Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/gFNRnlkfj7jGrkDf0U_ATUvIHvs.roa
File: gFNRnlkfj7jGrkDf0U_ATUvIHvs.roa (raw, json)
Hash identifier: jiowHkF10Lfpa6R4lQgePc6dWYmERzQq5ivqiFFN9Ag=
Subject key identifier: 80:53:51:9E:59:1F:8F:B8:C6:AE:40:DF:D1:4F:C0:4D:4B:C8:1E:FB
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBC0DFF1B351B0A9FD56B3B94998F4
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/gFNRnlkfj7jGrkDf0U_ATUvIHvs.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396562
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c0:df:f1:b3:51:b0:a9:fd:56:b3:b9:49:98:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8053519e591f8fb8c6ae40dfd14fc04d4bc81efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:7e:54:40:c9:24:68:c0:0b:a8:80:bc:f3:
03:02:e2:8c:b9:08:1f:b2:e3:bd:cd:e5:e2:2c:9b:
af:44:a8:de:0c:72:a9:63:54:32:32:c4:cd:de:9a:
d8:07:96:91:5a:af:9f:73:f0:d4:fd:35:2c:bf:e2:
71:b1:1f:86:36:93:d0:b8:f8:2d:03:f3:e8:44:c6:
f3:6e:3b:6a:45:47:38:74:b4:a8:87:9f:33:86:1c:
22:83:21:e3:cf:1f:75:e0:05:ac:f8:e0:1a:6c:a4:
60:a4:55:ab:75:99:a1:04:5b:06:3c:0a:e6:b3:14:
40:1e:78:ff:f4:66:8c:8b:4c:59:35:3d:eb:b5:49:
19:1b:59:c2:16:79:36:af:27:83:07:4f:49:a6:7f:
3d:ca:9c:aa:0a:c9:3f:2b:1e:0d:e1:47:9c:c8:a9:
05:c3:17:51:63:9e:81:8c:db:f0:d8:b1:08:6b:2d:
fb:fa:42:7f:36:22:e9:63:41:13:c4:06:e9:79:e6:
7f:ea:2d:bd:25:a0:78:49:d7:c6:a2:e6:78:61:c3:
76:8c:ed:58:76:5e:40:40:c0:6f:a0:95:52:50:b5:
c7:a6:b4:c8:4e:97:e6:87:b2:47:14:01:ba:a8:e6:
61:27:17:78:7a:b6:fb:f7:0e:4c:29:a2:1e:0a:0f:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:53:51:9E:59:1F:8F:B8:C6:AE:40:DF:D1:4F:C0:4D:4B:C8:1E:FB
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/gFNRnlkfj7jGrkDf0U_ATUvIHvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
b5:bf:40:30:0c:66:00:ca:a4:72:49:29:d3:32:73:fb:cc:35:
d8:31:d3:a0:e0:66:70:b0:07:59:99:51:dc:6c:15:34:f1:2d:
8b:cf:07:16:50:2f:2c:ca:30:bb:4d:18:9e:09:69:28:d8:a3:
de:9c:55:5d:5a:5c:6c:d0:2e:0e:9a:7e:ed:30:3a:13:27:44:
6c:83:a9:dc:a3:5a:05:73:1f:f8:3a:4a:7b:c6:e0:63:5a:fd:
1a:1f:e9:2e:8d:10:75:2c:c6:6a:db:79:6c:c5:ee:af:b0:5a:
91:77:8b:a5:ac:b0:77:2e:ec:09:bb:dd:ca:79:2d:c0:01:07:
04:bb:c6:43:9d:f0:4b:f0:eb:7b:26:d9:ef:eb:7f:30:10:99:
8a:5c:6b:bc:93:f8:ac:e2:09:e6:b4:7a:d3:e2:ae:e7:67:2b:
94:b2:05:f6:e9:e6:43:16:7b:ca:22:46:95:04:50:67:e3:82:
f9:27:53:65:b1:5e:67:7a:37:75:fa:92:69:77:1b:81:0d:e8:
24:c8:3b:16:98:7b:68:79:2f:1e:1e:76:eb:0c:d6:f0:06:65:
21:d1:c2:85:e7:28:6f:3e:0b:a1:17:66:f0:cf:fe:19:82:72:
50:ad:21:f0:b1:0b:a2:21:3e:a2:13:80:25:f8:51:f8:d0:99:
91:72:34:3e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+8Df8bNRsKn9VrO5SZj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUzNTE5ZTU5MWY4ZmI4YzZhZTQwZGZkMTRmYzA0ZDRiYzgxZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyN+VEDJJGjAC6iAvPMDAuKMuQgf
suO9zeXiLJuvRKjeDHKpY1QyMsTN3prYB5aRWq+fc/DU/TUsv+JxsR+GNpPQuPgt
A/PoRMbzbjtqRUc4dLSoh58zhhwigyHjzx914AWs+OAabKRgpFWrdZmhBFsGPArm
sxRAHnj/9GaMi0xZNT3rtUkZG1nCFnk2ryeDB09Jpn89ypyqCsk/Kx4N4UecyKkF
wxdRY56BjNvw2LEIay37+kJ/NiLpY0ETxAbpeeZ/6i29JaB4SdfGouZ4YcN2jO1Y
dl5AQMBvoJVSULXHprTITpfmh7JHFAG6qOZhJxd4erb79w5MKaIeCg/jlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIBTUZ5ZH4+4xq5A39FPwE1LyB77MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZ0ZOUm5sa2ZqN2pHcmtEZjBVX0FUVXZJSHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBALW/QDAMZgDKpHJJKdMyc/vMNdgx06Dg
ZnCwB1mZUdxsFTTxLYvPBxZQLyzKMLtNGJ4JaSjYo96cVV1aXGzQLg6afu0wOhMn
RGyDqdyjWgVzH/g6SnvG4GNa/Rof6S6NEHUsxmrbeWzF7q+wWpF3i6WssHcu7Am7
3cp5LcABBwS7xkOd8Evw63sm2e/rfzAQmYpca7yT+KziCea0etPirudnK5SyBfbp
5kMWe8oiRpUEUGfjgvknU2WxXmd6N3X6kml3G4EN6CTIOxaYe2h5Lx4edusM1vAG
ZSHRwoXnKG8+C6EXZvDP/hmCclCtIfCxC6IhPqITgCX4UfjQmZFyND4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:42 2025 by rpki-client