Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/vdgwFbYVt8R1VSJ8o61nh0Nw_GA.roa
File: vdgwFbYVt8R1VSJ8o61nh0Nw_GA.roa (raw, json)
Hash identifier: 76jfpsJ1QF75Cjby0A7bmnFhoDcXagSAAfe9ZF5jiZQ=
Subject key identifier: BD:D8:30:15:B6:15:B7:C4:75:55:22:7C:A3:AD:67:87:43:70:FC:60
Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Certificate serial: 01941FFA9570352278CB2920EF5519D400D1
Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/vdgwFbYVt8R1VSJ8o61nh0Nw_GA.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28771
IP address blocks: 92.118.216.0/24 maxlen: 24
92.118.217.0/24 maxlen: 24
92.118.218.0/24 maxlen: 24
92.118.219.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
193.32.28.0/23 maxlen: 23
193.43.158.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
2001:67c:2b04::/48 maxlen: 48
2a09:d7c0::/30 maxlen: 30
2a09:d7c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:95:70:35:22:78:cb:29:20:ef:55:19:d4:00:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd83015b615b7c47555227ca3ad67874370fc60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:11:c1:57:d4:2a:de:6b:db:c5:1c:6b:9e:89:
62:3e:fb:0e:63:f1:0b:87:57:33:d6:03:f3:2f:b4:
1e:09:78:fc:06:9f:3f:ce:26:3b:49:39:78:45:2d:
1e:bd:8a:2a:1f:ac:ea:0e:9e:98:0b:b7:69:71:e9:
16:70:6c:46:3e:d7:1c:71:f5:6d:f3:35:24:8a:d5:
13:63:bd:c9:4d:bc:f4:08:0d:f7:b3:0b:93:81:5b:
12:e4:3b:ca:08:c1:16:e0:87:cf:cf:ef:ce:b2:9d:
c4:6e:5a:a4:b8:5e:d6:05:e0:b8:68:4b:e8:61:c2:
c9:a3:f3:f3:fd:3e:41:7c:a2:a3:98:e8:d5:da:35:
d3:20:0a:3a:08:ee:bb:6e:65:40:ff:31:7a:7f:7b:
51:d5:4c:7f:f1:94:0e:db:bc:82:cf:0c:15:7b:55:
25:a7:49:cd:f3:26:83:89:dd:bd:28:a5:03:13:d2:
21:f8:ea:da:d6:d8:55:43:6c:7f:0d:8e:10:e4:88:
aa:24:d7:f1:d9:2a:0b:28:19:ce:a2:47:d7:c3:f2:
09:b1:33:0e:2e:96:bc:51:c2:d8:82:93:c0:bd:de:
d3:59:5f:18:bb:f8:ba:54:0e:fd:5b:11:74:9a:eb:
2d:6f:93:de:4b:23:48:2e:f7:41:4d:ac:00:3f:57:
cd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D8:30:15:B6:15:B7:C4:75:55:22:7C:A3:AD:67:87:43:70:FC:60
X509v3 Authority Key Identifier:
keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/vdgwFbYVt8R1VSJ8o61nh0Nw_GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.216.0/22
185.188.19.0/24
193.32.28.0/23
193.43.158.0/24
217.61.241.0/24
IPv6:
2001:67c:2b04::/48
2a09:d7c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:36:00:58:d0:70:48:0c:47:fd:7b:2a:8c:0e:d2:78:e3:92:
fc:04:6d:d2:bd:26:76:ec:7d:e1:4d:7c:b0:b4:69:0f:b4:7b:
ee:ff:9d:6f:1f:80:7f:91:8b:dd:3d:7c:9b:c2:37:24:64:49:
33:87:3c:2e:ce:19:6f:b1:d6:37:3f:c7:4e:dc:b8:e2:fb:0f:
a1:7a:7b:92:f0:71:16:46:f3:4b:ac:e2:0e:af:de:e6:3c:32:
4d:41:9e:b1:3a:9d:c7:cb:c2:2d:ae:4f:43:7a:61:fd:97:89:
7f:ba:de:72:4c:35:7e:85:c8:87:0f:df:d6:df:f2:24:de:bb:
90:01:c2:ea:e1:f0:9e:a3:e5:56:21:74:93:9e:10:8c:4e:09:
65:28:15:37:9f:70:85:3e:e9:bb:0e:71:c4:44:a1:cb:e6:15:
e4:d1:51:8e:fc:43:c0:72:57:82:4e:6f:cc:a2:56:61:6d:4b:
6d:38:a3:77:1a:7b:ef:99:51:2b:eb:5a:f4:d8:bb:b4:1e:2a:
9c:c5:ef:1b:2c:d5:86:b9:ab:ce:f4:6c:5c:df:ab:69:7f:6c:
5d:87:c1:0b:af:b2:f7:94:46:0b:a2:ba:f8:13:38:70:68:41:
af:a0:e8:5b:9e:17:d1:1b:48:aa:5c:c5:35:b3:65:98:80:5f:
cc:07:99:a1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQf+pVwNSJ4yykg71UZ1ADRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl
YTQ3NDMwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ4MzAxNWI2MTViN2M0NzU1NTIyN2NhM2FkNjc4NzQzNzBmYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xHBV9Qq3mvbxRxrnoliPvsOY/EL
h1cz1gPzL7QeCXj8Bp8/ziY7STl4RS0evYoqH6zqDp6YC7dpcekWcGxGPtcccfVt
8zUkitUTY73JTbz0CA33swuTgVsS5DvKCMEW4IfPz+/Osp3EblqkuF7WBeC4aEvo
YcLJo/Pz/T5BfKKjmOjV2jXTIAo6CO67bmVA/zF6f3tR1Ux/8ZQO27yCzwwVe1Ul
p0nN8yaDid29KKUDE9Ih+Ora1thVQ2x/DY4Q5IiqJNfx2SoLKBnOokfXw/IJsTMO
Lpa8UcLYgpPAvd7TWV8Yu/i6VA79WxF0mustb5PeSyNILvdBTawAP1fNDQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL3YMBW2FbfEdVUifKOtZ4dDcPxgMB8GA1UdIwQY
MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt
NjljNjI5ODQxNWY4LzEvdmRnd0ZiWVZ0OFIxVlNKOG82MW5oME53X0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4
LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCXHbYAwQA
ubwTAwQBwSAcAwQAwSueAwQA2T3xMBYEAgACMBADBwAgAQZ8KwQDBQMqCdfAMA0G
CSqGSIb3DQEBCwUAA4IBAQAaNgBY0HBIDEf9eyqMDtJ445L8BG3SvSZ27H3hTXyw
tGkPtHvu/51vH4B/kYvdPXybwjckZEkzhzwuzhlvsdY3P8dO3Lji+w+henuS8HEW
RvNLrOIOr97mPDJNQZ6xOp3Hy8Itrk9DemH9l4l/ut5yTDV+hciHD9/W3/Ik3ruQ
AcLq4fCeo+VWIXSTnhCMTgllKBU3n3CFPum7DnHERKHL5hXk0VGO/EPAcleCTm/M
olZhbUttOKN3GnvvmVEr61r02Lu0Hiqcxe8bLNWGuavO9Gxc36tpf2xdh8ELr7L3
lEYLorr4EzhwaEGvoOhbnhfRG0iqXMU1s2WYgF/MB5mh
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:54:29 2025 by rpki-client