Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vxugZk28KC7KCbEu2_ekqXXksUo.roa
File: vxugZk28KC7KCbEu2_ekqXXksUo.roa (raw, json)
Hash identifier: MhPmqpL1OHphEds7EcvH7ZLd0Ll8sC6VAHNqxJTlAAc=
Subject key identifier: BF:1B:A0:66:4D:BC:28:2E:CA:09:B1:2E:DB:F7:A4:A9:75:E4:B1:4A
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747E04321D941D73E6F9D4C0772AF1E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vxugZk28KC7KCbEu2_ekqXXksUo.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206804
IP address blocks: 185.227.68.0/24 maxlen: 24
185.234.73.0/24 maxlen: 24
2a0b:b87:ffd6::/48 maxlen: 48
2a0b:b87:ffd7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e0:43:21:d9:41:d7:3e:6f:9d:4c:07:72:af:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf1ba0664dbc282eca09b12edbf7a4a975e4b14a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3b:fb:d2:eb:f5:7d:99:b7:83:ee:9c:28:3c:
7a:e6:21:d9:82:6a:84:85:4f:78:e1:f6:03:ac:95:
76:8b:d1:8b:bf:46:fd:a7:07:e0:6c:ac:03:8d:3b:
88:29:68:0e:cd:5f:9d:c5:4d:c2:86:7e:ae:ef:dd:
52:e7:3f:d3:44:9d:c5:e9:48:2e:e1:ba:fd:b2:bf:
2c:3b:01:0d:67:60:c2:09:77:a6:26:76:db:34:47:
f1:6c:cc:48:9b:9b:81:10:69:53:c8:9f:61:a3:97:
8b:67:a5:3f:0b:82:b5:4d:80:23:b8:fb:db:a4:dd:
3b:f0:f1:d5:4d:63:76:6c:38:84:f9:c8:35:8b:79:
82:95:1d:da:e1:ed:8b:54:df:b6:84:4d:3a:3d:fe:
71:b9:51:fb:68:b1:c1:b8:f6:45:52:c8:bb:91:57:
a3:10:6e:1c:10:c8:95:55:66:a4:30:99:59:09:a2:
1b:d8:d4:66:66:fb:e0:95:6b:ed:b6:26:87:50:e3:
18:3e:a2:50:10:c2:b1:b8:f2:d4:f1:06:41:01:ca:
d9:88:b6:99:ff:be:dd:64:f8:08:37:5a:f8:6a:7e:
b9:9f:b1:0c:fa:e2:3c:94:c7:3f:dd:ea:7d:fa:22:
13:9e:3b:8b:c8:ef:2b:1d:3b:ee:be:9c:61:23:ff:
f3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1B:A0:66:4D:BC:28:2E:CA:09:B1:2E:DB:F7:A4:A9:75:E4:B1:4A
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vxugZk28KC7KCbEu2_ekqXXksUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.68.0/24
185.234.73.0/24
IPv6:
2a0b:b87:ffd6::/47
Signature Algorithm: sha256WithRSAEncryption
2c:da:31:5c:53:c0:30:09:cc:b8:01:58:d1:3a:48:d0:09:58:
34:29:f6:ab:35:d1:4e:3e:dc:2c:1c:06:75:c5:55:f3:c3:5e:
a8:99:7b:bd:fc:d8:fe:a8:59:84:27:46:78:8b:3e:10:53:55:
8e:fc:b5:0b:28:8a:b9:2f:27:be:1b:66:85:95:66:af:aa:af:
e0:1c:b8:ca:c9:f5:bf:a4:0b:48:95:75:a7:68:f7:58:81:fc:
d4:53:43:54:f4:f8:17:1b:28:aa:ca:7b:ff:73:50:0a:66:67:
f4:03:f8:01:f4:2a:82:16:ff:ac:c3:69:37:dd:68:53:db:4b:
e0:a0:20:7a:97:10:aa:2c:36:57:89:24:85:9b:6f:11:e5:f7:
4c:4b:4c:e8:75:c1:e3:a1:d8:88:9a:0b:69:5a:49:17:80:9f:
49:94:2c:08:a5:a6:57:5f:37:47:b4:f5:e3:d1:26:4c:6d:98:
0c:9b:14:03:95:60:b8:ad:7e:08:d4:80:c2:31:8d:15:5f:d4:
bf:46:86:70:ad:68:4d:71:11:e2:ae:50:b4:a3:df:5f:5b:b6:
6c:6b:11:d4:34:d1:e4:e1:f7:1e:4f:6f:fa:93:50:db:7a:ec:
95:b3:3c:fb:34:3e:ee:15:c5:1b:51:2e:33:21:a9:b4:f9:e6:
50:b8:13:92
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnR+BDIdlB1z5vnUwHcq8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFiYTA2NjRkYmMyODJlY2EwOWIxMmVkYmY3YTRhOTc1ZTRiMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTv70uv1fZm3g+6cKDx65iHZgmqE
hU944fYDrJV2i9GLv0b9pwfgbKwDjTuIKWgOzV+dxU3Chn6u791S5z/TRJ3F6Ugu
4br9sr8sOwENZ2DCCXemJnbbNEfxbMxIm5uBEGlTyJ9ho5eLZ6U/C4K1TYAjuPvb
pN078PHVTWN2bDiE+cg1i3mClR3a4e2LVN+2hE06Pf5xuVH7aLHBuPZFUsi7kVej
EG4cEMiVVWakMJlZCaIb2NRmZvvglWvttiaHUOMYPqJQEMKxuPLU8QZBAcrZiLaZ
/77dZPgIN1r4an65n7EM+uI8lMc/3ep9+iITnjuLyO8rHTvuvpxhI//zbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL8boGZNvCguygmxLtv3pKl15LFKMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdnh1Z1prMjhLQzdLQ2JFdTJfZWtxWFhrc1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAueNEAwQA
uepJMA8EAgACMAkDBwEqCwuH/9YwDQYJKoZIhvcNAQELBQADggEBACzaMVxTwDAJ
zLgBWNE6SNAJWDQp9qs10U4+3CwcBnXFVfPDXqiZe7382P6oWYQnRniLPhBTVY78
tQsoirkvJ74bZoWVZq+qr+AcuMrJ9b+kC0iVdado91iB/NRTQ1T0+BcbKKrKe/9z
UApmZ/QD+AH0KoIW/6zDaTfdaFPbS+CgIHqXEKosNleJJIWbbxHl90xLTOh1weOh
2IiaC2laSReAn0mULAilpldfN0e09ePRJkxtmAybFAOVYLitfgjUgMIxjRVf1L9G
hnCtaE1xEeKuULSj319btmxrEdQ00eTh9x5Pb/qTUNt67JWzPPs0Pu4VxRtRLjMh
qbT55lC4E5I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:01 2025 by rpki-client