Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/GB4vRJKp1DpnLIyb1KpSYzz8PU0.roa
File: GB4vRJKp1DpnLIyb1KpSYzz8PU0.roa (raw, json)
Hash identifier: DcKOdI8R5b7iU4m9qsOPQJ0xQOvD2fBXmJ4gstnNJBY=
Subject key identifier: 18:1E:2F:44:92:A9:D4:3A:67:2C:8C:9B:D4:AA:52:63:3C:FC:3D:4D
Certificate issuer: /CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Certificate serial: 0196B04F9F71C7CB6F71F88A297A03CE3527
Authority key identifier: 45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/GB4vRJKp1DpnLIyb1KpSYzz8PU0.roa
Signing time: Thu 08 May 2025 14:32:10 +0000
ROA not before: Thu 08 May 2025 14:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44780
IP address blocks: 195.149.92.0/23 maxlen: 24
195.158.238.0/23 maxlen: 24
2a02:790:4::/48 maxlen: 48
2a02:790:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b0:4f:9f:71:c7:cb:6f:71:f8:8a:29:7a:03:ce:35:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Validity
Not Before: May 8 14:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=181e2f4492a9d43a672c8c9bd4aa52633cfc3d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:42:fd:e1:33:8d:f5:f1:4e:65:f1:0d:94:15:
2a:9c:ea:b3:e7:c0:56:71:6c:46:c2:51:7e:e8:73:
2f:e4:69:b9:cd:f2:dc:5b:40:11:0c:20:ff:68:ae:
be:38:dc:b1:71:51:cb:39:d5:e1:41:cd:98:12:10:
8c:7c:06:6a:8c:18:6f:6b:a0:b0:b3:9b:98:3a:88:
71:e3:f3:be:f2:ac:ea:7b:3c:81:b8:66:bc:9b:fb:
f1:69:ff:16:19:fe:0b:ef:46:29:a8:f2:25:d3:66:
f6:e9:5b:9d:6a:92:ee:0f:e2:8b:29:3b:2d:32:01:
9e:32:4c:9b:df:80:47:7f:7e:0c:42:67:32:66:60:
18:0b:d3:5a:28:c2:25:6c:2a:e9:1d:f7:65:74:72:
e5:e7:85:39:4e:ac:0a:c2:cc:6d:2e:40:78:3e:e2:
8b:ee:5b:61:0e:5f:cf:74:cf:81:8f:7e:51:03:b5:
79:f0:e9:e6:16:c9:d3:3c:74:9f:95:3e:97:48:1c:
f4:18:34:b9:2b:13:73:dc:91:08:2e:55:03:93:6f:
c0:9f:0b:76:e8:77:f5:78:d9:be:f0:ed:54:93:5a:
7e:1c:7b:9c:0e:97:78:e6:d4:0f:ff:89:16:08:da:
66:55:91:1a:d4:6d:66:9a:f0:a4:43:7b:6f:e3:e5:
88:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1E:2F:44:92:A9:D4:3A:67:2C:8C:9B:D4:AA:52:63:3C:FC:3D:4D
X509v3 Authority Key Identifier:
keyid:45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/GB4vRJKp1DpnLIyb1KpSYzz8PU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.92.0/23
195.158.238.0/23
IPv6:
2a02:790:4::/48
2a02:790:6::/48
Signature Algorithm: sha256WithRSAEncryption
5e:1d:78:6d:58:9d:c8:19:7f:5e:ea:57:be:e8:fa:4b:53:3d:
ea:39:7c:44:a1:a3:85:78:ea:b4:70:5a:a7:65:5f:9b:24:42:
0d:90:b5:44:ce:78:df:58:96:1a:ed:96:56:94:8a:74:e6:f1:
33:6c:52:46:5d:fc:48:5a:12:fb:4d:b4:a9:9e:83:d4:31:22:
06:4c:9a:f5:3d:af:84:82:28:62:31:28:4d:32:a8:1c:68:30:
66:37:13:56:b5:ff:02:14:a3:0e:e3:9c:bc:77:88:7d:7f:c5:
67:7b:be:e0:0b:a1:71:c4:87:f9:d8:64:bb:1f:96:e3:81:d6:
33:c4:6e:91:ee:8b:c1:b3:cb:00:ae:e8:dd:3f:69:4e:be:a6:
6f:b4:86:0c:5d:42:6f:0a:40:5b:fd:f5:4b:e3:7f:c3:2a:e4:
c6:fb:63:65:90:11:25:66:6c:ad:dd:7a:1e:9f:e6:a8:c7:97:
bc:a3:02:fe:00:ab:71:df:f2:4a:36:83:ce:9d:b7:d9:56:ff:
07:b0:4a:cc:91:aa:ec:19:e8:82:b9:1b:26:6f:3c:90:5a:89:
e0:2a:8f:2c:fd:5e:46:ec:9c:14:fa:b4:8b:97:5e:7b:e3:dc:
25:d0:35:46:38:9c:57:8d:29:03:cc:1c:fc:25:ae:83:d3:11:
18:f8:ae:31
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZawT59xx8tvcfiKKXoDzjUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Yjk4NTRiMDQ0NTk0ZTZjZjA4NDZmYjQxZGU3YjA5MDhm
YjVmNzIwHhcNMjUwNTA4MTQzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFlMmY0NDkyYTlkNDNhNjcyYzhjOWJkNGFhNTI2MzNjZmMzZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUL94TON9fFOZfENlBUqnOqz58BW
cWxGwlF+6HMv5Gm5zfLcW0ARDCD/aK6+ONyxcVHLOdXhQc2YEhCMfAZqjBhva6Cw
s5uYOohx4/O+8qzqezyBuGa8m/vxaf8WGf4L70YpqPIl02b26VudapLuD+KLKTst
MgGeMkyb34BHf34MQmcyZmAYC9NaKMIlbCrpHfdldHLl54U5TqwKwsxtLkB4PuKL
7lthDl/PdM+Bj35RA7V58OnmFsnTPHSflT6XSBz0GDS5KxNz3JEILlUDk2/Anwt2
6Hf1eNm+8O1Uk1p+HHucDpd45tQP/4kWCNpmVZEa1G1mmvCkQ3tv4+WIFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBgeL0SSqdQ6ZyyMm9SqUmM8/D1NMB8GA1UdIwQY
MBaAFEW5hUsERZTmzwhG+0HeewkI+19yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMt
NGIyMmZjNTE4NGEyLzEvR0I0dlJKS3AxRHBuTEl5YjFLcFNZeno4UFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMtNGIyMmZjNTE4NGEy
LzEvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBw5VcAwQB
w57uMBgEAgACMBIDBwAqAgeQAAQDBwAqAgeQAAYwDQYJKoZIhvcNAQELBQADggEB
AF4deG1YncgZf17qV77o+ktTPeo5fESho4V46rRwWqdlX5skQg2QtUTOeN9Ylhrt
llaUinTm8TNsUkZd/EhaEvtNtKmeg9QxIgZMmvU9r4SCKGIxKE0yqBxoMGY3E1a1
/wIUow7jnLx3iH1/xWd7vuALoXHEh/nYZLsfluOB1jPEbpHui8GzywCu6N0/aU6+
pm+0hgxdQm8KQFv99Uvjf8Mq5Mb7Y2WQESVmbK3deh6f5qjHl7yjAv4Aq3Hf8ko2
g86dt9lW/wewSsyRquwZ6IK5GyZvPJBaieAqjyz9XkbsnBT6tIuXXnvj3CXQNUY4
nFeNKQPMHPwlroPTERj4rjE=
-----END CERTIFICATE-----
Generated at Thu May 15 00:13:38 2025 by rpki-client