Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/VPRSbhpUWHK9LNCRTJlj7w99FR8.roa
File: VPRSbhpUWHK9LNCRTJlj7w99FR8.roa (raw, json)
Hash identifier: iyRxgtVq0GVpiBHIkamYcHY6gGzLkU1W/+EnFJzw2iI=
Subject key identifier: 54:F4:52:6E:1A:54:58:72:BD:2C:D0:91:4C:99:63:EF:0F:7D:15:1F
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 01942143AB87DD510B09F3536C035566A9B3
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/VPRSbhpUWHK9LNCRTJlj7w99FR8.roa
Signing time: Wed 01 Jan 2025 09:47:50 +0000
ROA not before: Wed 01 Jan 2025 09:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197912
IP address blocks: 128.127.168.0/24 maxlen: 24
128.127.169.0/24 maxlen: 24
128.127.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ab:87:dd:51:0b:09:f3:53:6c:03:55:66:a9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 1 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54f4526e1a545872bd2cd0914c9963ef0f7d151f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:27:2e:b8:37:92:eb:2c:30:89:18:7d:65:48:
b0:db:da:45:d0:79:f2:fe:11:15:75:29:49:67:fd:
65:ac:56:af:1f:b6:05:d5:4c:35:f8:4c:8a:ce:85:
30:23:75:8f:11:42:5d:13:0a:12:15:05:e2:2d:f6:
14:ea:d7:d1:28:b8:fd:57:a4:70:89:2b:72:1f:ad:
fa:b8:43:3c:5e:86:a4:ef:63:88:13:24:45:20:20:
01:e8:b7:37:d2:e4:80:04:62:66:2a:06:bc:6d:59:
17:02:8e:48:67:2b:0e:e3:c4:80:7b:fe:82:48:59:
ee:31:7b:45:8b:75:6c:0f:54:2c:e8:8e:c3:b6:dd:
82:05:6c:8d:87:b1:12:14:73:99:96:52:aa:56:0d:
01:f2:d0:7b:8d:cb:cc:64:78:86:9e:ef:3d:cf:2e:
5b:52:b8:7d:4a:a1:e6:9f:d8:f6:49:db:e7:1d:0b:
86:e4:11:be:53:cf:e5:76:bd:c4:3d:1a:9b:d5:2c:
e8:86:dd:aa:3c:aa:8c:7e:93:26:34:36:e5:af:0c:
e8:2a:c4:57:6f:33:bd:97:b1:a7:37:4e:e5:dd:0f:
2e:10:ce:d6:e1:84:cc:7e:fc:95:d8:63:f4:51:63:
05:50:57:72:25:bd:77:19:d3:a1:02:6c:cf:a6:28:
68:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:52:6E:1A:54:58:72:BD:2C:D0:91:4C:99:63:EF:0F:7D:15:1F
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/VPRSbhpUWHK9LNCRTJlj7w99FR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.168.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
3e:88:4f:1c:bb:c7:20:c1:91:5b:de:21:ee:3e:f1:c3:88:ab:
2b:56:c5:7d:40:0e:59:f8:21:22:39:31:e2:88:6b:dd:0b:fe:
e0:64:92:c5:4b:be:97:d0:f1:e5:e6:ce:25:ee:bd:0b:06:bd:
8e:b4:ad:5f:45:3b:5f:d4:fe:f7:7c:80:d4:bd:8d:11:6c:d0:
27:7f:45:8a:a0:ef:91:d2:ae:bc:07:fb:63:c0:6a:9c:f3:5a:
16:5b:5f:45:15:ee:17:a4:c6:94:3e:32:c8:f6:8e:83:14:b7:
ac:4e:92:7f:ef:82:22:78:09:d8:43:4c:10:eb:8b:51:5b:45:
09:6f:82:de:07:aa:97:04:18:6c:83:85:a6:3f:aa:be:d1:9a:
71:a3:72:7f:79:b6:69:05:c5:0a:a1:1f:81:02:30:d1:c5:54:
76:5f:65:5a:56:73:99:eb:c3:ad:09:6b:13:95:75:79:e4:a1:
73:f8:f8:e7:79:23:76:ae:33:47:e1:e1:52:16:18:3c:1c:56:
7d:00:e9:f3:22:97:a3:b4:a1:9a:67:cc:74:e5:42:61:36:2a:
a0:3b:f7:39:9b:69:98:92:73:a7:e8:0f:a9:80:65:9c:11:7b:
27:ad:7a:a9:40:a0:f1:f0:2e:ce:f9:c2:b6:43:a1:f3:70:d7:
d7:64:23:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhQ6uH3VELCfNTbANVZqmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm
MDNjNGEwHhcNMjUwMTAxMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY0NTI2ZTFhNTQ1ODcyYmQyY2QwOTE0Yzk5NjNlZjBmN2QxNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxycuuDeS6ywwiRh9ZUiw29pF0Hny
/hEVdSlJZ/1lrFavH7YF1Uw1+EyKzoUwI3WPEUJdEwoSFQXiLfYU6tfRKLj9V6Rw
iStyH636uEM8Xoak72OIEyRFICAB6Lc30uSABGJmKga8bVkXAo5IZysO48SAe/6C
SFnuMXtFi3VsD1Qs6I7Dtt2CBWyNh7ESFHOZllKqVg0B8tB7jcvMZHiGnu89zy5b
Urh9SqHmn9j2SdvnHQuG5BG+U8/ldr3EPRqb1Szoht2qPKqMfpMmNDblrwzoKsRX
bzO9l7GnN07l3Q8uEM7W4YTMfvyV2GP0UWMFUFdyJb13GdOhAmzPpihogQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFT0Um4aVFhyvSzQkUyZY+8PfRUfMB8GA1UdIwQY
MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt
YTAxZTllNmRjYmYyLzEvVlBSU2JocFVXSEs5TE5DUlRKbGo3dzk5RlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy
LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOAf6gD
BACAf6owDQYJKoZIhvcNAQELBQADggEBAD6ITxy7xyDBkVveIe4+8cOIqytWxX1A
Dln4ISI5MeKIa90L/uBkksVLvpfQ8eXmziXuvQsGvY60rV9FO1/U/vd8gNS9jRFs
0Cd/RYqg75HSrrwH+2PAapzzWhZbX0UV7hekxpQ+Msj2joMUt6xOkn/vgiJ4CdhD
TBDri1FbRQlvgt4HqpcEGGyDhaY/qr7RmnGjcn95tmkFxQqhH4ECMNHFVHZfZVpW
c5nrw60JaxOVdXnkoXP4+Od5I3auM0fh4VIWGDwcVn0A6fMil6O0oZpnzHTlQmE2
KqA79zmbaZiSc6foD6mAZZwReyeteqlAoPHwLs75wrZDofNw19dkI50=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:38:46 2025 by rpki-client