Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/VjqdrxGTRj_HInStkdep02mDb9Q.roa
File: VjqdrxGTRj_HInStkdep02mDb9Q.roa (raw, json)
Hash identifier: FNpVRLOkWoRmhAFzENCKzeCXF5FLB71OdgzjA3hm4XA=
Subject key identifier: 56:3A:9D:AF:11:93:46:3F:C7:22:74:AD:91:D7:A9:D3:69:83:6F:D4
Certificate issuer: /CN=db282fd897317c2cadd7b13969f6f015c397e05d
Certificate serial: 019426D9895C483EFF901734B17766C3E2A2
Authority key identifier: DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/VjqdrxGTRj_HInStkdep02mDb9Q.roa
Signing time: Thu 02 Jan 2025 11:49:38 +0000
ROA not before: Thu 02 Jan 2025 11:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.9.36.0/24 maxlen: 24
185.9.37.0/24 maxlen: 24
185.9.38.0/24 maxlen: 24
185.9.39.0/24 maxlen: 24
185.244.144.0/24 maxlen: 24
185.244.145.0/24 maxlen: 24
185.244.146.0/24 maxlen: 24
185.244.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 18:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:89:5c:48:3e:ff:90:17:34:b1:77:66:c3:e2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db282fd897317c2cadd7b13969f6f015c397e05d
Validity
Not Before: Jan 2 11:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=563a9daf1193463fc72274ad91d7a9d369836fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:15:cf:91:0a:c9:5a:bc:f8:cb:1c:5e:34:b1:
e9:88:71:ca:54:63:95:88:0a:ea:8e:ce:ca:2f:f6:
8f:49:c2:e0:e4:af:61:7f:71:53:e8:7d:fd:85:71:
38:5f:7a:93:ee:cd:99:ca:08:13:b2:ea:ec:85:55:
0b:ac:98:32:f3:b1:f5:33:09:07:19:2d:8c:88:4c:
58:bf:70:83:73:9e:ee:18:c4:a0:3f:02:25:3d:f7:
5e:2c:70:b8:40:06:7f:4d:91:34:61:85:ea:b7:57:
e9:d7:75:2e:36:1a:66:d1:4d:b1:7f:42:42:70:8f:
e2:bc:f9:98:14:c9:01:db:4e:33:ab:68:5f:89:53:
17:56:5b:ba:06:19:07:24:a8:f0:37:21:7e:3d:b9:
92:93:2e:6b:63:8f:f7:47:ec:39:d4:af:64:98:fb:
45:b8:9e:8d:06:04:10:e6:27:12:e7:a1:3d:eb:97:
bf:49:a5:b7:ab:27:6e:e7:3d:51:61:4f:75:07:f4:
de:3e:a0:c9:b0:39:70:2d:75:bc:5d:1e:4a:17:8c:
4c:88:38:8e:54:31:b8:6a:f0:66:69:22:1f:94:9a:
ac:0d:fa:4d:73:0e:51:36:1d:bd:4e:0b:13:5d:b6:
a1:4b:9a:be:32:a2:44:64:ab:74:bb:fd:cf:f3:0b:
40:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3A:9D:AF:11:93:46:3F:C7:22:74:AD:91:D7:A9:D3:69:83:6F:D4
X509v3 Authority Key Identifier:
keyid:DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/VjqdrxGTRj_HInStkdep02mDb9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.36.0/22
185.244.144.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:45:ee:c9:c4:df:8f:a4:64:6c:e6:45:7c:7f:7a:2a:98:32:
bd:d4:38:5c:1b:66:5a:2e:0d:6e:bd:24:3f:b2:ce:dc:c3:29:
6e:f8:ad:0a:bb:0b:ac:8f:ef:ce:b8:bf:b8:de:6a:1c:54:9b:
86:6e:12:d9:2d:02:6b:82:d7:19:9c:00:21:31:4f:93:af:75:
ae:cb:ff:59:44:e3:f2:d3:6a:60:2c:23:ff:bc:79:d1:06:2d:
ac:da:71:8e:45:52:57:d2:5f:e0:ed:bf:81:74:eb:3e:59:b7:
06:ca:54:94:78:63:6d:43:d8:16:b9:8c:20:8a:69:dd:01:33:
3b:69:ad:d5:a0:30:86:52:2f:cf:0d:27:12:5a:2b:cf:ee:5f:
97:47:20:7a:0d:31:e3:16:4b:a9:fb:8b:e4:1c:aa:95:25:3c:
70:75:3f:6d:c7:8c:7a:9b:20:3b:56:95:92:de:fa:ba:1d:45:
e1:13:69:35:17:53:1f:b1:2a:73:1b:a1:cb:9f:fc:8f:78:ca:
ee:79:92:7a:69:3f:6d:cc:93:22:b3:0b:6a:ee:de:b4:15:cc:
4f:99:01:12:b1:c1:ec:17:10:b4:2c:d4:6e:7e:c0:d3:3c:96:
78:c7:e5:9f:9c:f8:5b:03:d2:32:b4:b5:e6:fd:1e:3b:4c:6a:
56:86:92:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2YlcSD7/kBc0sXdmw+KiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjgyZmQ4OTczMTdjMmNhZGQ3YjEzOTY5ZjZmMDE1YzM5
N2UwNWQwHhcNMjUwMTAyMTE0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNhOWRhZjExOTM0NjNmYzcyMjc0YWQ5MWQ3YTlkMzY5ODM2ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRXPkQrJWrz4yxxeNLHpiHHKVGOV
iArqjs7KL/aPScLg5K9hf3FT6H39hXE4X3qT7s2ZyggTsurshVULrJgy87H1MwkH
GS2MiExYv3CDc57uGMSgPwIlPfdeLHC4QAZ/TZE0YYXqt1fp13UuNhpm0U2xf0JC
cI/ivPmYFMkB204zq2hfiVMXVlu6BhkHJKjwNyF+PbmSky5rY4/3R+w51K9kmPtF
uJ6NBgQQ5icS56E965e/SaW3qydu5z1RYU91B/TePqDJsDlwLXW8XR5KF4xMiDiO
VDG4avBmaSIflJqsDfpNcw5RNh29TgsTXbahS5q+MqJEZKt0u/3P8wtAnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFY6na8Rk0Y/xyJ0rZHXqdNpg2/UMB8GA1UdIwQY
MBaAFNsoL9iXMXwsrdexOWn28BXDl+BdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3Yjgt
MzUzYmM2MjY2ZWU2LzEvVmpxZHJ4R1RSal9ISW5TdGtkZXAwMm1EYjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3YjgtMzUzYmM2MjY2ZWU2
LzEvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQkkAwQC
ufSQMA0GCSqGSIb3DQEBCwUAA4IBAQDBRe7JxN+PpGRs5kV8f3oqmDK91DhcG2Za
Lg1uvSQ/ss7cwylu+K0Kuwusj+/OuL+43mocVJuGbhLZLQJrgtcZnAAhMU+Tr3Wu
y/9ZROPy02pgLCP/vHnRBi2s2nGORVJX0l/g7b+BdOs+WbcGylSUeGNtQ9gWuYwg
imndATM7aa3VoDCGUi/PDScSWivP7l+XRyB6DTHjFkup+4vkHKqVJTxwdT9tx4x6
myA7VpWS3vq6HUXhE2k1F1MfsSpzG6HLn/yPeMrueZJ6aT9tzJMiswtq7t60FcxP
mQESscHsFxC0LNRufsDTPJZ4x+WfnPhbA9IytLXm/R47TGpWhpJB
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:32:39 2025 by rpki-client