Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/vmuvpxt5NWFRchGpjymjM-OTFyk.roa
File: vmuvpxt5NWFRchGpjymjM-OTFyk.roa (raw, json)
Hash identifier: xudIwgzuBx5c488Lg5NntvMmtHShvLXZUS8ATmxeVvo=
Subject key identifier: BE:6B:AF:A7:1B:79:35:61:51:72:11:A9:8F:29:A3:33:E3:93:17:29
Certificate issuer: /CN=37778681361b1fff87ce398402efa63869e5bfd1
Certificate serial: 019424B3DB440952DB4872D267A317033143
Authority key identifier: 37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/vmuvpxt5NWFRchGpjymjM-OTFyk.roa
Signing time: Thu 02 Jan 2025 01:49:14 +0000
ROA not before: Thu 02 Jan 2025 01:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203971
IP address blocks: 185.118.48.0/22 maxlen: 22
185.118.48.0/24 maxlen: 24
185.118.49.0/24 maxlen: 24
185.118.50.0/24 maxlen: 24
185.118.51.0/24 maxlen: 24
185.222.92.0/22 maxlen: 22
185.222.92.0/24 maxlen: 24
185.222.93.0/24 maxlen: 24
185.222.94.0/24 maxlen: 24
185.222.95.0/24 maxlen: 24
2a06:91c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:db:44:09:52:db:48:72:d2:67:a3:17:03:31:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37778681361b1fff87ce398402efa63869e5bfd1
Validity
Not Before: Jan 2 01:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be6bafa71b793561517211a98f29a333e3931729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e0:89:66:d7:04:e4:d8:85:4b:0d:96:f7:8c:
36:97:b8:58:29:e0:01:15:27:73:e1:a6:30:c5:1a:
a3:09:ba:94:f9:c2:fa:15:36:97:64:4e:a2:b7:a9:
32:2e:67:33:ee:cf:e8:5c:89:74:35:1d:aa:49:0e:
6b:ae:3b:43:71:f6:ea:2e:f3:ce:c1:62:97:52:70:
fc:3c:a1:23:df:34:e3:17:24:61:9d:e9:c6:6d:a9:
7e:b9:45:a1:d8:22:f7:f1:03:4b:8c:a4:77:59:e1:
e6:41:34:f5:24:4f:aa:df:e1:51:b8:a0:93:98:dc:
c7:68:91:01:9b:f8:7a:89:d7:7a:39:4f:20:f4:09:
29:d5:57:f9:04:c9:2a:f5:bc:ff:e2:a7:89:05:b0:
fc:cb:63:6b:1d:18:02:4d:68:71:fa:48:9c:16:05:
b4:4a:7a:8a:b1:12:ae:06:ec:6b:5f:5d:ce:74:bb:
a9:7e:82:27:a5:dc:4f:fe:cc:fb:d3:a7:aa:a6:82:
c6:6b:a2:ef:4c:0c:e0:2e:3e:da:0b:fe:dc:00:83:
78:0a:bf:83:72:d5:b5:56:11:e7:e8:c5:56:b1:6d:
11:5a:4f:6c:99:c0:bf:53:8b:c6:92:02:2a:f7:32:
b3:6e:c1:ec:f6:05:79:57:df:0d:13:c5:b4:4d:4d:
ee:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6B:AF:A7:1B:79:35:61:51:72:11:A9:8F:29:A3:33:E3:93:17:29
X509v3 Authority Key Identifier:
keyid:37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/vmuvpxt5NWFRchGpjymjM-OTFyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.48.0/22
185.222.92.0/22
IPv6:
2a06:91c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:bd:f8:cc:df:82:56:eb:98:53:41:8d:d8:f4:9f:15:1e:95:
64:e2:3a:e9:de:23:f1:58:c9:d1:ab:23:86:c7:72:11:a3:39:
48:35:d7:54:81:fb:c5:f4:64:d6:58:76:28:d6:13:a1:a1:7d:
bb:42:bc:b7:97:89:61:42:fe:80:1b:4e:4a:38:61:a0:3b:33:
fc:6b:df:41:f4:39:cc:72:8e:38:54:dd:ad:25:2f:b3:2c:bf:
77:c7:20:a1:97:41:2b:83:b8:50:c2:7a:00:2c:28:18:aa:6e:
12:74:28:0f:e0:d5:2e:5a:1c:1f:a2:d3:14:e4:2e:4d:9d:fe:
c1:8e:1a:fd:83:45:c0:ba:3d:0b:51:f5:f4:f1:f1:94:8b:5e:
dc:20:35:f8:7c:53:2f:34:32:8e:2a:5f:d3:4f:47:98:ca:ce:
96:92:2c:a7:4a:c1:f0:f2:93:13:5f:64:21:fe:5b:4c:6d:d4:
f8:9f:c5:2a:6c:9c:54:0f:7f:6c:91:74:28:6d:63:af:91:c0:
88:e3:54:01:4f:08:dc:8d:7d:94:4a:93:30:ad:25:03:c7:fb:
7e:45:84:bf:c2:3e:ec:c2:7d:15:00:8d:c2:03:90:b6:30:38:
d5:c8:ff:26:d4:ac:38:a1:2b:ef:8f:67:cb:71:b5:16:53:9f:
0b:d2:8e:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks9tECVLbSHLSZ6MXAzFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Nzc4NjgxMzYxYjFmZmY4N2NlMzk4NDAyZWZhNjM4Njll
NWJmZDEwHhcNMjUwMTAyMDE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZiYWZhNzFiNzkzNTYxNTE3MjExYTk4ZjI5YTMzM2UzOTMxNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+CJZtcE5NiFSw2W94w2l7hYKeAB
FSdz4aYwxRqjCbqU+cL6FTaXZE6it6kyLmcz7s/oXIl0NR2qSQ5rrjtDcfbqLvPO
wWKXUnD8PKEj3zTjFyRhnenGbal+uUWh2CL38QNLjKR3WeHmQTT1JE+q3+FRuKCT
mNzHaJEBm/h6idd6OU8g9Akp1Vf5BMkq9bz/4qeJBbD8y2NrHRgCTWhx+kicFgW0
SnqKsRKuBuxrX13OdLupfoInpdxP/sz706eqpoLGa6LvTAzgLj7aC/7cAIN4Cr+D
ctW1VhHn6MVWsW0RWk9smcC/U4vGkgIq9zKzbsHs9gV5V98NE8W0TU3uTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL5rr6cbeTVhUXIRqY8pozPjkxcpMB8GA1UdIwQY
MBaAFDd3hoE2Gx//h845hALvpjhp5b/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUt
ZTUzZjkwNGExZjU4LzEvdm11dnB4dDVOV0ZSY2hHcGp5bWpNLU9URnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUtZTUzZjkwNGExZjU4
LzEvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXYwAwQC
ud5cMA0EAgACMAcDBQMqBpHAMA0GCSqGSIb3DQEBCwUAA4IBAQBQvfjM34JW65hT
QY3Y9J8VHpVk4jrp3iPxWMnRqyOGx3IRozlINddUgfvF9GTWWHYo1hOhoX27Qry3
l4lhQv6AG05KOGGgOzP8a99B9DnMco44VN2tJS+zLL93xyChl0Erg7hQwnoALCgY
qm4SdCgP4NUuWhwfotMU5C5Nnf7Bjhr9g0XAuj0LUfX08fGUi17cIDX4fFMvNDKO
Kl/TT0eYys6WkiynSsHw8pMTX2Qh/ltMbdT4n8UqbJxUD39skXQobWOvkcCI41QB
TwjcjX2USpMwrSUDx/t+RYS/wj7swn0VAI3CA5C2MDjVyP8m1Kw4oSvvj2fLcbUW
U58L0o5j
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:33 2025 by rpki-client