Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/VFGtTmctOrCjqkuRTfIPjlhNsbU.roa
File: VFGtTmctOrCjqkuRTfIPjlhNsbU.roa (raw, json)
Hash identifier: Kx2OzOjQfSX7IzHAKC1pKf9P1rkGaVbawrDwIeTytCo=
Subject key identifier: 54:51:AD:4E:67:2D:3A:B0:A3:AA:4B:91:4D:F2:0F:8E:58:4D:B1:B5
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 01942144160ADD6855C403D396675FBA94D0
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/VFGtTmctOrCjqkuRTfIPjlhNsbU.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15442
IP address blocks: 193.17.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:16:0a:dd:68:55:c4:03:d3:96:67:5f:ba:94:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5451ad4e672d3ab0a3aa4b914df20f8e584db1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f2:c0:77:c4:84:04:ee:c6:d6:cc:3b:fa:35:
df:95:25:fa:bd:70:52:93:7d:9f:01:e5:63:d5:5e:
c2:1a:f4:a3:e5:0c:3d:2a:51:8f:3e:83:73:7d:87:
43:00:4d:44:1a:a7:1e:e8:44:96:22:9a:bc:d3:01:
a4:9b:82:e9:eb:7f:0d:45:d7:f6:ff:62:ce:e7:4e:
3d:36:a2:e7:c5:b2:b4:85:08:77:0e:e2:2e:d4:90:
11:d1:05:eb:35:62:d1:be:40:fe:2f:2c:4e:ea:21:
97:dd:48:89:2c:35:0d:27:2c:40:62:5b:69:90:27:
98:fd:12:a2:54:ff:31:6e:48:a9:62:5d:77:6a:c7:
e9:af:98:87:6e:96:44:32:86:82:4d:34:8f:e1:1d:
a2:07:c2:6c:27:78:a4:33:e1:4e:ae:65:d8:00:6c:
f2:e9:4c:00:c9:93:1f:25:cf:8a:00:37:52:36:24:
58:ea:70:2d:8a:77:2c:3f:a5:37:4a:a4:2d:16:dc:
33:00:a4:63:19:09:f1:06:b5:3f:c6:2e:61:85:ba:
c8:a9:a7:56:02:7b:95:bc:a2:6d:57:5c:9e:07:9e:
03:66:1b:be:f7:7e:c2:25:67:a2:e5:4c:8a:70:04:
0c:68:db:af:be:28:d8:cb:5e:49:5c:48:10:37:5d:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:51:AD:4E:67:2D:3A:B0:A3:AA:4B:91:4D:F2:0F:8E:58:4D:B1:B5
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/VFGtTmctOrCjqkuRTfIPjlhNsbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/21
Signature Algorithm: sha256WithRSAEncryption
d7:96:56:17:5d:b0:08:86:be:b3:65:2b:dc:8a:95:f3:53:4a:
81:69:e2:65:ce:3f:d6:30:23:32:e8:87:2a:6e:7f:ff:89:88:
37:1f:0b:57:d9:d0:a9:ff:0d:0d:ab:cd:02:e1:c2:da:96:fc:
47:8e:94:7c:a1:4c:53:e2:ee:be:20:7d:98:13:23:b4:3d:4c:
12:ec:37:6a:99:89:fa:d2:cd:08:2c:8b:84:3a:c6:35:d5:11:
1c:c5:b9:bb:26:ee:d2:94:d5:a3:dd:85:e2:62:e1:3c:45:63:
f2:fc:dd:8b:fc:85:eb:3e:01:53:23:04:26:5a:ac:ea:36:ac:
09:c6:47:e2:67:cc:a1:83:ea:ce:17:0e:48:5b:d8:db:7c:ac:
63:fe:86:02:42:e2:a6:85:b6:65:bc:15:c4:9c:96:c1:87:07:
3a:c5:cd:36:0c:f9:d4:cb:69:b2:59:54:a7:cc:0d:0a:c3:d9:
a6:7e:41:ce:96:0d:53:2d:c7:2c:ee:f3:71:ee:32:61:f6:d3:
38:c3:c7:98:d4:09:87:bc:98:bc:ad:c1:e3:94:f7:5a:c7:e0:
65:17:e6:22:a1:10:d2:89:f5:c9:a1:73:b3:6c:a7:7b:26:f3:
e8:e2:3e:8f:87:c3:71:62:36:99:72:25:77:6f:c1:b4:16:9f:
b6:6a:ac:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBYK3WhVxAPTlmdfupTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDUxYWQ0ZTY3MmQzYWIwYTNhYTRiOTE0ZGYyMGY4ZTU4NGRiMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfLAd8SEBO7G1sw7+jXflSX6vXBS
k32fAeVj1V7CGvSj5Qw9KlGPPoNzfYdDAE1EGqce6ESWIpq80wGkm4Lp638NRdf2
/2LO5049NqLnxbK0hQh3DuIu1JAR0QXrNWLRvkD+LyxO6iGX3UiJLDUNJyxAYltp
kCeY/RKiVP8xbkipYl13asfpr5iHbpZEMoaCTTSP4R2iB8JsJ3ikM+FOrmXYAGzy
6UwAyZMfJc+KADdSNiRY6nAtincsP6U3SqQtFtwzAKRjGQnxBrU/xi5hhbrIqadW
AnuVvKJtV1yeB54DZhu+937CJWei5UyKcAQMaNuvvijYy15JXEgQN13KNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRRrU5nLTqwo6pLkU3yD45YTbG1MB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvVkZHdFRtY3RPckNqcWt1UlRmSVBqbGhOc2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQDXllYXXbAIhr6zZSvcipXzU0qBaeJlzj/WMCMy6Icq
bn//iYg3HwtX2dCp/w0Nq80C4cLalvxHjpR8oUxT4u6+IH2YEyO0PUwS7DdqmYn6
0s0ILIuEOsY11REcxbm7Ju7SlNWj3YXiYuE8RWPy/N2L/IXrPgFTIwQmWqzqNqwJ
xkfiZ8yhg+rOFw5IW9jbfKxj/oYCQuKmhbZlvBXEnJbBhwc6xc02DPnUy2myWVSn
zA0Kw9mmfkHOlg1TLccs7vNx7jJh9tM4w8eY1AmHvJi8rcHjlPdax+BlF+YioRDS
ifXJoXOzbKd7JvPo4j6Ph8NxYjaZciV3b8G0Fp+2aqws
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:25 2025 by rpki-client