Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/m-VIT0LjtD9EzoMprh8uOjUFAXU.roa
File: m-VIT0LjtD9EzoMprh8uOjUFAXU.roa (raw, json)
Hash identifier: uPdvifi2Mse38dnV2nTzHEKQ8cRZMoEcUuAqy+pbA4Y=
Subject key identifier: 9B:E5:48:4F:42:E3:B4:3F:44:CE:83:29:AE:1F:2E:3A:35:05:01:75
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F834802728489B07AA380BB787710
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/m-VIT0LjtD9EzoMprh8uOjUFAXU.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24658
IP address blocks: 81.19.128.0/20 maxlen: 32
2a10:ad80::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:83:48:02:72:84:89:b0:7a:a3:80:bb:78:77:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9be5484f42e3b43f44ce8329ae1f2e3a35050175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:85:eb:af:cd:30:51:0b:0f:a2:6b:9c:f1:
56:e6:1f:19:54:a9:1a:22:0a:2b:ba:c9:a8:f1:60:
db:2b:6c:8c:0b:cf:1b:30:2d:55:0d:da:a1:c1:3e:
4b:74:79:0b:a0:07:d5:95:a0:37:84:34:25:52:a7:
20:e3:61:70:a9:bf:81:83:6a:67:48:50:6e:d8:c2:
cb:e8:3e:02:ff:aa:b7:b6:d2:f0:f5:b6:e6:e8:7b:
5b:36:4c:65:b7:c6:8d:c5:b5:e6:75:c9:b7:e3:8f:
09:6b:05:72:63:07:cf:ef:20:0a:1d:99:da:a7:36:
6e:9e:96:81:93:1b:04:af:f1:79:d3:11:d0:ee:b9:
33:eb:b3:86:1f:e9:0f:dc:01:c7:5a:b8:a0:3b:13:
96:8d:7e:0a:54:75:38:24:5e:68:38:11:64:9e:f8:
12:89:da:7a:1c:67:02:85:08:32:4f:f2:d4:31:26:
16:b9:2b:15:a8:0e:0e:4f:96:01:0b:dc:62:5c:65:
86:3f:a4:6c:d7:c7:a5:1f:64:6b:da:c5:00:ab:c4:
9a:1d:ba:60:e0:b2:57:46:51:b2:dd:c8:fa:77:50:
b7:08:85:4b:54:e1:a7:5d:b3:e7:47:a6:93:6a:43:
80:93:a7:b4:0c:99:03:81:c5:d3:eb:01:4f:ff:ba:
70:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E5:48:4F:42:E3:B4:3F:44:CE:83:29:AE:1F:2E:3A:35:05:01:75
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/m-VIT0LjtD9EzoMprh8uOjUFAXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.128.0/20
IPv6:
2a10:ad80::/48
Signature Algorithm: sha256WithRSAEncryption
25:fa:03:88:60:5f:3c:70:a6:59:11:2f:16:44:b2:88:c6:09:
03:19:58:cb:a9:0d:29:0a:0f:d8:6c:a0:5c:4a:87:f5:97:47:
a0:87:82:88:3c:b4:6a:0d:21:1f:12:8b:06:56:96:cc:03:8a:
55:05:e5:83:fd:01:f8:d7:f7:6a:f6:9c:7a:11:4e:8d:69:29:
21:89:e0:72:9e:e8:a8:db:d7:3d:01:1c:ce:53:83:f7:bb:28:
54:30:19:a7:f6:33:1d:39:fe:65:7d:cb:bb:6e:b6:64:af:cc:
ee:e5:da:df:e4:af:97:c5:76:00:b9:a7:a3:e3:03:9f:b4:be:
5e:ec:b1:84:5b:fa:23:f4:c9:a6:0b:38:53:fa:be:28:1f:97:
2e:33:53:1c:b4:cc:76:a7:15:7d:0d:02:c9:16:0b:7d:9a:d6:
7f:49:39:f7:02:88:f7:30:18:38:42:27:04:4a:fb:9e:d7:e0:
ad:fe:99:19:36:11:56:e1:bb:49:6d:5a:bc:27:be:35:c8:d3:
4c:d0:d7:30:fa:1e:c5:49:26:e4:bb:33:67:6c:88:d0:8c:e1:
ed:1e:4f:37:67:41:f9:a3:22:76:d8:2b:c0:33:75:14:58:aa:
2a:8a:33:41:30:ce:ba:15:98:a8:bf:1a:82:b6:bc:e5:96:3f:
31:c4:04:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH4NIAnKEibB6o4C7eHcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmU1NDg0ZjQyZTNiNDNmNDRjZTgzMjlhZTFmMmUzYTM1MDUwMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE6F66/NMFELD6JrnPFW5h8ZVKka
Igorusmo8WDbK2yMC88bMC1VDdqhwT5LdHkLoAfVlaA3hDQlUqcg42Fwqb+Bg2pn
SFBu2MLL6D4C/6q3ttLw9bbm6HtbNkxlt8aNxbXmdcm3448JawVyYwfP7yAKHZna
pzZunpaBkxsEr/F50xHQ7rkz67OGH+kP3AHHWrigOxOWjX4KVHU4JF5oOBFknvgS
idp6HGcChQgyT/LUMSYWuSsVqA4OT5YBC9xiXGWGP6Rs18elH2Rr2sUAq8SaHbpg
4LJXRlGy3cj6d1C3CIVLVOGnXbPnR6aTakOAk6e0DJkDgcXT6wFP/7pw4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJvlSE9C47Q/RM6DKa4fLjo1BQF1MB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvbS1WSVQwTGp0RDlFem9NcHJoOHVPalVGQVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEUROAMA8E
AgACMAkDBwAqEK2AAAAwDQYJKoZIhvcNAQELBQADggEBACX6A4hgXzxwplkRLxZE
sojGCQMZWMupDSkKD9hsoFxKh/WXR6CHgog8tGoNIR8SiwZWlswDilUF5YP9AfjX
92r2nHoRTo1pKSGJ4HKe6Kjb1z0BHM5Tg/e7KFQwGaf2Mx05/mV9y7tutmSvzO7l
2t/kr5fFdgC5p6PjA5+0vl7ssYRb+iP0yaYLOFP6vigfly4zUxy0zHanFX0NAskW
C32a1n9JOfcCiPcwGDhCJwRK+57X4K3+mRk2EVbhu0ltWrwnvjXI00zQ1zD6HsVJ
JuS7M2dsiNCM4e0eTzdnQfmjInbYK8AzdRRYqiqKM0EwzroVmKi/GoK2vOWWPzHE
BHA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:17:24 2025 by rpki-client