Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Vg1Fwygnu1-Kr8YZhORogfRj0JA.roa
File: Vg1Fwygnu1-Kr8YZhORogfRj0JA.roa (raw, json)
Hash identifier: YRNIzo07CRZag59lc/6XkpQk7Z3ZDMo3JfgoSAb+W7c=
Subject key identifier: 56:0D:45:C3:28:27:BB:5F:8A:AF:C6:19:84:E4:68:81:F4:63:D0:90
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0194258F4A24632A82E25DC3ACF281525F01
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Vg1Fwygnu1-Kr8YZhORogfRj0JA.roa
Signing time: Thu 02 Jan 2025 05:48:55 +0000
ROA not before: Thu 02 Jan 2025 05:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40934
IP address blocks: 83.231.145.0/24 maxlen: 24
83.231.169.0/24 maxlen: 24
83.231.212.0/24 maxlen: 24
212.119.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4a:24:63:2a:82:e2:5d:c3:ac:f2:81:52:5f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 05:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=560d45c32827bb5f8aafc61984e46881f463d090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:af:a1:94:47:69:44:4a:99:37:7a:da:7d:
08:cc:cf:f5:7f:71:82:9f:9a:b8:e5:a9:74:dc:63:
cf:31:52:32:0a:05:b8:24:d4:7e:bb:d7:0c:b2:4b:
15:8b:54:23:71:1f:5e:b8:df:d8:64:aa:8c:a0:09:
dd:07:a6:48:24:c4:62:f8:ec:4f:76:a6:d6:85:06:
34:c7:7b:1b:48:dd:79:ca:b3:5e:6d:c6:11:04:04:
80:9d:0d:e1:19:43:17:b7:7f:85:57:59:74:ff:88:
92:0b:87:22:45:13:85:4b:88:55:24:84:3f:78:ba:
a3:41:5f:c3:e1:2d:c2:3c:8b:87:39:fb:4f:37:d1:
e9:ec:b7:e2:ec:8a:10:7f:7b:21:91:b0:c8:40:35:
86:51:8c:f9:fa:94:c3:85:5e:e9:f1:d8:98:7b:36:
00:42:da:89:ce:05:27:13:65:86:4c:9c:c3:b3:39:
61:84:98:53:09:34:fc:ba:9a:83:67:94:ec:a1:bd:
6e:4f:b9:d3:a9:75:ca:f7:8f:f5:3f:63:40:22:a5:
eb:12:6d:66:fa:b2:e0:02:fd:50:ec:ab:2b:eb:b4:
9c:88:4a:80:eb:0d:64:e8:de:c2:3c:11:c1:01:3d:
99:a4:ff:eb:a4:8f:e3:f3:7b:02:7a:1a:fd:76:67:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0D:45:C3:28:27:BB:5F:8A:AF:C6:19:84:E4:68:81:F4:63:D0:90
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Vg1Fwygnu1-Kr8YZhORogfRj0JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.231.145.0/24
83.231.169.0/24
83.231.212.0/24
212.119.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:7a:a3:90:d2:9f:5b:b3:c9:a3:1f:4f:d2:3f:a8:f7:d5:fa:
65:18:f6:56:84:be:fd:4c:1a:5a:48:d1:15:2a:88:02:e0:90:
ab:60:c9:1d:67:fa:79:e9:2d:c5:63:12:bd:0e:60:4e:82:f2:
63:95:62:bd:55:e0:18:50:5e:ea:a5:4b:65:f1:6c:cb:92:15:
d9:a7:bc:e1:9c:b5:e3:e2:43:78:5a:c4:32:97:3d:91:c0:19:
68:a8:23:10:d1:72:05:d0:74:d0:58:70:61:a6:de:93:1f:64:
6e:2b:79:e6:f4:b0:cd:ef:39:e6:94:29:36:c8:c4:9c:cb:d0:
21:04:06:d8:57:36:0f:87:66:f2:24:20:34:b3:8e:3f:38:2c:
f5:1c:2d:d6:c9:8f:60:6b:41:c5:46:4b:85:f2:15:b0:e0:18:
dd:97:be:32:6b:5e:cc:41:01:6a:5e:c4:b2:cc:c5:63:d4:dc:
8b:34:81:a0:3b:6c:0d:86:fa:2a:ff:16:b7:28:78:89:40:16:
02:27:82:6b:92:90:dd:25:3f:97:d8:ad:7f:b9:ae:e2:0e:99:
66:f5:44:78:31:e4:67:20:11:08:c2:dc:55:40:44:06:6a:d5:
f5:a5:0d:1f:0c:1f:5d:1e:4a:34:09:b4:5e:b2:8a:e5:f7:ca:
99:a6:1b:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj0okYyqC4l3DrPKBUl8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjUwMTAyMDU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBkNDVjMzI4MjdiYjVmOGFhZmM2MTk4NGU0Njg4MWY0NjNkMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ+voZRHaURKmTd62n0IzM/1f3GC
n5q45al03GPPMVIyCgW4JNR+u9cMsksVi1QjcR9euN/YZKqMoAndB6ZIJMRi+OxP
dqbWhQY0x3sbSN15yrNebcYRBASAnQ3hGUMXt3+FV1l0/4iSC4ciRROFS4hVJIQ/
eLqjQV/D4S3CPIuHOftPN9Hp7Lfi7IoQf3shkbDIQDWGUYz5+pTDhV7p8diYezYA
QtqJzgUnE2WGTJzDszlhhJhTCTT8upqDZ5Tsob1uT7nTqXXK94/1P2NAIqXrEm1m
+rLgAv1Q7Ksr67SciEqA6w1k6N7CPBHBAT2ZpP/rpI/j83sCehr9dmdaaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFYNRcMoJ7tfiq/GGYTkaIH0Y9CQMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvVmcxRnd5Z251MS1LcjhZWmhPUm9nZlJqMEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU+eRAwQA
U+epAwQAU+fUAwQA1HcLMA0GCSqGSIb3DQEBCwUAA4IBAQCyeqOQ0p9bs8mjH0/S
P6j31fplGPZWhL79TBpaSNEVKogC4JCrYMkdZ/p56S3FYxK9DmBOgvJjlWK9VeAY
UF7qpUtl8WzLkhXZp7zhnLXj4kN4WsQylz2RwBloqCMQ0XIF0HTQWHBhpt6TH2Ru
K3nm9LDN7znmlCk2yMScy9AhBAbYVzYPh2byJCA0s44/OCz1HC3WyY9ga0HFRkuF
8hWw4Bjdl74ya17MQQFqXsSyzMVj1NyLNIGgO2wNhvoq/xa3KHiJQBYCJ4JrkpDd
JT+X2K1/ua7iDplm9UR4MeRnIBEIwtxVQEQGatX1pQ0fDB9dHko0CbResorl98qZ
phvw
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:50:31 2025 by rpki-client