Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/VsWH0dh23uHGDE4kVE5VRVWnLr0.roa
File: VsWH0dh23uHGDE4kVE5VRVWnLr0.roa (raw, json)
Hash identifier: hOVkpMTlrRKsdZ/dZuqLj9eHRUgLLpUyv0shzANzums=
Subject key identifier: 56:C5:87:D1:D8:76:DE:E1:C6:0C:4E:24:54:4E:55:45:55:A7:2E:BD
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 01942444D38BD4A587ECFCE0FB56E9AF2CDE
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/VsWH0dh23uHGDE4kVE5VRVWnLr0.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29033
IP address blocks: 81.20.32.0/20 maxlen: 20
81.20.40.0/24 maxlen: 24
81.20.41.0/24 maxlen: 24
185.129.176.0/22 maxlen: 22
2a00:1fd0:ae00::/40 maxlen: 48
2a00:1fd0:ec00::/48 maxlen: 48
2a00:1fd0:ecc0::/48 maxlen: 48
2a00:1fd0:ecc1::/48 maxlen: 48
2a00:1fd0:ecc2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d3:8b:d4:a5:87:ec:fc:e0:fb:56:e9:af:2c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56c587d1d876dee1c60c4e24544e554555a72ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d3:8e:b8:72:8a:6f:8d:b1:83:00:23:d4:2f:
20:40:84:81:aa:21:00:30:af:98:c9:39:b1:6a:3a:
7d:6a:9f:31:41:c4:74:fd:bc:df:42:2e:7d:b3:33:
c8:7e:09:f4:20:73:24:4c:bc:54:fd:f9:ab:85:48:
56:df:4a:36:5c:3e:8d:31:ff:38:c3:16:21:74:55:
7e:d7:28:25:0b:a9:11:af:fe:22:16:1b:24:d3:ae:
fe:f8:88:48:8d:33:6f:64:31:3b:29:a7:c4:5d:13:
7c:8a:f6:a3:a5:f9:32:e3:98:ea:69:f9:48:38:7b:
2c:dd:fd:48:b5:a2:e9:be:51:04:9a:c1:c7:4a:29:
27:70:94:66:97:d1:d1:e2:7c:95:8f:ed:1d:09:15:
ad:65:61:f4:1f:94:8e:d7:4b:65:1b:59:f5:c6:f9:
d0:41:1d:b1:05:bb:97:05:ce:59:f0:e0:1d:d4:f7:
48:66:ea:67:ee:3e:b9:96:c7:8e:96:a3:6a:91:fb:
f2:ac:d9:ed:a4:21:04:70:14:19:0e:76:ba:ce:07:
b9:1b:f2:8f:2c:6e:1f:5e:0a:ff:5f:93:06:21:b1:
78:d8:15:62:18:ea:68:0e:b2:02:cf:4a:29:f0:4f:
22:a0:e9:2b:e7:3e:af:cb:40:e4:06:6c:d0:e2:69:
39:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C5:87:D1:D8:76:DE:E1:C6:0C:4E:24:54:4E:55:45:55:A7:2E:BD
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/VsWH0dh23uHGDE4kVE5VRVWnLr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.32.0/20
185.129.176.0/22
IPv6:
2a00:1fd0:ae00::/40
2a00:1fd0:ec00::/48
2a00:1fd0:ecc0::-2a00:1fd0:ecc2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:be:33:48:44:5a:95:ff:0a:dc:62:79:67:b8:e3:84:76:eb:
6c:e9:c2:7e:5e:7c:96:0e:5e:39:97:fa:40:4b:88:16:a9:45:
91:dd:34:9d:0f:75:55:7b:af:fb:f8:d3:1a:07:f4:df:65:2d:
09:ad:33:c7:2b:4e:20:e8:e1:e5:7a:1d:04:af:d8:9c:33:b8:
63:9e:d3:66:70:c7:10:45:6f:23:42:a7:46:d3:04:61:59:f3:
36:7b:f6:03:2c:0e:5e:95:af:03:91:13:30:1b:cc:9f:cd:f7:
9b:dc:a1:2d:11:5c:05:97:fa:a7:da:de:99:19:f0:59:96:57:
70:c6:73:3d:71:a6:e8:61:c9:c1:3d:e7:c8:9f:e8:29:0e:06:
01:1e:ed:5e:ae:9f:6b:46:e0:56:85:83:f6:50:5d:7e:82:2e:
6c:bd:46:21:7d:64:97:03:df:cf:1c:3f:ec:75:13:ea:b0:3b:
06:31:53:4f:ca:24:fc:b6:f6:78:32:97:10:37:a7:bc:05:8f:
42:9a:17:b8:31:d4:d4:62:75:8e:26:68:0e:12:2a:34:03:7a:
b7:fd:4e:67:12:86:6a:c9:d5:d4:d5:f7:f5:32:f1:aa:35:7f:
3e:52:0e:c4:79:2a:c2:02:ee:09:32:7d:ed:ca:5b:7d:a0:d0:
6e:22:bd:18
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQkRNOL1KWH7Pzg+1bpryzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmM1ODdkMWQ4NzZkZWUxYzYwYzRlMjQ1NDRlNTU0NTU1YTcyZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9OOuHKKb42xgwAj1C8gQISBqiEA
MK+YyTmxajp9ap8xQcR0/bzfQi59szPIfgn0IHMkTLxU/fmrhUhW30o2XD6NMf84
wxYhdFV+1yglC6kRr/4iFhsk067++IhIjTNvZDE7KafEXRN8ivajpfky45jqaflI
OHss3f1ItaLpvlEEmsHHSikncJRml9HR4nyVj+0dCRWtZWH0H5SO10tlG1n1xvnQ
QR2xBbuXBc5Z8OAd1PdIZupn7j65lseOlqNqkfvyrNntpCEEcBQZDna6zge5G/KP
LG4fXgr/X5MGIbF42BViGOpoDrICz0op8E8ioOkr5z6vy0DkBmzQ4mk5fwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFbFh9HYdt7hxgxOJFROVUVVpy69MB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvVnNXSDBkaDIzdUhHREU0a1ZFNVZSVlduTHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTASBAIAATAMAwQEURQgAwQC
uYGwMCsEAgACMCUDBgAqAB/QrgMHACoAH9DsADASAwcGKgAf0OzAAwcAKgAf0OzC
MA0GCSqGSIb3DQEBCwUAA4IBAQBUvjNIRFqV/wrcYnlnuOOEduts6cJ+XnyWDl45
l/pAS4gWqUWR3TSdD3VVe6/7+NMaB/TfZS0JrTPHK04g6OHleh0Er9icM7hjntNm
cMcQRW8jQqdG0wRhWfM2e/YDLA5ela8DkRMwG8yfzfeb3KEtEVwFl/qn2t6ZGfBZ
lldwxnM9caboYcnBPefIn+gpDgYBHu1erp9rRuBWhYP2UF1+gi5svUYhfWSXA9/P
HD/sdRPqsDsGMVNPyiT8tvZ4MpcQN6e8BY9Cmhe4MdTUYnWOJmgOEio0A3q3/U5n
EoZqydXU1ff1MvGqNX8+Ug7EeSrCAu4JMn3tylt9oNBuIr0Y
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:33:02 2025 by rpki-client