Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VcFnaaIz0iLUQbUIMMO4ZmdUUrA.roa
File: VcFnaaIz0iLUQbUIMMO4ZmdUUrA.roa (raw, json)
Hash identifier: yOIb9TKmdk118W+nhzNDJHQSZ1ld3cQtUfFXjJdmMes=
Subject key identifier: 55:C1:67:69:A2:33:D2:22:D4:41:B5:08:30:C3:B8:66:67:54:52:B0
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 01954D3739D900CEEEC8BFD7899AB649EF3D
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VcFnaaIz0iLUQbUIMMO4ZmdUUrA.roa
Signing time: Fri 28 Feb 2025 15:40:19 +0000
ROA not before: Fri 28 Feb 2025 15:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 178.253.38.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:37:39:d9:00:ce:ee:c8:bf:d7:89:9a:b6:49:ef:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Feb 28 15:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55c16769a233d222d441b50830c3b866675452b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:94:58:2a:55:7a:bd:83:fd:ca:8f:33:1a:d6:
f7:1a:79:55:03:b2:09:00:c8:fb:90:f3:1f:16:ac:
21:0e:8b:70:f8:c5:1e:91:9d:38:a4:2b:11:36:79:
3e:ac:19:8d:3a:f0:32:91:e7:56:5d:3c:be:9c:d1:
d2:e8:c7:bc:fc:63:06:2a:97:bd:0f:f5:49:2a:1d:
da:83:01:51:f9:83:58:db:42:03:54:92:26:a2:65:
66:c0:a8:79:ea:e2:40:ae:77:59:88:5e:3d:ae:30:
a4:e4:bf:74:67:fe:ff:fe:24:85:d0:46:dd:4e:ac:
04:26:56:b1:39:c5:85:94:da:d1:e5:23:e6:90:ef:
fa:75:65:81:b5:4e:dd:8f:cf:97:d0:06:08:66:1e:
f5:f5:cf:63:b9:05:ef:08:bf:40:4e:28:05:7a:00:
cf:d3:87:e0:a6:96:d1:9f:e9:4d:01:5c:bf:43:79:
68:42:5e:d5:ce:79:5f:45:05:cf:b6:1c:a4:fa:e0:
d5:81:75:8a:78:c8:50:a8:da:b1:c0:f6:49:83:83:
3b:8b:df:ad:fe:ef:f8:36:c9:ed:07:45:fb:18:ae:
c7:cd:a0:63:ae:7f:2b:34:f2:58:82:9d:3a:1c:74:
9d:4f:f8:11:fe:6c:1d:1b:40:4d:c5:c3:6d:0d:f0:
6e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C1:67:69:A2:33:D2:22:D4:41:B5:08:30:C3:B8:66:67:54:52:B0
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VcFnaaIz0iLUQbUIMMO4ZmdUUrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.38.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:8d:a7:27:79:04:14:e2:26:4f:bf:9f:f0:2d:bd:14:d6:3d:
ed:50:c9:96:01:9f:9a:c5:ca:4b:da:db:16:91:fc:58:0a:f8:
eb:fd:75:48:0c:87:f0:bd:41:ca:05:bd:7b:48:d7:3f:42:ed:
37:19:85:e1:29:a6:65:19:60:ea:b9:59:b6:e0:3d:cd:2e:37:
6b:c8:ed:d2:b8:1c:8c:28:59:f9:00:d4:d8:c6:38:4d:05:4d:
18:68:e4:43:89:f6:7a:77:34:9c:8b:8b:de:60:e3:f8:de:4c:
c6:24:71:79:03:75:fb:f3:01:b3:8d:00:29:31:5c:18:59:8d:
83:ea:b2:3b:39:97:0b:17:80:ae:17:b8:02:26:88:c0:04:40:
cf:15:ba:e4:0a:3e:f1:35:5e:97:bf:10:9f:90:64:24:d7:ae:
ae:47:48:5b:c0:d7:19:1c:ca:b4:7a:cd:4f:f4:98:fb:85:a3:
c0:08:42:6c:c2:6d:ef:37:59:b4:90:01:55:c7:db:d9:c0:21:
8c:96:ec:f8:16:3f:0a:38:96:6c:9a:43:db:28:ea:d3:02:74:
6a:bd:b5:77:b4:e1:3a:be:65:36:f1:10:12:46:60:18:a1:a6:
a2:9f:26:99:b8:26:d0:e6:53:3c:d4:56:dc:73:d6:6a:da:43:
e9:ad:4b:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVNNznZAM7uyL/XiZq2Se89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUwMjI4MTU0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWMxNjc2OWEyMzNkMjIyZDQ0MWI1MDgzMGMzYjg2NjY3NTQ1MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZRYKlV6vYP9yo8zGtb3GnlVA7IJ
AMj7kPMfFqwhDotw+MUekZ04pCsRNnk+rBmNOvAykedWXTy+nNHS6Me8/GMGKpe9
D/VJKh3agwFR+YNY20IDVJImomVmwKh56uJArndZiF49rjCk5L90Z/7//iSF0Ebd
TqwEJlaxOcWFlNrR5SPmkO/6dWWBtU7dj8+X0AYIZh719c9juQXvCL9ATigFegDP
04fgppbRn+lNAVy/Q3loQl7VznlfRQXPthyk+uDVgXWKeMhQqNqxwPZJg4M7i9+t
/u/4NsntB0X7GK7HzaBjrn8rNPJYgp06HHSdT/gR/mwdG0BNxcNtDfBuPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXBZ2miM9Ii1EG1CDDDuGZnVFKwMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvVmNGbmFhSXowaUxVUWJVSU1NTzRabWRVVXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv0mMA0G
CSqGSIb3DQEBCwUAA4IBAQArjacneQQU4iZPv5/wLb0U1j3tUMmWAZ+axcpL2tsW
kfxYCvjr/XVIDIfwvUHKBb17SNc/Qu03GYXhKaZlGWDquVm24D3NLjdryO3SuByM
KFn5ANTYxjhNBU0YaORDifZ6dzSci4veYOP43kzGJHF5A3X78wGzjQApMVwYWY2D
6rI7OZcLF4CuF7gCJojABEDPFbrkCj7xNV6XvxCfkGQk166uR0hbwNcZHMq0es1P
9Jj7haPACEJswm3vN1m0kAFVx9vZwCGMluz4Fj8KOJZsmkPbKOrTAnRqvbV3tOE6
vmU28RASRmAYoaainyaZuCbQ5lM81Fbcc9Zq2kPprUuv
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:00:09 2025 by rpki-client