Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/Vt5KxzBthC81S5sv3v-peJs8Jfk.roa
File: Vt5KxzBthC81S5sv3v-peJs8Jfk.roa (raw, json)
Hash identifier: c9wa8mQEOam5sr33r5+tzZ9hrdt5UdjNVihhkrpnKdw=
Subject key identifier: 56:DE:4A:C7:30:6D:84:2F:35:4B:9B:2F:DE:FF:A9:78:9B:3C:25:F9
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 0194228D769EDE980112C716287B176F83C2
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/Vt5KxzBthC81S5sv3v-peJs8Jfk.roa
Signing time: Wed 01 Jan 2025 15:48:03 +0000
ROA not before: Wed 01 Jan 2025 15:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205800
IP address blocks: 185.206.124.0/24 maxlen: 24
185.206.125.0/24 maxlen: 24
185.206.126.0/24 maxlen: 24
185.206.127.0/24 maxlen: 24
2a0b:d3c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:76:9e:de:98:01:12:c7:16:28:7b:17:6f:83:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 1 15:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56de4ac7306d842f354b9b2fdeffa9789b3c25f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:7c:bc:59:48:f0:9b:b5:2b:94:0e:84:a8:
de:0f:f8:d8:62:c4:24:41:47:7f:02:e1:71:4e:7c:
5e:70:f0:36:da:e2:5b:7a:d4:ec:63:db:42:12:d2:
44:d5:56:d8:19:f5:4f:1e:3d:59:e2:f9:ce:6a:07:
14:ff:39:a2:58:88:b5:65:29:70:3a:3a:20:ce:a3:
51:63:24:3a:9a:0d:60:51:6b:0a:19:c3:8c:a6:aa:
2f:d1:f3:8e:41:98:7f:66:a6:5c:81:97:1f:6b:31:
08:1a:cc:c6:bc:f1:29:0f:08:c3:de:a4:dd:45:43:
46:cb:d5:e0:33:e3:31:09:1a:9f:a2:62:1b:26:23:
95:1b:5d:16:4b:54:3d:ba:d0:c9:fa:96:9a:20:81:
30:d9:57:a6:b3:a0:6d:d8:a6:92:44:1f:7e:82:e0:
c8:10:aa:ed:ff:20:59:ca:7b:58:46:01:0a:42:52:
4d:e4:c9:e7:8d:29:fa:bd:b6:01:e3:f0:5d:91:39:
d8:e5:69:f2:8f:e5:80:8b:0a:cb:6a:4d:33:48:d9:
c2:ad:8d:a0:d6:16:11:d9:fc:25:44:95:43:fa:87:
5d:5d:71:c5:6c:30:0b:16:a8:96:fe:13:60:6b:0d:
b1:46:93:20:94:35:30:26:fc:d4:ca:96:e6:4a:30:
64:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DE:4A:C7:30:6D:84:2F:35:4B:9B:2F:DE:FF:A9:78:9B:3C:25:F9
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/Vt5KxzBthC81S5sv3v-peJs8Jfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.124.0/22
IPv6:
2a0b:d3c0::/32
Signature Algorithm: sha256WithRSAEncryption
88:b2:84:21:4f:61:2b:51:0a:ac:dc:80:f3:c0:06:87:b9:82:
f2:6d:1a:07:20:9e:e3:f3:6d:53:d5:35:75:08:0a:9a:ad:a5:
e8:4b:4e:b1:16:94:78:2d:80:74:02:c0:6a:ad:4d:33:5a:2f:
5c:0d:32:e1:d1:d0:d1:c1:14:48:a0:5b:05:f8:66:31:8e:58:
f2:cc:d7:9b:df:3e:e1:a2:86:52:2c:7c:75:a5:4c:8f:d3:f6:
e4:14:16:85:41:3c:75:71:36:12:fd:1b:5c:29:0d:ce:7c:20:
15:4c:ee:eb:e6:51:8d:de:52:ba:ae:72:55:ef:60:35:65:27:
86:9f:3e:bb:47:67:ab:0f:2a:c1:51:e8:7b:32:dd:ac:23:20:
3a:5b:1a:f4:59:74:47:bc:00:df:8b:1d:51:da:38:b9:1d:6f:
b2:39:ea:42:04:e9:4d:7f:77:90:c1:38:4a:5c:06:ea:12:7c:
9e:f2:55:ea:12:e2:e4:99:f3:40:c5:8b:1b:68:0d:91:3d:57:
48:51:bc:61:7c:14:29:a9:97:be:4c:b9:03:25:96:f3:45:8d:
ad:42:69:7e:bb:36:8a:03:d2:0a:94:4f:5c:81:c0:2a:b1:3c:
06:17:0b:61:8b:34:2d:c2:5a:19:8a:8b:cf:5c:a8:58:2b:81:
cc:a4:ef:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijXae3pgBEscWKHsXb4PCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTA5MmJiYzJjYWNhZTI0Nzc3NGY2MmIwZmRiZGM0NGE5
NzRjZjIwHhcNMjUwMTAxMTU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRlNGFjNzMwNmQ4NDJmMzU0YjliMmZkZWZmYTk3ODliM2MyNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUZ8vFlI8Ju1K5QOhKjeD/jYYsQk
QUd/AuFxTnxecPA22uJbetTsY9tCEtJE1VbYGfVPHj1Z4vnOagcU/zmiWIi1ZSlw
OjogzqNRYyQ6mg1gUWsKGcOMpqov0fOOQZh/ZqZcgZcfazEIGszGvPEpDwjD3qTd
RUNGy9XgM+MxCRqfomIbJiOVG10WS1Q9utDJ+paaIIEw2Vems6Bt2KaSRB9+guDI
EKrt/yBZyntYRgEKQlJN5MnnjSn6vbYB4/BdkTnY5Wnyj+WAiwrLak0zSNnCrY2g
1hYR2fwlRJVD+oddXXHFbDALFqiW/hNgaw2xRpMglDUwJvzUypbmSjBkWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFbeSscwbYQvNUubL97/qXibPCX5MB8GA1UdIwQY
MBaAFKyQkrvCysriR3dPYrD9vcRKl0zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMt
YTNmYzE5NmFhYmIzLzEvVnQ1S3h6QnRoQzgxUzVzdjN2LXBlSnM4SmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMtYTNmYzE5NmFhYmIz
LzEvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc58MA0E
AgACMAcDBQAqC9PAMA0GCSqGSIb3DQEBCwUAA4IBAQCIsoQhT2ErUQqs3IDzwAaH
uYLybRoHIJ7j821T1TV1CAqaraXoS06xFpR4LYB0AsBqrU0zWi9cDTLh0dDRwRRI
oFsF+GYxjljyzNeb3z7hooZSLHx1pUyP0/bkFBaFQTx1cTYS/RtcKQ3OfCAVTO7r
5lGN3lK6rnJV72A1ZSeGnz67R2erDyrBUeh7Mt2sIyA6Wxr0WXRHvADfix1R2ji5
HW+yOepCBOlNf3eQwThKXAbqEnye8lXqEuLkmfNAxYsbaA2RPVdIUbxhfBQpqZe+
TLkDJZbzRY2tQml+uzaKA9IKlE9cgcAqsTwGFwthizQtwloZiovPXKhYK4HMpO/m
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:03:22 2025 by rpki-client