Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VhmcKm5bfGv1xn98JzFY11q560Y.roa
File: VhmcKm5bfGv1xn98JzFY11q560Y.roa (raw, json)
Hash identifier: uUMk927+QIgWqgpk/gXdunCpza+bEwbn+FCYaSVpw8w=
Subject key identifier: 56:19:9C:2A:6E:5B:7C:6B:F5:C6:7F:7C:27:31:58:D7:5A:B9:EB:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521F070E218537902ED04EA72283AA6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VhmcKm5bfGv1xn98JzFY11q560Y.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197071
IP address blocks: 2a0e:97c0:3e2::/48 maxlen: 48
2a0e:97c0:3e4::/48 maxlen: 48
2a10:cc40:230::/48 maxlen: 48
2a10:cc40:231::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f0:70:e2:18:53:79:02:ed:04:ea:72:28:3a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56199c2a6e5b7c6bf5c67f7c273158d75ab9eb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:f8:69:0c:4f:f6:f7:b6:02:da:38:87:52:
15:0c:2e:9f:f2:21:d0:92:83:5c:ca:8c:fc:00:da:
6a:17:af:95:dd:fe:8f:17:51:8c:d4:e8:51:59:70:
fb:63:54:b4:e6:9c:12:c1:06:e5:54:65:c4:48:5a:
ba:b4:18:6c:94:1e:66:58:de:1e:7d:b2:82:44:7c:
8e:7e:0c:6e:c5:c8:b6:9c:8c:c1:82:83:14:4b:40:
2e:0e:5c:b1:39:32:15:7d:41:c4:e3:f9:a6:de:6e:
12:8c:b9:23:61:c5:b1:2a:8c:6a:45:29:a2:c6:70:
20:9b:7d:78:c6:aa:8f:83:06:d5:15:15:0d:c9:d8:
ab:3e:7e:e3:28:b9:9c:05:04:ad:64:43:33:7d:00:
95:76:d3:a9:9f:dd:2b:f1:cf:5b:23:9d:c6:c9:0c:
c0:57:60:1e:f5:40:44:0d:5d:63:72:75:4e:3c:92:
f5:3e:ab:5b:5c:39:d6:d2:f3:18:ed:9b:2a:bb:f0:
5f:f2:5a:2b:af:96:98:08:ad:33:bb:c9:7e:ec:a7:
77:47:3b:ec:88:05:ad:4a:87:87:79:8f:c1:5b:4b:
30:76:eb:c2:7f:ae:d0:24:04:70:5e:b1:4b:0c:91:
ec:d5:0b:d2:61:67:3e:a8:c8:7d:3e:ea:ea:19:3f:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:19:9C:2A:6E:5B:7C:6B:F5:C6:7F:7C:27:31:58:D7:5A:B9:EB:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VhmcKm5bfGv1xn98JzFY11q560Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3e2::/48
2a0e:97c0:3e4::/48
2a10:cc40:230::/47
Signature Algorithm: sha256WithRSAEncryption
a2:3a:37:84:40:f1:cb:4b:2f:c9:86:2d:26:ed:25:95:24:cb:
36:78:e4:24:ff:a9:5d:ba:98:9b:e0:f3:75:bc:2e:63:68:ef:
50:0f:49:4a:cb:93:14:a2:7f:de:93:32:9a:06:5f:82:e8:c7:
1a:8e:0f:a3:f3:62:2f:8a:69:13:63:41:6a:d1:14:ba:64:1d:
0f:e6:9e:44:57:2c:40:b7:c2:b1:99:d6:a7:ff:08:5c:8d:d0:
16:60:44:41:d1:4d:3a:78:93:c6:b8:1b:f3:7e:73:9e:31:40:
ad:b2:a7:c1:65:9d:b1:fb:9a:f9:b1:0d:6a:b3:5e:8c:03:eb:
b2:56:3a:69:c1:29:df:7d:6b:91:cb:36:c6:95:1c:45:43:bf:
6a:6d:0a:29:99:3c:83:15:c0:bc:ed:3d:2c:cb:28:e0:ba:7f:
52:18:bc:a6:a1:8f:4f:ea:4e:41:6c:ce:d3:f3:04:aa:a9:86:
ea:ff:7d:f0:d4:84:d9:76:bf:41:1a:96:d6:bb:e8:4e:6c:17:
c6:d6:0a:11:03:45:2e:1d:43:a2:fb:92:5a:58:e9:ee:d3:52:
1b:f5:21:45:6e:84:87:13:e3:40:c5:02:99:e3:66:ee:05:ae:
c3:fa:25:a6:69:80:e7:14:13:92:54:86:c6:70:14:69:ab:69:
e9:b7:00:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIfBw4hhTeQLtBOpyKDqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE5OWMyYTZlNWI3YzZiZjVjNjdmN2MyNzMxNThkNzVhYjllYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN/4aQxP9ve2Ato4h1IVDC6f8iHQ
koNcyoz8ANpqF6+V3f6PF1GM1OhRWXD7Y1S05pwSwQblVGXESFq6tBhslB5mWN4e
fbKCRHyOfgxuxci2nIzBgoMUS0AuDlyxOTIVfUHE4/mm3m4SjLkjYcWxKoxqRSmi
xnAgm314xqqPgwbVFRUNydirPn7jKLmcBQStZEMzfQCVdtOpn90r8c9bI53GyQzA
V2Ae9UBEDV1jcnVOPJL1PqtbXDnW0vMY7Zsqu/Bf8lorr5aYCK0zu8l+7Kd3Rzvs
iAWtSoeHeY/BW0swduvCf67QJARwXrFLDJHs1QvSYWc+qMh9PurqGT80EwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFYZnCpuW3xr9cZ/fCcxWNdauetGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVmhtY0ttNWJmR3YxeG45OEp6RlkxMXE1NjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAPi
AwcAKg6XwAPkAwcBKhDMQAIwMA0GCSqGSIb3DQEBCwUAA4IBAQCiOjeEQPHLSy/J
hi0m7SWVJMs2eOQk/6ldupib4PN1vC5jaO9QD0lKy5MUon/ekzKaBl+C6Mcajg+j
82IvimkTY0Fq0RS6ZB0P5p5EVyxAt8Kxmdan/whcjdAWYERB0U06eJPGuBvzfnOe
MUCtsqfBZZ2x+5r5sQ1qs16MA+uyVjppwSnffWuRyzbGlRxFQ79qbQopmTyDFcC8
7T0syyjgun9SGLymoY9P6k5BbM7T8wSqqYbq/33w1ITZdr9BGpbWu+hObBfG1goR
A0UuHUOi+5JaWOnu01Ib9SFFboSHE+NAxQKZ42buBa7D+iWmaYDnFBOSVIbGcBRp
q2nptwBy
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:49:55 2025 by rpki-client