Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GfEJ2k33_VAN4eURlQBejqU172g.roa
File: GfEJ2k33_VAN4eURlQBejqU172g.roa (raw, json)
Hash identifier: Zb6Q3T1NQyYfh4p1sNv+Mcf+eglvzLCaJ0QkXatHMFA=
Subject key identifier: 19:F1:09:DA:4D:F7:FD:50:0D:E1:E5:11:95:00:5E:8E:A5:35:EF:68
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01966C31945D56C2A722BE24EFFB05101CEF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GfEJ2k33_VAN4eURlQBejqU172g.roa
Signing time: Fri 25 Apr 2025 09:05:10 +0000
ROA not before: Fri 25 Apr 2025 09:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.142.0/23 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:31:94:5d:56:c2:a7:22:be:24:ef:fb:05:10:1c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 25 09:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19f109da4df7fd500de1e51195005e8ea535ef68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:85:f6:c5:00:6b:72:08:cd:7b:2c:ef:06:33:
53:ca:39:f9:f1:97:73:93:5d:9c:e5:62:52:2e:75:
05:c9:4f:85:a2:99:0b:76:71:6a:4b:91:13:a0:11:
2c:51:66:a5:52:68:c7:15:03:41:96:1e:d7:e6:b8:
27:d1:59:ea:36:16:be:17:9e:ac:a7:07:6b:05:3e:
c2:90:35:c7:07:3c:19:5b:a4:5a:dc:e2:92:9d:27:
c6:21:aa:ce:af:29:29:41:47:16:e1:09:4f:37:03:
81:e3:ef:cd:19:4c:77:a7:6c:76:13:dd:83:47:31:
a1:38:36:80:3d:64:22:a6:1f:cd:e3:56:4f:5f:bf:
60:ef:8b:22:2b:e7:fc:2e:e1:e0:4e:e2:c8:46:f7:
e5:4c:f8:c5:74:65:fe:09:89:61:1c:8c:e4:33:0d:
62:ad:65:ba:b7:ea:2e:cf:10:ae:a8:2c:d2:fc:ae:
a1:51:4e:68:29:d7:af:4e:22:23:56:8a:f0:7a:d9:
1e:15:06:e2:a6:70:70:f0:b7:80:a6:22:60:48:e9:
7a:26:22:43:64:f6:c0:10:ad:7d:75:9a:06:ee:b3:
7d:14:14:72:fd:1f:c9:04:27:dd:64:c3:68:fc:91:
d3:bd:e3:b2:73:e4:ef:c3:7d:06:83:ec:5b:41:92:
5c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F1:09:DA:4D:F7:FD:50:0D:E1:E5:11:95:00:5E:8E:A5:35:EF:68
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GfEJ2k33_VAN4eURlQBejqU172g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/22
81.22.142.0/23
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
31:3b:df:d1:b4:2b:3e:3b:1f:49:8c:8b:74:6a:df:be:bf:58:
0e:1d:47:cd:b6:33:9e:16:7e:34:b3:6d:b5:c3:d8:cd:ad:50:
ad:84:80:85:f6:66:c3:c9:75:7f:d8:1f:2c:e5:54:3b:83:90:
7c:d0:8b:f7:52:c5:04:b4:45:db:22:4e:09:46:50:1e:ea:2d:
19:ca:36:9c:26:43:98:72:56:35:49:b1:bd:4f:4a:5f:0a:51:
7d:bb:2a:1c:50:d9:71:f4:ba:01:45:b9:ca:0a:18:e8:de:a1:
b2:8a:fd:dc:27:e6:c7:f2:5d:cf:64:8f:61:e1:81:54:4a:dd:
b7:08:c2:40:fb:0a:e2:d2:6a:09:d6:cc:0a:69:9d:31:fe:ec:
0c:49:2f:17:0a:b8:9f:c2:61:c7:87:eb:4b:38:b8:d5:03:e7:
eb:9f:88:84:a0:6d:dd:50:2a:91:ff:9b:72:c7:46:32:6c:a0:
13:dc:60:77:d8:5a:91:3a:0f:59:d2:f3:f0:0f:d6:d2:4c:86:
0c:19:5d:17:75:5b:4c:39:a2:32:97:3a:2a:06:98:4d:28:2a:
fa:9c:76:83:7a:c7:62:56:2e:2f:1e:da:bc:cb:60:88:3b:97:
e5:00:e9:2c:59:d2:1f:d4:3d:f8:b6:7f:fd:41:9d:c2:fb:5d:
3d:ad:6d:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZsMZRdVsKnIr4k7/sFEBzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNDI1MDkwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWYxMDlkYTRkZjdmZDUwMGRlMWU1MTE5NTAwNWU4ZWE1MzVlZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIX2xQBrcgjNeyzvBjNTyjn58Zdz
k12c5WJSLnUFyU+FopkLdnFqS5EToBEsUWalUmjHFQNBlh7X5rgn0VnqNha+F56s
pwdrBT7CkDXHBzwZW6Ra3OKSnSfGIarOrykpQUcW4QlPNwOB4+/NGUx3p2x2E92D
RzGhODaAPWQiph/N41ZPX79g74siK+f8LuHgTuLIRvflTPjFdGX+CYlhHIzkMw1i
rWW6t+ouzxCuqCzS/K6hUU5oKdevTiIjVorwetkeFQbipnBw8LeApiJgSOl6JiJD
ZPbAEK19dZoG7rN9FBRy/R/JBCfdZMNo/JHTveOyc+Tvw30Gg+xbQZJcnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBnxCdpN9/1QDeHlEZUAXo6lNe9oMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvR2ZFSjJrMzNfVkFONGVVUmxRQmVqcVUxNzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCURaIAwQB
URaOAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAxO9/RtCs+Ox9JjIt0
at++v1gOHUfNtjOeFn40s221w9jNrVCthICF9mbDyXV/2B8s5VQ7g5B80Iv3UsUE
tEXbIk4JRlAe6i0ZyjacJkOYclY1SbG9T0pfClF9uyocUNlx9LoBRbnKChjo3qGy
iv3cJ+bH8l3PZI9h4YFUSt23CMJA+wri0moJ1swKaZ0x/uwMSS8XCrifwmHHh+tL
OLjVA+frn4iEoG3dUCqR/5tyx0YybKAT3GB32FqROg9Z0vPwD9bSTIYMGV0XdVtM
OaIylzoqBphNKCr6nHaDesdiVi4vHtq8y2CIO5flAOksWdIf1D34tn/9QZ3C+109
rW26
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:19:07 2025 by rpki-client