Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/vmadOBoOk6niwocbLQBsll2qRrw.roa
File: vmadOBoOk6niwocbLQBsll2qRrw.roa (raw, json)
Hash identifier: zQDs58AuBVhnIjhnpftladMye3nflU9pDFBdocMEldo=
Subject key identifier: BE:66:9D:38:1A:0E:93:A9:E2:C2:87:1B:2D:00:6C:96:5D:AA:46:BC
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0194221FBFF53E8215AA4B52CBE06B6DFDE0
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/vmadOBoOk6niwocbLQBsll2qRrw.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 51.198.64.0/23 maxlen: 24
51.198.66.0/23 maxlen: 24
51.198.70.0/23 maxlen: 24
51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
2a06:5901:8100::/40 maxlen: 48
2a06:5901:8200::/40 maxlen: 48
2a06:5901:8300::/40 maxlen: 48
2a06:5901:8500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.mft
rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bf:f5:3e:82:15:aa:4b:52:cb:e0:6b:6d:fd:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be669d381a0e93a9e2c2871b2d006c965daa46bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9f:fc:93:b5:27:06:65:19:30:48:77:2d:34:
69:7b:3d:f8:10:9f:30:af:3b:3e:22:d7:c6:1f:38:
89:5e:fe:6a:b9:d5:f4:d0:c8:d9:42:c8:6b:f2:12:
80:8d:29:b4:e1:cd:dc:6d:e1:b2:d7:e8:1f:bb:1f:
c4:90:d8:6d:1c:aa:91:62:7f:b4:f4:ee:79:00:a0:
15:8b:e9:fa:26:72:7d:2a:00:b8:29:86:8b:b1:8c:
51:24:df:3e:a1:ab:5c:59:87:5b:aa:35:07:ad:c5:
8b:bd:4c:df:b7:87:e7:9d:b7:76:7c:46:5f:79:97:
31:df:a0:21:0a:be:47:89:c9:c2:d8:8c:3d:ed:3a:
e5:29:59:2a:fb:d7:79:b3:46:5e:b8:3b:f6:b0:bd:
fd:9d:86:25:48:c2:d5:6e:37:a6:7e:aa:f8:eb:5f:
44:63:3e:b3:b2:95:02:7a:61:a4:32:83:53:0a:94:
b3:a1:54:a6:8e:df:fd:ad:70:54:d8:e5:a7:77:8e:
3d:ad:45:4f:28:2a:e2:9b:34:d2:dc:77:db:d6:ed:
79:88:54:10:d8:82:e3:19:64:fe:36:cf:9d:c3:77:
06:46:74:1a:f9:d1:e4:c0:58:1e:cb:ee:37:d3:38:
7c:11:e5:ca:a3:0d:2f:07:c0:1e:ac:4f:a9:5f:e7:
c0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:66:9D:38:1A:0E:93:A9:E2:C2:87:1B:2D:00:6C:96:5D:AA:46:BC
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/vmadOBoOk6niwocbLQBsll2qRrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.198.64.0/22
51.198.70.0/23
51.199.252.0/22
IPv6:
2a06:5901:8000::/38
2a06:5901:8500::/40
Signature Algorithm: sha256WithRSAEncryption
0b:4e:82:50:7b:ea:76:bb:6c:3d:1b:94:6b:dd:31:b1:90:d7:
cc:8d:e0:61:af:ab:4c:ed:2a:cf:9a:ca:4c:63:a9:d8:c6:b7:
5c:58:ca:6b:f1:48:a7:d5:95:a3:15:7b:42:16:63:df:2d:06:
db:83:90:f8:9a:f8:7c:08:a6:d1:1c:73:db:99:ab:f9:2e:4a:
3c:7c:c5:ba:30:66:52:04:a5:8b:37:cd:87:78:42:d1:bb:16:
71:c8:4e:23:78:77:6b:90:f2:2d:f4:bf:1b:56:f2:d6:e2:ab:
27:e1:4f:8c:c9:5d:45:22:e8:2d:25:a2:d4:68:7c:fc:5e:72:
4b:03:da:09:0a:f6:8c:59:95:86:66:6f:a9:12:5a:ee:63:2d:
d8:46:bf:fa:2d:97:d6:af:29:55:e7:50:ca:e7:94:d6:c4:c4:
d1:69:0a:64:ac:92:ca:ff:a4:05:89:3e:43:88:8e:3a:12:49:
df:0e:5b:ec:32:5e:1f:4d:2e:1d:30:48:46:a6:36:8e:95:a7:
9a:07:93:a5:ed:19:84:41:e1:f0:6a:ea:1c:07:75:f1:4f:4d:
17:aa:d0:ab:a8:3b:75:a9:34:d5:a9:b0:59:45:4d:ca:9f:36:
59:89:ea:de:72:1d:11:f5:75:16:e6:4e:43:9a:cf:4c:9c:82:
0d:13:fc:45
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQiH7/1PoIVqktSy+Brbf3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY2OWQzODFhMGU5M2E5ZTJjMjg3MWIyZDAwNmM5NjVkYWE0NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5/8k7UnBmUZMEh3LTRpez34EJ8w
rzs+ItfGHziJXv5qudX00MjZQshr8hKAjSm04c3cbeGy1+gfux/EkNhtHKqRYn+0
9O55AKAVi+n6JnJ9KgC4KYaLsYxRJN8+oatcWYdbqjUHrcWLvUzft4fnnbd2fEZf
eZcx36AhCr5HicnC2Iw97TrlKVkq+9d5s0ZeuDv2sL39nYYlSMLVbjemfqr4619E
Yz6zspUCemGkMoNTCpSzoVSmjt/9rXBU2OWnd449rUVPKCrimzTS3Hfb1u15iFQQ
2ILjGWT+Ns+dw3cGRnQa+dHkwFgey+430zh8EeXKow0vB8AerE+pX+fAVwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL5mnTgaDpOp4sKHGy0AbJZdqka8MB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvdm1hZE9Cb09rNm5pd29jYkxRQnNsbDJxUnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCM8ZAAwQB
M8ZGAwQCM8f8MBYEAgACMBADBgIqBlkBgAMGACoGWQGFMA0GCSqGSIb3DQEBCwUA
A4IBAQALToJQe+p2u2w9G5Rr3TGxkNfMjeBhr6tM7SrPmspMY6nYxrdcWMpr8Uin
1ZWjFXtCFmPfLQbbg5D4mvh8CKbRHHPbmav5Lko8fMW6MGZSBKWLN82HeELRuxZx
yE4jeHdrkPIt9L8bVvLW4qsn4U+MyV1FIugtJaLUaHz8XnJLA9oJCvaMWZWGZm+p
ElruYy3YRr/6LZfWrylV51DK55TWxMTRaQpkrJLK/6QFiT5DiI46EknfDlvsMl4f
TS4dMEhGpjaOlaeaB5Ol7RmEQeHwauocB3XxT00XqtCrqDt1qTTVqbBZRU3KnzZZ
ierech0R9XUW5k5Dms9MnIINE/xF
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:41 2025 by rpki-client