Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/VwXHoptHeR9mWbeRFzNgE273Y_Y.roa
File: VwXHoptHeR9mWbeRFzNgE273Y_Y.roa (raw, json)
Hash identifier: O7PmmfQJftPOiteORNgrKpX/pUfGsXyieeu22jdpW5U=
Subject key identifier: 57:05:C7:A2:9B:47:79:1F:66:59:B7:91:17:33:60:13:6E:F7:63:F6
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 0194266A325C332F9867D0FD0ABED2894882
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/VwXHoptHeR9mWbeRFzNgE273Y_Y.roa
Signing time: Thu 02 Jan 2025 09:48:01 +0000
ROA not before: Thu 02 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 195.189.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 03:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:32:5c:33:2f:98:67:d0:fd:0a:be:d2:89:48:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Jan 2 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5705c7a29b47791f6659b791173360136ef763f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:02:3e:d0:d7:cb:4a:05:13:69:80:cb:11:
93:d2:24:ed:0e:29:9e:3e:d9:bd:d4:28:4a:09:40:
79:b1:d2:78:50:0f:95:b4:ea:c2:af:59:0d:33:d3:
67:4e:8f:4f:e6:f8:15:24:75:b5:c0:fc:65:19:fb:
63:f6:29:4c:bd:7a:6b:57:97:18:80:a5:54:26:8f:
a2:50:50:b3:78:85:18:63:b8:c4:80:20:fb:df:1e:
8e:f3:40:08:5f:85:1d:a9:a3:2c:ea:8d:93:aa:d8:
b1:7c:57:a3:43:2c:4c:71:b3:b7:3f:0d:49:7d:44:
82:39:14:96:07:00:de:ca:27:1b:30:ef:79:e3:7a:
46:4c:39:22:a0:f0:b6:be:f9:2f:ba:42:72:58:29:
bb:94:9e:ad:05:b9:62:d4:0b:e6:29:fd:c1:a4:7f:
a8:81:26:96:6b:9c:f1:60:00:a3:8c:e2:bc:48:55:
19:8a:4d:0f:7c:d5:6a:1a:79:be:2f:18:65:c8:84:
07:c2:f8:1f:6a:4a:5b:06:b9:99:d4:db:39:90:01:
77:9a:5d:7b:e4:ef:6c:3d:05:b1:5d:da:6a:ee:db:
42:77:97:c9:c4:0d:eb:7e:b0:5a:5a:f0:47:95:2c:
98:33:c0:13:7d:40:3f:82:c2:49:10:8d:1c:a4:6b:
f1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:05:C7:A2:9B:47:79:1F:66:59:B7:91:17:33:60:13:6E:F7:63:F6
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/VwXHoptHeR9mWbeRFzNgE273Y_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.252.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:3f:15:c3:ba:0e:ee:c8:4b:80:ef:21:67:ea:55:a2:6f:59:
65:c7:3a:6b:49:7f:ea:8f:2b:e7:04:ef:2d:cc:33:22:11:8e:
7b:0a:83:6f:29:aa:2a:49:a0:a8:27:bd:f3:80:ef:f2:9d:70:
68:38:ed:05:53:e1:e8:c2:73:1d:d3:7b:27:8c:2b:8a:bc:20:
4d:78:1a:91:1c:38:0a:df:a7:cf:a9:05:4d:de:e7:7d:0c:90:
4e:16:cd:b5:7a:83:6f:89:5b:4a:56:47:f8:03:76:2c:6a:0f:
8d:43:1a:16:80:6c:ff:a2:66:84:43:bb:71:1f:49:dc:89:38:
a4:8f:8b:39:11:60:cd:e7:86:34:a7:13:6b:59:35:d7:9d:f4:
55:4a:46:29:da:0b:ca:ed:2b:a9:0e:86:3c:03:79:3e:62:b3:
d6:b9:b2:9c:2b:b8:93:ff:d7:44:3a:22:7d:29:88:f8:4e:cf:
b8:c6:6e:07:46:5f:2e:27:9d:2c:a2:87:fd:d7:6c:33:5c:bf:
b0:76:bb:72:08:41:6c:37:44:8f:d7:91:be:cb:61:ac:b2:9b:
b1:f5:e7:5d:0d:ae:5d:62:a5:56:22:fe:8c:cf:0d:fc:c1:0b:
c2:bb:1c:1f:04:a7:24:e3:38:71:7e:fe:42:3d:a4:e2:1d:e9:
6f:88:06:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmajJcMy+YZ9D9Cr7SiUiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjUwMTAyMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA1YzdhMjliNDc3OTFmNjY1OWI3OTExNzMzNjAxMzZlZjc2M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsYCPtDXy0oFE2mAyxGT0iTtDime
Ptm91ChKCUB5sdJ4UA+VtOrCr1kNM9NnTo9P5vgVJHW1wPxlGftj9ilMvXprV5cY
gKVUJo+iUFCzeIUYY7jEgCD73x6O80AIX4UdqaMs6o2TqtixfFejQyxMcbO3Pw1J
fUSCORSWBwDeyicbMO9543pGTDkioPC2vvkvukJyWCm7lJ6tBbli1AvmKf3BpH+o
gSaWa5zxYACjjOK8SFUZik0PfNVqGnm+LxhlyIQHwvgfakpbBrmZ1Ns5kAF3ml17
5O9sPQWxXdpq7ttCd5fJxA3rfrBaWvBHlSyYM8ATfUA/gsJJEI0cpGvxnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFcFx6KbR3kfZlm3kRczYBNu92P2MB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvVndYSG9wdEhlUjltV2JlUkZ6TmdFMjczWV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw738MA0G
CSqGSIb3DQEBCwUAA4IBAQA7PxXDug7uyEuA7yFn6lWib1llxzprSX/qjyvnBO8t
zDMiEY57CoNvKaoqSaCoJ73zgO/ynXBoOO0FU+HownMd03snjCuKvCBNeBqRHDgK
36fPqQVN3ud9DJBOFs21eoNviVtKVkf4A3Ysag+NQxoWgGz/omaEQ7txH0nciTik
j4s5EWDN54Y0pxNrWTXXnfRVSkYp2gvK7SupDoY8A3k+YrPWubKcK7iT/9dEOiJ9
KYj4Ts+4xm4HRl8uJ50soof912wzXL+wdrtyCEFsN0SP15G+y2Gsspux9eddDa5d
YqVWIv6Mzw38wQvCuxwfBKck4zhxfv5CPaTiHelviAY2
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:47:11 2025 by rpki-client