Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/RqGemHASq4a3yEktWB8WjU_L-0c.roa
File: RqGemHASq4a3yEktWB8WjU_L-0c.roa (raw, json)
Hash identifier: vaorPMqPLbSGClI0kn7HOZCELp91/Z7k6rtXVGnH8yc=
Subject key identifier: 46:A1:9E:98:70:12:AB:86:B7:C8:49:2D:58:1F:16:8D:4F:CB:FB:47
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 019426D8C139FD39C944D05D5BE47993C528
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/RqGemHASq4a3yEktWB8WjU_L-0c.roa
Signing time: Thu 02 Jan 2025 11:48:46 +0000
ROA not before: Thu 02 Jan 2025 11:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210841
IP address blocks: 80.73.219.0/24 maxlen: 24
80.73.220.0/22 maxlen: 24
91.232.129.0/24 maxlen: 24
91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
91.232.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:c1:39:fd:39:c9:44:d0:5d:5b:e4:79:93:c5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jan 2 11:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a19e987012ab86b7c8492d581f168d4fcbfb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b4:1a:02:66:42:ab:e0:bb:e3:2d:b3:af:73:
da:04:c5:a2:46:8d:fc:69:c0:9d:f5:c5:bb:dd:20:
9e:d2:11:12:d8:0d:71:3d:f5:2e:02:8f:d8:ed:da:
36:69:f1:a9:86:3c:0a:4c:0b:a0:9f:55:01:d9:e7:
d4:55:1b:50:4b:59:10:b4:ef:6c:c3:ce:23:57:3b:
3f:13:1a:f0:c4:89:da:bd:e7:4e:be:83:f1:b5:f2:
a6:ab:03:b3:05:86:35:37:fb:25:68:ab:ef:16:5b:
6c:8f:69:48:88:3e:87:9c:6b:e1:9e:5e:f3:5b:2c:
a8:44:ec:0b:26:12:13:b1:1f:d3:f6:ce:02:d8:2d:
c9:4d:d0:26:43:dd:fe:09:27:3b:0e:9f:f6:a9:3f:
d2:a3:98:66:c9:88:b7:9e:e1:3c:eb:0d:f9:f2:22:
8f:dc:71:70:9d:a8:18:25:f9:ea:8f:9a:18:5c:61:
df:28:d6:0d:8b:16:a2:b0:a5:5e:84:dc:75:70:cd:
6e:cd:14:cc:00:2b:48:ad:0f:38:d1:2c:29:df:50:
b9:44:b0:90:91:e1:8a:5a:d2:e3:14:11:25:84:1f:
13:0d:95:4a:67:5a:47:7c:31:7b:0c:d3:eb:a7:eb:
aa:b4:99:cd:64:aa:74:03:58:f0:08:5c:71:39:e5:
60:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A1:9E:98:70:12:AB:86:B7:C8:49:2D:58:1F:16:8D:4F:CB:FB:47
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/RqGemHASq4a3yEktWB8WjU_L-0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.223.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5b:67:3e:97:01:eb:55:13:d9:a6:f7:9d:2c:bb:4f:92:33:
23:98:5c:8e:0f:51:90:a0:18:60:6c:64:51:77:64:6b:f7:2f:
97:74:ba:72:74:65:1b:95:ab:7e:c3:a0:83:4b:8f:80:53:bf:
d4:8b:0a:03:2d:74:83:b9:30:92:6f:95:60:49:7a:be:2c:89:
3f:7f:74:c2:b3:84:9b:52:4e:35:b7:19:b0:c9:38:13:dc:30:
f9:73:1f:b1:47:0b:3b:e5:ae:69:0d:74:db:b0:8c:c8:1b:d5:
fe:ee:ff:1e:8a:a9:59:24:1f:d4:0f:a6:10:19:42:b6:90:90:
ac:c2:8c:b5:6c:e6:a5:01:46:3a:c1:ef:e3:92:0e:26:34:64:
cd:ab:16:dd:ad:c8:00:59:e7:c0:dd:2b:ad:aa:71:6c:63:8c:
5a:48:7b:3d:07:38:6d:9d:8d:5e:cd:c9:81:11:ae:17:f5:1f:
62:69:61:e5:0a:d5:da:f4:68:3f:43:fe:99:0e:67:2e:27:7e:
54:fc:d9:5d:51:19:5f:ae:25:ce:9e:5e:04:61:a1:77:ef:3e:
50:21:8a:b4:dd:18:0d:fd:98:00:64:5f:94:74:e2:d7:3d:44:
8b:d5:46:51:28:2c:95:8b:fd:eb:9b:6e:ba:39:41:00:72:08:
fc:5e:99:08
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQm2ME5/TnJRNBdW+R5k8UoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjUwMTAyMTE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmExOWU5ODcwMTJhYjg2YjdjODQ5MmQ1ODFmMTY4ZDRmY2JmYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrQaAmZCq+C74y2zr3PaBMWiRo38
acCd9cW73SCe0hES2A1xPfUuAo/Y7do2afGphjwKTAugn1UB2efUVRtQS1kQtO9s
w84jVzs/ExrwxInavedOvoPxtfKmqwOzBYY1N/slaKvvFltsj2lIiD6HnGvhnl7z
WyyoROwLJhITsR/T9s4C2C3JTdAmQ93+CSc7Dp/2qT/So5hmyYi3nuE86w358iKP
3HFwnagYJfnqj5oYXGHfKNYNixaisKVehNx1cM1uzRTMACtIrQ840Swp31C5RLCQ
keGKWtLjFBElhB8TDZVKZ1pHfDF7DNPrp+uqtJnNZKp0A1jwCFxxOeVghQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEahnphwEquGt8hJLVgfFo1Py/tHMB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEvUnFHZW1IQVNxNGEzeUVrdFdCOFdqVV9MLTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABQSdsD
BAVQScADBABb6IEDBABb6MYDBABb6NADBABb6OswDQYJKoZIhvcNAQELBQADggEB
AIpbZz6XAetVE9mm950su0+SMyOYXI4PUZCgGGBsZFF3ZGv3L5d0unJ0ZRuVq37D
oINLj4BTv9SLCgMtdIO5MJJvlWBJer4siT9/dMKzhJtSTjW3GbDJOBPcMPlzH7FH
CzvlrmkNdNuwjMgb1f7u/x6KqVkkH9QPphAZQraQkKzCjLVs5qUBRjrB7+OSDiY0
ZM2rFt2tyABZ58DdK62qcWxjjFpIez0HOG2djV7NyYERrhf1H2JpYeUK1dr0aD9D
/pkOZy4nflT82V1RGV+uJc6eXgRhoXfvPlAhirTdGA39mABkX5R04tc9RIvVRlEo
LJWL/eubbro5QQByCPxemQg=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:52:22 2025 by rpki-client