c:a8:cf:ff:7a:ec:80:e8:c8:38:ec:f1:
42:a0:11:c6:43:41:de:9e:5e:22:d7:55:5f:77:f2:
fa:a4:39:68:0d:77:94:7d:7a:a0:d5:d5:90:3c:14:
ce:7d:75:15:25:cb:f6:7c:9c:42:0b:3e:6d:a3:ee:
47:52:ab:38:72:d9:b2:4a:cf:c5:38:43:1f:e6:17:
61:01:bf:67:3a:a5:c1:e6:51:d2:e6:f8:d8:a7:b7:
a9:cf:de:eb:6c:e0:8b:73:f2:13:05:32:e9:10:39:
99:0e:3d:67:19:93:0d:7e:b1:60:eb:78:6e:4f:f8:
80:43:21:00:dd:6a:6a:00:60:b3:20:8c:bd:ff:6f:
3d:4f:88:73:f6:d7:8e:cd:a3:53:05:f9:d8:3e:47:
46:33:9d:3f:98:2a:39:e1:fe:37:16:87:42:49:af:
3d:ad:3f:07:7e:ca:f4:48:95:e2:da:69:c5:4a:a9:
ec:0d:91:64:5d:a4:49:2e:20:57:00:7b:ce:73:99:
b3:12:76:83:8b:63:b4:32:b2:b2:8a:52:c1:d6:fe:
30:21:bf:be:8e:6e:df:8c:b2:9f:88:5c:5b:6b:c4:
0b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B2:A7:27:72:D3:21:A6:D9:7A:81:95:CC:C0:9A:26:31:41:C8:D6
X509v3 Authority Key Identifier:
keyid:D5:78:31:C1:F5:E6:00:25:42:BC:EB:AD:EF:24:12:8A:D8:46:EA:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XgxwfXmACVCvOut7yQSithG6vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/GLKnJ3LTIabZeoGVzMCaJjFByNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b1964a-30ae-4482-845d-746365dba5bb/1/1XgxwfXmACVCvOut7yQSithG6vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.13.0/24
IPv6:
2a13:6300::-2a13:6305:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:8f:b6:06:4b:99:09:18:35:eb:fe:ee:c0:91:36:9c:14:ab:
33:64:2d:32:d1:14:c1:88:6b:02:2d:3d:73:b3:54:e6:f6:0e:
60:f2:b9:36:0c:49:3a:9d:97:66:10:9f:ec:f4:9d:44:60:82:
4b:22:fa:73:73:15:cc:d7:47:a8:4d:09:6d:e8:f8:16:39:0a:
ee:1b:49:0f:a3:aa:9c:df:8f:de:c9:e3:2a:3a:51:76:d2:95:
9f:65:c4:ff:35:b3:26:63:a0:cd:b7:74:4f:ae:82:03:df:b7:
be:58:f8:71:1b:22:b9:27:34:3e:1e:96:68:cd:7c:0a:9e:ff:
f3:1b:14:77:c8:db:10:6e:fd:15:7d:97:90:96:aa:8d:d1:45:
83:32:2e:1a:dd:a3:b6:0f:34:a6:4c:8d:f9:30:7e:b7:27:c7:
4e:5f:f5:d7:d6:63:ba:47:c6:e6:2c:d4:98:76:af:3f:6a:df:
d9:27:bf:22:f9:9e:3d:56:57:9c:8b:2a:61:ad:7a:c2:d7:32:
20:aa:17:51:e1:b9:65:bb:36:29:c0:94:3f:48:fd:a4:d5:3c:
16:42:23:f0:1d:7e:49:d6:2b:a3:43:af:07:6d:7c:82:0d:5a:
24:ab:13:aa:5d:dc:2f:57:b5:89:c9:1e:f0:60:24:7a:9b:66:
f7:3b:bd:44
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZbZNOoY0Rq3Ku9krILh0NgJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzgzMWMxZjVlNjAwMjU0MmJjZWJhZGVmMjQxMjhhZDg0
NmVhZjkwHhcNMjUwNTE2MTMwNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGIyYTcyNzcyZDMyMWE2ZDk3YTgxOTVjY2MwOWEyNjMxNDFjOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0dNq7cAyBe23Yn5mGfMCm7Z7d8/
Ps3r5hoT09ffQMlMqM//euyA6Mg47PFCoBHGQ0Henl4i11Vfd/L6pDloDXeUfXqg
1dWQPBTOfXUVJcv2fJxCCz5to+5HUqs4ctmySs/FOEMf5hdhAb9nOqXB5lHS5vjY
p7epz97rbOCLc/ITBTLpEDmZDj1nGZMNfrFg63huT/iAQyEA3WpqAGCzIIy9/289
T4hz9teOzaNTBfnYPkdGM50/mCo54f43FodCSa89rT8Hfsr0SJXi2mnFSqnsDZFk
XaRJLiBXAHvOc5mzEnaDi2O0MrKyilLB1v4wIb++jm7fjLKfiFxba8QLEwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBiypydy0yGm2XqBlczAmiYxQcjWMB8GA1UdIwQY
MBaAFNV4McH15gAlQrzrre8kEorYRur5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhneHdmWG1BQ1ZDdk91dDd5UVNpdGhHNnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iMTk2NGEtMzBhZS00NDgyLTg0NWQt
NzQ2MzY1ZGJhNWJiLzEvR0xLbkozTFRJYWJaZW9HVnpNQ2FKakZCeU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9iMTk2NGEtMzBhZS00NDgyLTg0NWQtNzQ2MzY1ZGJhNWJi
LzEvMVhneHdmWG1BQ1ZDdk91dDd5UVNpdGhHNnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAudgNMBUE
AgACMA8wDQMEACoTYwMFASoTYwQwDQYJKoZIhvcNAQELBQADggEBAACPtgZLmQkY
Nev+7sCRNpwUqzNkLTLRFMGIawItPXOzVOb2DmDyuTYMSTqdl2YQn+z0nURggksi
+nNzFczXR6hNCW3o+BY5Cu4bSQ+jqpzfj97J4yo6UXbSlZ9lxP81syZjoM23dE+u
ggPft75Y+HEbIrknND4elmjNfAqe//MbFHfI2xBu/RV9l5CWqo3RRYMyLhrdo7YP
NKZMjfkwfrcnx05f9dfWY7pHxuYs1Jh2rz9q39knvyL5nj1WV5yLKmGtesLXMiCq
F1HhuWW7NinAlD9I/aTVPBZCI/AdfknWK6NDrwdtfIINWiSrE6pd3C9XtYnJHvBg
JHqbZvc7vUQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:44:00 2025 by rpki-client