Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/yERAtlQMUNGN4I-K4fblFCD_VQA.roa
File: yERAtlQMUNGN4I-K4fblFCD_VQA.roa (raw, json)
Hash identifier: WXwLLTulOV3MesWFUlCzyUDyHWdA7LpMqPRdjdqiAik=
Subject key identifier: C8:44:40:B6:54:0C:50:D1:8D:E0:8F:8A:E1:F6:E5:14:20:FF:55:00
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0194258F4615D5DC5DED01D5E40EAB4A3CBD
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/yERAtlQMUNGN4I-K4fblFCD_VQA.roa
Signing time: Thu 02 Jan 2025 05:48:54 +0000
ROA not before: Thu 02 Jan 2025 05:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 275
IP address blocks: 5.158.213.64/31 maxlen: 31
185.84.19.224/27 maxlen: 27
213.130.47.16/28 maxlen: 28
2001:728:0:5000::1532/127 maxlen: 127
2001:728:0:7000::/64 maxlen: 64
2001:728:401:21::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:46:15:d5:dc:5d:ed:01:d5:e4:0e:ab:4a:3c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 05:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c84440b6540c50d18de08f8ae1f6e51420ff5500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:f8:6f:87:0d:ec:b9:30:c4:3a:98:df:99:
9d:8c:e6:ab:08:02:cf:db:1f:ca:67:0a:41:95:67:
f6:ae:1e:be:3a:c2:64:1a:c8:23:0f:2b:24:c1:1b:
62:a1:4c:00:76:3b:5e:15:c4:e4:d3:1e:40:19:22:
4e:20:2d:03:66:d3:35:96:b9:6f:fc:64:bf:23:42:
fb:f9:0d:98:52:09:e1:9f:2d:a3:59:75:34:b7:ac:
2e:aa:6c:72:c7:79:d6:29:d7:d1:e4:ed:2a:e7:48:
fd:5d:3c:f6:f0:1c:b6:3b:84:4d:2a:2d:60:ba:fd:
36:15:44:d1:b4:c1:c2:f7:86:ee:75:ec:dc:35:04:
d2:74:c6:c9:5f:7b:50:19:69:d1:12:7c:1f:58:02:
d1:a5:a4:70:b8:40:4c:a2:14:1c:79:2b:0a:2c:c3:
dc:e4:54:c9:9a:64:17:1e:32:af:25:aa:7a:fd:1e:
5f:c2:9d:0c:1e:4a:35:1a:fe:dc:e5:5a:b2:60:3a:
6e:4a:86:32:e2:94:43:c0:de:56:eb:2a:8c:df:a6:
ff:08:25:99:32:3c:5e:95:74:06:a8:93:25:df:04:
46:ff:5c:2d:ae:82:f7:3a:a0:6b:96:13:e8:3f:5e:
02:a7:67:92:ed:3b:04:76:ce:16:ae:cf:4b:b1:47:
b6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:44:40:B6:54:0C:50:D1:8D:E0:8F:8A:E1:F6:E5:14:20:FF:55:00
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/yERAtlQMUNGN4I-K4fblFCD_VQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.213.64/31
185.84.19.224/27
213.130.47.16/28
IPv6:
2001:728:0:5000:0:0:0:1532/127
2001:728:0:7000::/64
2001:728:401:21::/64
Signature Algorithm: sha256WithRSAEncryption
05:26:f6:ba:77:32:84:98:fd:fd:fd:2d:df:80:65:46:e1:03:
f8:bd:ca:2b:2b:1c:30:61:3a:19:9a:ad:51:e4:3d:1d:9e:fc:
d5:93:d8:8a:3e:38:ff:03:6c:9a:82:2c:79:f5:82:97:fa:30:
0f:17:f5:ca:1e:0f:85:f0:d1:d2:95:20:62:ed:af:51:94:8c:
a5:35:6d:1c:c0:19:49:cd:8f:3a:0a:ba:b8:f8:8d:08:a8:c7:
32:e4:5f:93:6b:f8:40:7b:05:ec:ec:17:98:ab:4e:2b:4d:26:
a3:ac:9c:c2:eb:81:3d:0a:1b:4f:71:f1:f8:dc:6d:97:03:b5:
fa:70:7b:5e:f9:2f:33:68:37:0a:91:d4:40:52:54:e3:ab:e1:
70:73:74:b1:f6:6d:15:ab:4e:26:f3:29:32:98:a5:4e:f9:10:
a0:40:44:32:ce:17:f8:be:f6:10:38:fb:cc:23:38:0d:77:6c:
19:89:1e:2a:f0:84:03:de:e0:d8:9c:48:a3:17:48:1b:43:f4:
1c:d2:d1:70:4f:f5:11:9b:45:5b:6f:fe:df:47:3f:bd:81:e5:
8a:b9:24:7b:68:6d:b0:d4:54:8f:34:80:c6:9c:2f:db:1d:24:
1b:26:85:90:25:ff:53:6e:07:87:ab:59:fb:e1:2b:4f:cc:97:
00:43:c8:30
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQlj0YV1dxd7QHV5A6rSjy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjUwMTAyMDU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ0NDBiNjU0MGM1MGQxOGRlMDhmOGFlMWY2ZTUxNDIwZmY1NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyr4b4cN7LkwxDqY35mdjOarCALP
2x/KZwpBlWf2rh6+OsJkGsgjDyskwRtioUwAdjteFcTk0x5AGSJOIC0DZtM1lrlv
/GS/I0L7+Q2YUgnhny2jWXU0t6wuqmxyx3nWKdfR5O0q50j9XTz28By2O4RNKi1g
uv02FUTRtMHC94budezcNQTSdMbJX3tQGWnREnwfWALRpaRwuEBMohQceSsKLMPc
5FTJmmQXHjKvJap6/R5fwp0MHko1Gv7c5VqyYDpuSoYy4pRDwN5W6yqM36b/CCWZ
MjxelXQGqJMl3wRG/1wtroL3OqBrlhPoP14Cp2eS7TsEds4Wrs9LsUe2kwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMhEQLZUDFDRjeCPiuH25RQg/1UAMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEveUVSQXRsUU1VTkdONEktSzRmYmxGQ0RfVlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAbBAIAATAVAwUBBZ7VQAMF
BblUE+ADBQTVgi8QMC8EAgACMCkDEQEgAQcoAABQAAAAAAAAABUyAwkAIAEHKAAA
cAADCQAgAQcoBAEAITANBgkqhkiG9w0BAQsFAAOCAQEABSb2uncyhJj9/f0t34Bl
RuED+L3KKyscMGE6GZqtUeQ9HZ781ZPYij44/wNsmoIsefWCl/owDxf1yh4PhfDR
0pUgYu2vUZSMpTVtHMAZSc2POgq6uPiNCKjHMuRfk2v4QHsF7OwXmKtOK00mo6yc
wuuBPQobT3Hx+NxtlwO1+nB7XvkvM2g3CpHUQFJU46vhcHN0sfZtFatOJvMpMpil
TvkQoEBEMs4X+L72EDj7zCM4DXdsGYkeKvCEA97g2JxIoxdIG0P0HNLRcE/1EZtF
W2/+30c/vYHlirkke2htsNRUjzSAxpwv2x0kGyaFkCX/U24Hh6tZ++ErT8yXAEPI
MA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:50:33 2025 by rpki-client