Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/GLR8wv9eQDYVvIU9dTgX4x3gRrU.roa
File: GLR8wv9eQDYVvIU9dTgX4x3gRrU.roa (raw, json)
Hash identifier: zIW5syCsS35QW+AJ4BFQD+ENrKgrv0unq86PWZyetso=
Subject key identifier: 18:B4:7C:C2:FF:5E:40:36:15:BC:85:3D:75:38:17:E3:1D:E0:46:B5
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 019633A6ECDD0B36561DE1EE00329637A6E0
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/GLR8wv9eQDYVvIU9dTgX4x3gRrU.roa
Signing time: Mon 14 Apr 2025 09:34:59 +0000
ROA not before: Mon 14 Apr 2025 09:34:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198668
IP address blocks: 176.119.192.0/24 maxlen: 24
185.87.140.0/22 maxlen: 24
185.243.172.0/22 maxlen: 24
2a05:aa00::/29 maxlen: 48
2a0d:1880::/29 maxlen: 48
2a0f:fec0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 22:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:a6:ec:dd:0b:36:56:1d:e1:ee:00:32:96:37:a6:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Apr 14 09:34:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18b47cc2ff5e403615bc853d753817e31de046b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:d4:4d:cb:53:fa:1d:ec:b2:58:71:4c:39:
23:54:8d:4c:c6:f7:80:06:df:ec:a5:eb:9b:7b:27:
44:26:56:b1:d3:fa:f9:46:2e:d9:36:39:5f:00:a5:
45:37:ae:94:5c:4f:ba:7c:12:e8:13:f5:57:7e:c2:
da:63:6b:87:fb:b3:f2:64:97:9d:47:bf:ba:b9:1a:
8e:66:be:bc:d9:33:f4:74:de:66:2b:c3:72:b7:f3:
7e:72:0a:08:7f:c0:e7:a1:28:de:7f:a7:68:7c:ff:
1b:b7:1d:cd:68:ae:1f:e9:d6:c4:fa:99:a2:fb:6e:
9e:18:0b:fa:05:76:73:7a:bb:bd:79:2a:37:e6:71:
aa:68:55:5d:7d:93:76:55:38:72:e1:91:a5:d5:d2:
9a:4f:ee:22:fa:79:d1:37:89:7a:ca:a9:c7:dd:b9:
6b:30:31:c3:94:f5:a6:21:86:5a:a7:29:ef:57:17:
dd:3b:cc:61:ba:e3:1b:2b:7f:70:75:af:75:4c:4e:
b5:57:f4:b1:28:96:14:f7:93:09:bb:1a:9e:e4:be:
02:6c:64:d8:d9:1b:2f:25:99:ba:25:98:f3:cf:21:
87:11:f1:f8:dd:ba:86:f3:0e:ee:ff:52:b7:de:21:
fe:c9:e5:da:27:74:87:d3:cf:1c:6e:fd:16:f3:d5:
46:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B4:7C:C2:FF:5E:40:36:15:BC:85:3D:75:38:17:E3:1D:E0:46:B5
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/GLR8wv9eQDYVvIU9dTgX4x3gRrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.87.140.0/22
185.243.172.0/22
IPv6:
2a05:aa00::/29
2a0d:1880::/29
2a0f:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
91:4e:8a:dd:f2:60:44:79:b9:63:8c:c7:8a:5a:a3:fd:81:eb:
65:28:8f:ee:09:ae:84:8c:a4:4a:5f:50:79:37:c7:24:ce:63:
c2:5d:b5:4c:c7:6b:a2:d6:ce:41:4b:2b:ce:eb:ea:b7:e6:04:
97:dc:da:5e:c6:73:89:aa:fb:8b:a2:58:2e:33:e3:e1:9f:70:
44:49:05:bb:b9:47:83:db:1d:6f:d2:fa:81:01:ed:02:3c:4f:
45:70:07:86:5e:9e:10:be:80:4e:76:b8:4f:70:c6:8c:10:d5:
96:3c:54:b8:c7:f9:71:76:3c:bd:fa:43:b4:00:e1:bf:3a:26:
2a:c2:1d:ef:f8:f8:b4:d4:0d:e2:aa:1c:99:bd:46:55:c4:a7:
b0:a3:47:ec:b7:51:0a:68:25:bd:a4:ff:ce:6e:56:12:3a:de:
cf:1f:5d:02:1e:ea:8d:d6:e6:f9:27:85:1f:40:0e:0b:3d:df:
41:17:e6:3c:8a:f5:9b:7a:51:ff:3c:70:93:bd:f5:bb:df:94:
33:8e:43:94:e6:e3:ad:af:ea:db:bd:69:c0:01:c7:c1:8f:69:
38:4d:b6:ec:81:40:d1:3b:e0:f2:6b:38:ff:20:21:8b:5b:82:
ec:52:21:73:53:69:7a:72:3e:ba:07:6e:fa:8b:bf:7e:0e:17:
10:fb:78:18
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZYzpuzdCzZWHeHuADKWN6bgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjUwNDE0MDkzNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGI0N2NjMmZmNWU0MDM2MTViYzg1M2Q3NTM4MTdlMzFkZTA0NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHbUTctT+h3sslhxTDkjVI1MxveA
Bt/speubeydEJlax0/r5Ri7ZNjlfAKVFN66UXE+6fBLoE/VXfsLaY2uH+7PyZJed
R7+6uRqOZr682TP0dN5mK8Nyt/N+cgoIf8DnoSjef6dofP8btx3NaK4f6dbE+pmi
+26eGAv6BXZzeru9eSo35nGqaFVdfZN2VThy4ZGl1dKaT+4i+nnRN4l6yqnH3blr
MDHDlPWmIYZapynvVxfdO8xhuuMbK39wda91TE61V/SxKJYU95MJuxqe5L4CbGTY
2RsvJZm6JZjzzyGHEfH43bqG8w7u/1K33iH+yeXaJ3SH088cbv0W89VGnwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBi0fML/XkA2FbyFPXU4F+Md4Ea1MB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL0dMUjh3djllUURZVnZJVTlkVGdYNHgzZ1JyVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MBgEAgABMBIDBACwd8AD
BAK5V4wDBAK586wwGwQCAAIwFQMFAyoFqgADBQMqDRiAAwUDKg/+wDANBgkqhkiG
9w0BAQsFAAOCAQEAkU6K3fJgRHm5Y4zHilqj/YHrZSiP7gmuhIykSl9QeTfHJM5j
wl21TMdrotbOQUsrzuvqt+YEl9zaXsZziar7i6JYLjPj4Z9wREkFu7lHg9sdb9L6
gQHtAjxPRXAHhl6eEL6ATna4T3DGjBDVljxUuMf5cXY8vfpDtADhvzomKsId7/j4
tNQN4qocmb1GVcSnsKNH7LdRCmglvaT/zm5WEjrezx9dAh7qjdbm+SeFH0AOCz3f
QRfmPIr1m3pR/zxwk731u9+UM45DlObjra/q271pwAHHwY9pOE227IFA0Tvg8ms4
/yAhi1uC7FIhc1NpenI+ugdu+ou/fg4XEPt4GA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:11:14 2025 by rpki-client