Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/VgSNs6ZOXCkQkr9fpRBVArb2ekk.roa
File: VgSNs6ZOXCkQkr9fpRBVArb2ekk.roa (raw, json)
Hash identifier: VfgYT2PHKpcDM5asjw8+E6B2sFoDiGWCDnrrAEt1mAU=
Subject key identifier: 56:04:8D:B3:A6:4E:5C:29:10:92:BF:5F:A5:10:55:02:B6:F6:7A:49
Certificate issuer: /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Certificate serial: 0196A2270D9C27915849B274ACC6ED07BDEA
Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/VgSNs6ZOXCkQkr9fpRBVArb2ekk.roa
Signing time: Mon 05 May 2025 20:33:10 +0000
ROA not before: Mon 05 May 2025 20:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215601
IP address blocks: 185.15.208.0/24 maxlen: 24
2a03:afc0:4::/48 maxlen: 48
2a03:afc0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.mft
rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a2:27:0d:9c:27:91:58:49:b2:74:ac:c6:ed:07:bd:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Validity
Not Before: May 5 20:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56048db3a64e5c291092bf5fa5105502b6f67a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:e8:db:76:0e:01:6d:f4:26:09:c2:21:61:
de:3e:00:9c:6e:6b:54:c3:ed:43:18:90:91:dc:a2:
bc:da:e4:c0:85:60:72:3e:f2:6e:c4:0c:52:4e:4e:
61:c6:b1:a2:9b:63:01:b8:f0:26:c1:6c:15:db:50:
76:30:45:32:69:d4:77:45:b1:bb:b6:73:53:e6:e0:
f0:6a:6d:68:a6:b3:65:d6:69:42:6b:e8:14:b9:56:
2d:97:44:3a:5a:b4:fb:ed:1c:56:17:29:bd:7a:27:
65:4b:31:75:0c:43:4f:11:09:bf:50:a1:8d:1c:f4:
89:fc:11:df:68:a0:37:fb:fc:d2:1a:6c:4a:24:21:
b2:8d:72:ec:68:f7:91:b3:d0:7e:b9:f6:b6:68:c0:
79:81:07:fc:17:68:b6:d2:bd:13:a0:1b:42:05:52:
15:17:90:62:02:d7:70:0a:28:5d:fb:03:f5:57:64:
a0:04:a9:b4:f7:b9:74:99:e3:81:0e:8f:36:fa:de:
7a:5f:1d:21:95:22:59:77:2a:37:5f:bf:f5:9a:da:
f0:21:a7:1d:de:07:73:36:cd:8e:75:19:32:ce:79:
2c:b7:84:6c:8b:cc:6d:aa:e0:47:06:11:e9:68:04:
f6:72:46:cf:0f:d1:34:0b:02:55:8f:2e:39:02:7b:
16:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:04:8D:B3:A6:4E:5C:29:10:92:BF:5F:A5:10:55:02:B6:F6:7A:49
X509v3 Authority Key Identifier:
keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/VgSNs6ZOXCkQkr9fpRBVArb2ekk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.208.0/24
IPv6:
2a03:afc0:4::/48
2a03:afc0:7::/48
Signature Algorithm: sha256WithRSAEncryption
94:55:db:99:6c:82:f9:d6:21:97:ca:ea:e5:82:31:26:0a:e8:
a8:36:bb:05:0c:2f:52:b2:c7:17:6a:6e:11:dd:e6:67:59:ba:
0f:f6:57:82:7f:dd:51:f6:d4:6f:43:0e:c2:45:fa:20:43:68:
40:8c:dc:82:f4:d8:23:c8:de:c7:d2:7c:16:38:fa:3b:33:4c:
92:df:c6:90:8b:41:6e:3b:f9:2f:24:37:e3:0c:35:83:fa:0a:
42:63:9c:f3:db:40:ba:0d:36:02:c5:a3:92:84:a3:29:db:a2:
26:00:e4:ec:92:3c:1c:2e:37:2f:78:c2:99:85:28:e9:d4:fe:
de:ec:97:78:34:59:9f:37:7e:fb:15:27:c4:91:54:55:0d:6f:
f1:88:68:c4:bb:78:91:26:a4:c3:d3:cb:84:66:d3:89:b2:35:
82:12:56:9c:90:bb:c9:3b:04:31:66:c0:59:ff:00:c8:79:09:
1c:45:a6:70:79:ed:4e:47:05:eb:de:23:de:47:e2:cd:6e:0a:
e0:25:63:a1:99:07:e8:cb:1e:d3:23:2a:45:57:3a:83:32:56:
db:c7:b5:05:0e:4e:82:1b:d7:26:de:0d:a4:dc:41:3c:0b:5f:
a5:9c:d0:10:ca:a7:5c:eb:83:5d:d9:8e:67:37:77:fa:d6:6d:
84:fd:4e:1e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZaiJw2cJ5FYSbJ0rMbtB73qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk
MGVlNGEwHhcNMjUwNTA1MjAzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA0OGRiM2E2NGU1YzI5MTA5MmJmNWZhNTEwNTUwMmI2ZjY3YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaPo23YOAW30JgnCIWHePgCcbmtU
w+1DGJCR3KK82uTAhWByPvJuxAxSTk5hxrGim2MBuPAmwWwV21B2MEUyadR3RbG7
tnNT5uDwam1oprNl1mlCa+gUuVYtl0Q6WrT77RxWFym9eidlSzF1DENPEQm/UKGN
HPSJ/BHfaKA3+/zSGmxKJCGyjXLsaPeRs9B+ufa2aMB5gQf8F2i20r0ToBtCBVIV
F5BiAtdwCihd+wP1V2SgBKm097l0meOBDo82+t56Xx0hlSJZdyo3X7/1mtrwIacd
3gdzNs2OdRkyznkst4Rsi8xtquBHBhHpaAT2ckbPD9E0CwJVjy45AnsW4QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFYEjbOmTlwpEJK/X6UQVQK29npJMB8GA1UdIwQY
MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt
Y2RjMzFkNWZiOGE0LzEvVmdTTnM2Wk9YQ2tRa3I5ZnBSQlZBcmIyZWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0
LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuQ/QMBgE
AgACMBIDBwAqA6/AAAQDBwAqA6/AAAcwDQYJKoZIhvcNAQELBQADggEBAJRV25ls
gvnWIZfK6uWCMSYK6Kg2uwUML1KyxxdqbhHd5mdZug/2V4J/3VH21G9DDsJF+iBD
aECM3IL02CPI3sfSfBY4+jszTJLfxpCLQW47+S8kN+MMNYP6CkJjnPPbQLoNNgLF
o5KEoynboiYA5OySPBwuNy94wpmFKOnU/t7sl3g0WZ83fvsVJ8SRVFUNb/GIaMS7
eJEmpMPTy4Rm04myNYISVpyQu8k7BDFmwFn/AMh5CRxFpnB57U5HBeveI95H4s1u
CuAlY6GZB+jLHtMjKkVXOoMyVtvHtQUOToIb1ybeDaTcQTwLX6Wc0BDKp1zrg13Z
jmc3d/rWbYT9Th4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:16:38 2025 by rpki-client