Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/VpH6NdmEMri6-9x0sEVx5gZmOT4.roa
File: VpH6NdmEMri6-9x0sEVx5gZmOT4.roa (raw, json)
Hash identifier: dJFxGz10nN8N6LrUiqzV5+4+jpByHji6pA/wux4VDqI=
Subject key identifier: 56:91:FA:35:D9:84:32:B8:BA:FB:DC:74:B0:45:71:E6:06:66:39:3E
Certificate issuer: /CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Certificate serial: 0194228E3C531EE552B35277B0446CA4A11B
Authority key identifier: 12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/VpH6NdmEMri6-9x0sEVx5gZmOT4.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204135
IP address blocks: 185.235.36.0/22 maxlen: 22
185.235.36.0/24 maxlen: 24
185.235.37.0/24 maxlen: 24
185.235.38.0/24 maxlen: 24
2a0e:1700::/32 maxlen: 32
2a0e:1701::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Eu5iV9DDorkwVhryUi2eWvf5y8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Eu5iV9DDorkwVhryUi2eWvf5y8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3c:53:1e:e5:52:b3:52:77:b0:44:6c:a4:a1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ee6257d0c3a2b930561af2522d9e5af7f9cbc7
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5691fa35d98432b8bafbdc74b04571e60666393e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0d:27:fc:ca:b5:94:69:5d:d1:96:69:26:a4:
a1:4f:26:88:09:da:cb:fc:a2:88:f6:46:2a:76:2a:
40:72:fb:7c:a6:95:a6:d0:f3:65:21:38:2a:7b:6d:
7a:d6:55:f9:ae:16:51:c4:2d:16:cd:c6:20:73:85:
41:89:15:54:00:ec:80:c0:3f:b3:1b:88:41:84:48:
4a:0a:f8:20:43:14:24:ba:13:fd:99:fc:7d:90:76:
54:79:cf:ec:5f:82:37:7b:0b:3a:80:d2:92:53:c9:
6d:61:82:90:1e:e1:6e:dc:4c:f8:21:b1:02:e0:f4:
ce:80:97:67:7a:de:94:56:ef:fc:ed:4a:9a:19:c5:
de:a0:98:12:4c:41:48:ce:72:8d:05:8a:31:f2:d4:
ef:5c:ed:70:92:34:12:10:64:ea:2d:0e:53:85:ed:
9a:61:0f:fb:41:71:0c:5c:69:c6:2a:35:94:94:8d:
7f:cd:1b:85:7b:4f:13:78:5c:17:4e:3a:2a:5f:9d:
03:74:c2:f4:fe:4d:5f:33:70:90:55:79:44:29:6f:
c2:53:2c:be:eb:14:33:f3:86:2c:38:e6:5e:cd:e3:
74:6b:ac:57:0c:fd:61:a3:81:91:98:97:86:e3:7f:
78:f3:1d:7a:f3:70:9f:fc:de:71:2a:3f:71:46:1a:
22:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:91:FA:35:D9:84:32:B8:BA:FB:DC:74:B0:45:71:E6:06:66:39:3E
X509v3 Authority Key Identifier:
keyid:12:EE:62:57:D0:C3:A2:B9:30:56:1A:F2:52:2D:9E:5A:F7:F9:CB:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu5iV9DDorkwVhryUi2eWvf5y8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/VpH6NdmEMri6-9x0sEVx5gZmOT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/71dee2-e1c1-40ce-b311-3f33866192d0/1/Eu5iV9DDorkwVhryUi2eWvf5y8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.36.0/22
IPv6:
2a0e:1700::/31
Signature Algorithm: sha256WithRSAEncryption
76:82:79:4b:77:c3:1f:94:e4:ad:16:f3:95:1b:8d:c0:13:19:
81:1c:e3:b2:d7:b5:56:c9:aa:ed:62:90:b5:4a:96:c3:59:40:
d1:de:70:64:c3:d8:3d:1b:7f:34:90:66:59:1c:07:51:a1:ed:
34:f2:42:02:89:4a:7d:be:e8:d4:5d:2e:a2:8f:1a:9a:73:a5:
f7:f0:10:c8:46:ce:e2:89:37:6b:1e:de:4a:f7:00:ff:15:d8:
84:bb:6f:7a:39:ae:fe:a9:88:c3:dc:51:7b:9b:ee:40:4c:fd:
ec:b3:c6:fe:26:24:f6:29:c4:2c:1c:b2:13:2b:73:d2:8a:38:
d8:d0:17:dc:66:42:5c:8e:ac:87:98:f3:1f:42:65:f3:0e:77:
60:b8:08:23:82:ac:97:80:b4:ce:41:df:7c:aa:ad:6d:c3:67:
3d:3a:b2:77:f5:94:20:4a:d9:48:ba:d8:d7:ab:3b:1d:bb:40:
4a:59:10:2f:25:e0:52:97:1f:67:d3:3c:f4:fb:ac:7a:c3:c4:
d6:bf:7a:b4:f7:be:34:49:09:b6:54:16:0b:17:49:be:ca:71:
5f:ef:08:f7:87:1a:f6:18:2a:e5:84:d8:0d:6b:43:27:cd:1b:
40:a7:97:01:71:7b:d9:4b:5a:52:da:00:5c:9c:e4:5f:a0:a0:
ab:26:2b:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijjxTHuVSs1J3sERspKEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWU2MjU3ZDBjM2EyYjkzMDU2MWFmMjUyMmQ5ZTVhZjdm
OWNiYzcwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjkxZmEzNWQ5ODQzMmI4YmFmYmRjNzRiMDQ1NzFlNjA2NjYzOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw0n/Mq1lGld0ZZpJqShTyaICdrL
/KKI9kYqdipAcvt8ppWm0PNlITgqe2161lX5rhZRxC0WzcYgc4VBiRVUAOyAwD+z
G4hBhEhKCvggQxQkuhP9mfx9kHZUec/sX4I3ews6gNKSU8ltYYKQHuFu3Ez4IbEC
4PTOgJdnet6UVu/87UqaGcXeoJgSTEFIznKNBYox8tTvXO1wkjQSEGTqLQ5The2a
YQ/7QXEMXGnGKjWUlI1/zRuFe08TeFwXTjoqX50DdML0/k1fM3CQVXlEKW/CUyy+
6xQz84YsOOZezeN0a6xXDP1ho4GRmJeG43948x1683Cf/N5xKj9xRhoivwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFaR+jXZhDK4uvvcdLBFceYGZjk+MB8GA1UdIwQY
MBaAFBLuYlfQw6K5MFYa8lItnlr3+cvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEt
M2YzMzg2NjE5MmQwLzEvVnBINk5kbUVNcmk2LTl4MHNFVng1Z1ptT1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MWRlZTItZTFjMS00MGNlLWIzMTEtM2YzMzg2NjE5MmQw
LzEvRXU1aVY5RERvcmt3VmhyeVVpMmVXdmY1eThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueskMA0E
AgACMAcDBQEqDhcAMA0GCSqGSIb3DQEBCwUAA4IBAQB2gnlLd8MflOStFvOVG43A
ExmBHOOy17VWyartYpC1SpbDWUDR3nBkw9g9G380kGZZHAdRoe008kICiUp9vujU
XS6ijxqac6X38BDIRs7iiTdrHt5K9wD/FdiEu296Oa7+qYjD3FF7m+5ATP3ss8b+
JiT2KcQsHLITK3PSijjY0BfcZkJcjqyHmPMfQmXzDndguAgjgqyXgLTOQd98qq1t
w2c9OrJ39ZQgStlIutjXqzsdu0BKWRAvJeBSlx9n0zz0+6x6w8TWv3q09740SQm2
VBYLF0m+ynFf7wj3hxr2GCrlhNgNa0MnzRtAp5cBcXvZS1pS2gBcnORfoKCrJivZ
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:35:29 2025 by rpki-client