Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/Vec_C6RiaudIxR6DQyYXgE_U-TY.roa
File: Vec_C6RiaudIxR6DQyYXgE_U-TY.roa (raw, json)
Hash identifier: MAwYc1OA3xQJeom5DQYcF+PCN/vQZIWajJ/StbTU5Q0=
Subject key identifier: 55:E7:3F:0B:A4:62:6A:E7:48:C5:1E:83:43:26:17:80:4F:D4:F9:36
Certificate issuer: /CN=2f57a34b058aafa0a763124a7d5d4187f4faabac
Certificate serial: 01941F8C576C89EF936D7A7C943A40F28F5C
Authority key identifier: 2F:57:A3:4B:05:8A:AF:A0:A7:63:12:4A:7D:5D:41:87:F4:FA:AB:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/Vec_C6RiaudIxR6DQyYXgE_U-TY.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51492
IP address blocks: 89.46.121.0/24 maxlen: 24
89.46.125.0/24 maxlen: 24
185.36.253.0/24 maxlen: 24
185.177.140.0/22 maxlen: 22
188.116.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:57:6c:89:ef:93:6d:7a:7c:94:3a:40:f2:8f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f57a34b058aafa0a763124a7d5d4187f4faabac
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55e73f0ba4626ae748c51e83432617804fd4f936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:dc:4b:97:7f:2d:07:af:5b:cf:a3:a7:ac:
12:f7:86:5f:0e:be:70:cc:f1:f2:2d:40:63:70:e4:
16:52:65:31:45:c0:00:86:96:c3:e8:43:b7:bf:b2:
a9:f9:95:fc:ff:c4:ce:e2:fd:ed:71:03:ec:ae:ea:
d1:c1:e1:49:3b:42:e7:9c:a7:08:bf:a4:6b:93:9a:
94:be:e3:51:c3:f8:d9:af:c3:33:b6:13:20:3f:77:
52:ab:c2:45:68:79:7b:22:29:ac:ad:cd:53:d8:09:
a2:ad:78:a3:20:5c:e1:73:94:46:25:22:d3:66:cb:
fa:e5:1d:ba:30:cd:f6:42:84:25:dc:43:e6:ea:d5:
ab:5b:4e:a3:fb:5a:b9:67:e3:ba:b1:70:eb:d2:ba:
33:bb:3f:37:94:f3:7b:14:4e:2d:76:73:59:ca:93:
f8:f7:76:66:b5:ad:1c:3a:9a:9f:ef:bc:34:86:ae:
d0:d6:bf:50:7d:9c:c1:5e:cc:16:db:26:b6:3a:a4:
dd:c0:ff:ed:f0:75:9a:1b:c2:b3:91:fa:8e:52:ea:
f5:97:b6:10:32:eb:ed:20:8b:5e:56:fc:6e:08:1f:
3b:4e:e9:14:f1:a4:c4:7e:4c:3b:f9:6d:52:ab:bf:
56:27:50:53:41:43:78:e0:b7:c1:eb:33:e3:62:0b:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E7:3F:0B:A4:62:6A:E7:48:C5:1E:83:43:26:17:80:4F:D4:F9:36
X509v3 Authority Key Identifier:
keyid:2F:57:A3:4B:05:8A:AF:A0:A7:63:12:4A:7D:5D:41:87:F4:FA:AB:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/Vec_C6RiaudIxR6DQyYXgE_U-TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7f356a-a251-4b7a-9062-2dcd6a00ca12/1/L1ejSwWKr6CnYxJKfV1Bh_T6q6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.121.0/24
89.46.125.0/24
185.36.253.0/24
185.177.140.0/22
188.116.47.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f3:b8:f4:37:c0:ef:a3:82:e5:12:f9:ee:9c:3f:f3:3f:74:
98:34:cf:1c:69:c6:b0:7a:8a:7e:0a:2f:fc:ab:66:e0:2a:11:
c7:fe:24:00:3b:04:e4:ef:45:31:82:54:b6:aa:60:14:ec:98:
0c:ad:91:37:47:c0:30:23:2d:3b:c6:3c:04:65:81:9b:61:e3:
41:15:b7:37:e7:c7:d0:b6:86:cd:2f:99:ae:f2:0c:a9:d6:3e:
ea:99:de:ac:47:0f:aa:4e:bf:8d:f8:c5:91:39:58:8a:5d:17:
f7:31:c6:ef:28:c5:3c:94:0c:7b:06:db:0c:f9:0e:68:7c:54:
7f:c9:b3:ae:04:38:eb:91:89:63:ed:9f:9c:0c:b8:99:64:71:
ba:9b:44:44:d1:2c:25:c5:fb:95:45:20:c3:f3:62:f3:b2:b5:
18:b7:76:16:44:fe:d2:3a:7f:80:d5:4f:38:83:85:7c:3e:d1:
47:6a:02:f4:9b:ce:cc:4b:f7:a7:8d:15:19:41:cf:08:98:eb:
8e:b1:0f:0d:1d:35:5b:26:9e:e8:7d:79:ae:e0:d6:fe:aa:72:
fa:34:59:9b:21:01:ca:89:dd:24:17:16:a7:45:bf:8f:7a:95:
23:52:23:4f:9b:e5:1a:e6:07:22:c9:70:ea:32:53:3a:ef:81:
35:41:9a:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjFdsie+TbXp8lDpA8o9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTdhMzRiMDU4YWFmYTBhNzYzMTI0YTdkNWQ0MTg3ZjRm
YWFiYWMwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU3M2YwYmE0NjI2YWU3NDhjNTFlODM0MzI2MTc4MDRmZDRmOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrXcS5d/LQevW8+jp6wS94ZfDr5w
zPHyLUBjcOQWUmUxRcAAhpbD6EO3v7Kp+ZX8/8TO4v3tcQPsrurRweFJO0LnnKcI
v6Rrk5qUvuNRw/jZr8MzthMgP3dSq8JFaHl7Iimsrc1T2AmirXijIFzhc5RGJSLT
Zsv65R26MM32QoQl3EPm6tWrW06j+1q5Z+O6sXDr0rozuz83lPN7FE4tdnNZypP4
93Zmta0cOpqf77w0hq7Q1r9QfZzBXswW2ya2OqTdwP/t8HWaG8KzkfqOUur1l7YQ
MuvtIIteVvxuCB87TukU8aTEfkw7+W1Sq79WJ1BTQUN44LfB6zPjYgul3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFXnPwukYmrnSMUeg0MmF4BP1Pk2MB8GA1UdIwQY
MBaAFC9Xo0sFiq+gp2MSSn1dQYf0+qusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFlalN3V0tyNkNuWXhKS2ZWMUJoX1Q2cTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZjM1NmEtYTI1MS00YjdhLTkwNjIt
MmRjZDZhMDBjYTEyLzEvVmVjX0M2UmlhdWRJeFI2RFF5WVhnRV9VLVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZjM1NmEtYTI1MS00YjdhLTkwNjItMmRjZDZhMDBjYTEy
LzEvTDFlalN3V0tyNkNuWXhKS2ZWMUJoX1Q2cTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWS55AwQA
WS59AwQAuST9AwQCubGMAwQAvHQvMA0GCSqGSIb3DQEBCwUAA4IBAQBJ87j0N8Dv
o4LlEvnunD/zP3SYNM8cacaweop+Ci/8q2bgKhHH/iQAOwTk70UxglS2qmAU7JgM
rZE3R8AwIy07xjwEZYGbYeNBFbc358fQtobNL5mu8gyp1j7qmd6sRw+qTr+N+MWR
OViKXRf3McbvKMU8lAx7BtsM+Q5ofFR/ybOuBDjrkYlj7Z+cDLiZZHG6m0RE0Swl
xfuVRSDD82LzsrUYt3YWRP7SOn+A1U84g4V8PtFHagL0m87MS/enjRUZQc8ImOuO
sQ8NHTVbJp7ofXmu4Nb+qnL6NFmbIQHKid0kFxanRb+PepUjUiNPm+Ua5gciyXDq
MlM674E1QZqy
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:50:24 2025 by rpki-client