Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/gmoUpsRbFiMA-YVm7rfIcmrKKCY.roa
File: gmoUpsRbFiMA-YVm7rfIcmrKKCY.roa (raw, json)
Hash identifier: f5UVu1D2xToivyREz3dQQgbmn+Oo7D3EEy08Tqhgqrs=
Subject key identifier: 82:6A:14:A6:C4:5B:16:23:00:F9:85:66:EE:B7:C8:72:6A:CA:28:26
Certificate issuer: /CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Certificate serial: 019421B1DCA44236A7A5037520778795CE5B
Authority key identifier: B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/gmoUpsRbFiMA-YVm7rfIcmrKKCY.roa
Signing time: Wed 01 Jan 2025 11:48:11 +0000
ROA not before: Wed 01 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29079
IP address blocks: 217.25.48.0/20 maxlen: 20
217.25.48.0/24 maxlen: 24
217.25.49.0/24 maxlen: 24
217.25.50.0/24 maxlen: 24
217.25.51.0/24 maxlen: 24
217.25.52.0/24 maxlen: 24
217.25.53.0/24 maxlen: 24
217.25.54.0/24 maxlen: 24
217.25.55.0/24 maxlen: 24
217.25.56.0/24 maxlen: 24
217.25.57.0/24 maxlen: 24
217.25.58.0/24 maxlen: 24
217.25.59.0/24 maxlen: 24
217.25.60.0/24 maxlen: 24
217.25.61.0/24 maxlen: 24
217.25.62.0/24 maxlen: 24
217.25.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/ubWqn-6wClEnSH80OEB3rnlw-Bo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/ubWqn-6wClEnSH80OEB3rnlw-Bo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dc:a4:42:36:a7:a5:03:75:20:77:87:95:ce:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Validity
Not Before: Jan 1 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=826a14a6c45b162300f98566eeb7c8726aca2826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:d6:59:3a:26:15:40:8d:d0:55:61:ba:06:
be:e4:9f:7b:fd:52:14:1e:f7:5b:f0:dd:7f:df:7b:
b4:1c:2e:bc:d4:1d:aa:75:d2:fa:44:bf:1e:ef:8f:
b6:e8:ca:d7:0f:28:27:06:67:7d:9b:a1:80:fb:b1:
2b:d6:06:42:3e:bb:18:32:3f:2b:73:7e:8e:85:31:
28:31:ea:ce:44:74:23:e5:03:58:6b:75:66:d9:cd:
fd:f3:dd:02:f5:03:7c:7e:e2:5e:47:b5:66:c1:db:
39:d4:5c:1d:c5:77:5c:3b:36:88:47:c2:e5:fb:b9:
cb:c3:59:69:c5:fd:22:78:8a:e3:e9:40:d8:5e:3e:
5f:b1:be:e0:71:59:11:fb:66:1a:61:44:36:f0:24:
61:09:62:31:59:e5:9a:46:29:e4:06:93:74:eb:94:
39:ed:ff:53:84:4c:16:b6:e4:03:b3:a6:9a:3d:15:
4a:18:b6:83:f4:a2:44:6f:4d:04:c8:5c:89:bb:19:
b2:f2:1b:1d:73:9f:57:e1:2f:a8:f7:85:40:e7:a3:
0a:f7:17:ba:10:d9:a2:88:37:5a:c1:9c:14:a2:9f:
f9:90:60:a0:1f:9e:2d:44:94:c9:0e:8e:34:d7:6f:
9d:ba:64:6a:15:63:af:d2:37:22:dd:82:ab:54:06:
75:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6A:14:A6:C4:5B:16:23:00:F9:85:66:EE:B7:C8:72:6A:CA:28:26
X509v3 Authority Key Identifier:
keyid:B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/gmoUpsRbFiMA-YVm7rfIcmrKKCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/ubWqn-6wClEnSH80OEB3rnlw-Bo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.48.0/20
Signature Algorithm: sha256WithRSAEncryption
b7:95:a5:51:ee:1d:72:e9:08:64:72:e1:db:92:b5:bd:a2:4d:
91:e4:29:07:91:bd:3e:b9:c7:a6:af:b2:11:64:87:3a:2c:7f:
15:b5:d0:75:8a:53:81:00:6c:22:7e:0a:c7:95:f9:bf:13:1f:
20:6c:94:8d:7d:28:5f:98:e5:8b:ea:61:5a:ea:19:b7:54:92:
f6:07:8c:51:ac:2f:8c:d2:d0:ed:72:50:ad:14:c9:77:b1:e5:
65:78:e6:00:e4:22:93:6b:bf:84:4b:64:e8:29:71:ef:9b:72:
03:31:48:ea:c4:5c:fd:56:b0:16:06:95:29:72:ec:11:5e:69:
a6:ec:6e:42:ca:30:15:62:ee:a6:6d:e1:b7:83:8d:c4:db:71:
33:b9:56:45:d2:e1:f2:cf:ec:f4:f8:64:02:86:3d:b6:5f:d6:
f0:08:da:97:53:47:1a:c0:c5:5d:49:f2:70:b3:2b:6e:25:1b:
28:0c:40:30:dd:91:e6:6e:c9:77:b8:1c:7f:38:d1:c6:29:8e:
3f:9c:89:b2:c5:6a:71:e8:d9:dd:31:29:fa:16:ae:ca:e3:82:
6b:f1:5e:3b:9c:4b:25:ae:42:a2:f1:73:10:cf:2c:2b:70:6b:
49:e1:2d:54:f7:4d:8f:43:35:f5:ec:8a:96:71:51:e6:f6:36:
be:f9:b1:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdykQjanpQN1IHeHlc5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjVhYTlmZWViMDBhNTEyNzQ4N2YzNDM4NDA3N2FlNzk3
MGY4MWEwHhcNMjUwMTAxMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjZhMTRhNmM0NWIxNjIzMDBmOTg1NjZlZWI3Yzg3MjZhY2EyODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzjWWTomFUCN0FVhuga+5J97/VIU
Hvdb8N1/33u0HC681B2qddL6RL8e74+26MrXDygnBmd9m6GA+7Er1gZCPrsYMj8r
c36OhTEoMerORHQj5QNYa3Vm2c39890C9QN8fuJeR7Vmwds51FwdxXdcOzaIR8Ll
+7nLw1lpxf0ieIrj6UDYXj5fsb7gcVkR+2YaYUQ28CRhCWIxWeWaRinkBpN065Q5
7f9ThEwWtuQDs6aaPRVKGLaD9KJEb00EyFyJuxmy8hsdc59X4S+o94VA56MK9xe6
ENmiiDdawZwUop/5kGCgH54tRJTJDo4012+dumRqFWOv0jci3YKrVAZ10QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJqFKbEWxYjAPmFZu63yHJqyigmMB8GA1UdIwQY
MBaAFLm1qp/usApRJ0h/NDhAd655cPgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJXcW4tNndDbEVuU0g4ME9FQjNybmx3LUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMyY2UtZjVkMi00MzkzLWFiMjMt
ODhhMGQ1ZmRjZjliLzEvZ21vVXBzUmJGaU1BLVlWbTdyZkljbXJLS0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMyY2UtZjVkMi00MzkzLWFiMjMtODhhMGQ1ZmRjZjli
LzEvdWJXcW4tNndDbEVuU0g4ME9FQjNybmx3LUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RkwMA0G
CSqGSIb3DQEBCwUAA4IBAQC3laVR7h1y6QhkcuHbkrW9ok2R5CkHkb0+ucemr7IR
ZIc6LH8VtdB1ilOBAGwifgrHlfm/Ex8gbJSNfShfmOWL6mFa6hm3VJL2B4xRrC+M
0tDtclCtFMl3seVleOYA5CKTa7+ES2ToKXHvm3IDMUjqxFz9VrAWBpUpcuwRXmmm
7G5CyjAVYu6mbeG3g43E23EzuVZF0uHyz+z0+GQChj22X9bwCNqXU0cawMVdSfJw
sytuJRsoDEAw3ZHmbsl3uBx/ONHGKY4/nImyxWpx6NndMSn6Fq7K44Jr8V47nEsl
rkKi8XMQzywrcGtJ4S1U902PQzX17IqWcVHm9ja++bHT
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:48 2025 by rpki-client