Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/gTmhFIzM7If-kzl01cWeEzcqqns.roa
File: gTmhFIzM7If-kzl01cWeEzcqqns.roa (raw, json)
Hash identifier: lUpkvjKsmC5D6MNw62q7fvgUR6asOsGbY3c+E0HzKW4=
Subject key identifier: 81:39:A1:14:8C:CC:EC:87:FE:93:39:74:D5:C5:9E:13:37:2A:AA:7B
Certificate issuer: /CN=dd982f979a2d25ebb2dab2654b8c27c928cf5ac7
Certificate serial: 019422201816B5B7E5828E7FF45811FDF9DD
Authority key identifier: DD:98:2F:97:9A:2D:25:EB:B2:DA:B2:65:4B:8C:27:C9:28:CF:5A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Zgvl5otJeuy2rJlS4wnySjPWsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/gTmhFIzM7If-kzl01cWeEzcqqns.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208135
IP address blocks: 45.158.40.0/22 maxlen: 24
2a0f:5380::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/3Zgvl5otJeuy2rJlS4wnySjPWsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/3Zgvl5otJeuy2rJlS4wnySjPWsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Zgvl5otJeuy2rJlS4wnySjPWsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:16:b5:b7:e5:82:8e:7f:f4:58:11:fd:f9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd982f979a2d25ebb2dab2654b8c27c928cf5ac7
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8139a1148cccec87fe933974d5c59e13372aaa7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:a2:58:3c:5c:1d:a4:f1:76:44:c4:26:c9:
94:cc:fd:30:e8:b8:6e:ad:ac:3e:e8:b7:1f:d6:3b:
e2:e9:f4:0c:bc:88:b7:a7:46:bf:1e:d5:7c:b9:72:
58:88:b0:41:5c:20:e7:93:39:a5:d0:df:c7:00:38:
8f:d9:b7:02:6f:8b:8d:14:ba:af:0b:af:44:ca:be:
08:86:fb:31:12:c9:46:5b:e6:d8:99:6b:8d:02:d1:
08:8c:12:72:e2:91:be:26:7f:15:6c:1d:d2:eb:1a:
8a:db:1a:e0:ff:5c:51:30:72:5d:af:c0:0e:ed:f8:
b2:ce:f9:5c:78:32:68:fa:53:a3:3c:99:d8:1f:1d:
49:22:d5:0a:39:4e:93:c0:a7:d9:9a:29:8c:a1:50:
57:b1:77:83:dd:26:17:74:7f:6a:2c:b8:f5:1a:c8:
66:b4:eb:48:02:9d:92:a3:5a:e8:56:ef:9a:8d:c8:
a1:a2:54:b2:ef:1f:3b:ab:3b:7b:d9:af:e6:70:d1:
11:f5:dc:f0:14:38:f3:76:37:99:e0:f0:46:b9:37:
ae:10:6c:6a:3c:f3:19:93:0e:42:09:fc:73:56:83:
2d:a0:03:b4:ab:02:cf:3d:f1:b1:76:17:2b:51:19:
58:0a:a8:81:85:e5:c6:8a:12:c6:84:12:95:e5:a8:
60:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:39:A1:14:8C:CC:EC:87:FE:93:39:74:D5:C5:9E:13:37:2A:AA:7B
X509v3 Authority Key Identifier:
keyid:DD:98:2F:97:9A:2D:25:EB:B2:DA:B2:65:4B:8C:27:C9:28:CF:5A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Zgvl5otJeuy2rJlS4wnySjPWsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/gTmhFIzM7If-kzl01cWeEzcqqns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/3Zgvl5otJeuy2rJlS4wnySjPWsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.40.0/22
IPv6:
2a0f:5380::/29
Signature Algorithm: sha256WithRSAEncryption
08:b5:ac:4e:fd:b0:4b:98:c8:cc:52:6b:8a:20:a5:a2:23:f5:
fb:91:dd:44:59:0a:12:57:98:18:b7:4d:2e:53:88:94:6f:92:
cc:33:ea:b7:0d:4f:ef:9a:cd:47:ea:45:15:28:7f:62:bb:0b:
18:c8:ae:b4:c7:ca:c8:ef:38:60:fa:b8:e1:ea:02:0e:7e:ed:
40:55:1f:b4:d7:50:fa:bd:ad:c3:b6:df:72:7b:52:17:9a:49:
35:c8:6d:49:cd:32:5b:46:53:e9:f8:7a:3e:48:b0:b5:ea:21:
bd:34:16:8c:1d:86:6a:4e:06:b4:9b:4b:11:ff:76:f4:44:6b:
6c:f0:56:49:e2:9b:25:f1:fc:7e:84:d7:22:86:c8:5a:65:e3:
ed:96:a9:21:fc:09:38:1c:ad:35:be:11:f5:12:86:ac:70:7d:
32:44:1f:dc:3c:ef:6e:77:d4:4d:38:24:84:e2:83:68:fb:bb:
44:7b:52:09:3c:69:1b:a4:6b:62:e7:68:1f:30:ad:b4:9b:0b:
31:7f:5e:ae:14:04:25:dd:30:d9:2a:46:ae:a2:ad:df:67:56:
54:65:0e:29:c7:c0:e7:8a:cc:96:ba:fe:e1:56:81:73:33:53:
6e:ca:fc:8b:cf:d3:52:8e:bb:76:37:0b:00:ba:57:39:01:06:
f9:a5:cc:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIBgWtbflgo5/9FgR/fndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTgyZjk3OWEyZDI1ZWJiMmRhYjI2NTRiOGMyN2M5Mjhj
ZjVhYzcwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM5YTExNDhjY2NlYzg3ZmU5MzM5NzRkNWM1OWUxMzM3MmFhYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyuiWDxcHaTxdkTEJsmUzP0w6Lhu
raw+6Lcf1jvi6fQMvIi3p0a/HtV8uXJYiLBBXCDnkzml0N/HADiP2bcCb4uNFLqv
C69Eyr4IhvsxEslGW+bYmWuNAtEIjBJy4pG+Jn8VbB3S6xqK2xrg/1xRMHJdr8AO
7fiyzvlceDJo+lOjPJnYHx1JItUKOU6TwKfZmimMoVBXsXeD3SYXdH9qLLj1Gshm
tOtIAp2So1roVu+ajciholSy7x87qzt72a/mcNER9dzwFDjzdjeZ4PBGuTeuEGxq
PPMZkw5CCfxzVoMtoAO0qwLPPfGxdhcrURlYCqiBheXGihLGhBKV5ahghwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIE5oRSMzOyH/pM5dNXFnhM3Kqp7MB8GA1UdIwQY
MBaAFN2YL5eaLSXrstqyZUuMJ8koz1rHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pndmw1b3RKZXV5MnJKbFM0d255U2pQV3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8zN2VhMTktNmYyNS00MmJjLWFkMjct
OTg4NmNiMWI2NDBlLzEvZ1RtaEZJek03SWYta3psMDFjV2VFemNxcW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8zN2VhMTktNmYyNS00MmJjLWFkMjctOTg4NmNiMWI2NDBl
LzEvM1pndmw1b3RKZXV5MnJKbFM0d255U2pQV3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ4oMA0E
AgACMAcDBQMqD1OAMA0GCSqGSIb3DQEBCwUAA4IBAQAItaxO/bBLmMjMUmuKIKWi
I/X7kd1EWQoSV5gYt00uU4iUb5LMM+q3DU/vms1H6kUVKH9iuwsYyK60x8rI7zhg
+rjh6gIOfu1AVR+011D6va3Dtt9ye1IXmkk1yG1JzTJbRlPp+Ho+SLC16iG9NBaM
HYZqTga0m0sR/3b0RGts8FZJ4psl8fx+hNcihshaZePtlqkh/Ak4HK01vhH1Eoas
cH0yRB/cPO9ud9RNOCSE4oNo+7tEe1IJPGkbpGti52gfMK20mwsxf16uFAQl3TDZ
Kkauoq3fZ1ZUZQ4px8DnisyWuv7hVoFzM1NuyvyLz9NSjrt2NwsAulc5AQb5pczq
-----END CERTIFICATE-----
Generated at Tue May 13 12:24:16 2025 by rpki-client