Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/VYJkY_LcJvGlaBQ28SrEYuA3gMQ.roa
File: VYJkY_LcJvGlaBQ28SrEYuA3gMQ.roa (raw, json)
Hash identifier: YJGJiFl2LkN6SVK8gnDjcS154bQTifif20VbaixgvEk=
Subject key identifier: 55:82:64:63:F2:DC:26:F1:A5:68:14:36:F1:2A:C4:62:E0:37:80:C4
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747BC7E673D8C74A07A67F26E584806
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/VYJkY_LcJvGlaBQ28SrEYuA3gMQ.roa
Signing time: Thu 02 Jan 2025 13:50:00 +0000
ROA not before: Thu 02 Jan 2025 13:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16262
IP address blocks: 46.8.52.0/23 maxlen: 32
46.8.153.0/24 maxlen: 24
109.248.168.0/24 maxlen: 24
109.248.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:bc:7e:67:3d:8c:74:a0:7a:67:f2:6e:58:48:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55826463f2dc26f1a5681436f12ac462e03780c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c0:d7:66:d5:5c:58:a4:d8:8a:c5:14:ec:0b:
79:4c:2c:c4:28:7c:d8:7a:09:7b:05:49:2a:65:7e:
34:7d:1c:2f:76:0a:6b:e1:90:33:ae:8a:d9:76:aa:
12:51:aa:b3:ca:fc:21:32:91:d0:09:22:ea:ca:d5:
58:ce:87:78:9e:ee:0b:96:cf:17:6f:ce:c3:9d:92:
18:75:23:05:ef:97:58:2f:74:c0:5a:08:09:61:3b:
a0:49:75:c7:f9:55:d1:f7:9d:b4:da:56:14:15:43:
e4:7c:c5:57:10:ee:b0:ab:ce:9d:84:70:21:08:ce:
b8:95:c0:a6:ef:a5:c2:ab:78:af:3a:c4:28:7f:2f:
6c:fe:05:1a:74:5a:f2:3c:0d:fb:62:e2:f3:2b:c5:
d9:1e:43:b6:7d:69:84:36:1c:94:46:36:c6:e0:ed:
af:fd:48:2b:e1:90:bd:6c:bc:be:3a:87:a1:c9:c2:
41:29:7b:f9:05:bd:fb:33:b9:40:f8:39:39:7f:a0:
aa:f0:2b:f5:4f:9b:88:b4:a8:d6:f9:a2:d0:69:85:
d5:63:98:34:d9:76:98:e2:1e:9a:79:ba:84:7b:91:
79:39:3a:58:ba:47:94:30:8c:d4:ac:96:d2:ed:f1:
f8:e0:12:5d:f8:18:37:7b:b1:26:89:03:0e:a5:75:
21:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:82:64:63:F2:DC:26:F1:A5:68:14:36:F1:2A:C4:62:E0:37:80:C4
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/VYJkY_LcJvGlaBQ28SrEYuA3gMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.52.0/23
46.8.153.0/24
109.248.168.0/23
Signature Algorithm: sha256WithRSAEncryption
27:86:e2:ea:d9:5e:72:fd:a6:d5:b7:f1:97:2c:3d:67:e0:c6:
39:43:e8:63:e1:cd:65:b2:dc:41:e3:8a:8f:ed:0d:f3:cd:ce:
05:73:43:c1:cf:b1:23:d9:08:d0:12:7b:87:53:82:c6:d6:32:
04:24:0b:e0:27:16:9e:93:ae:a2:1d:29:4a:81:88:ce:32:69:
10:d0:65:4e:9b:d7:20:8d:0e:62:8c:9a:49:01:eb:e4:e8:ef:
8d:a4:d3:2c:1e:98:93:96:86:97:28:bf:87:a3:ed:2c:3a:8d:
4a:6d:c1:a7:3b:2c:2e:e5:af:7c:fb:db:ea:de:dd:54:f6:02:
a6:22:a9:d0:89:67:ec:84:c9:0d:20:0c:1d:c1:99:9d:a1:52:
59:4c:9b:0e:25:78:19:54:4d:d9:c0:37:b0:a1:c6:a1:42:80:
65:56:56:79:07:c8:07:11:1b:4e:d1:27:de:ed:3b:0e:4e:ee:
66:bb:b7:62:8f:93:70:56:d4:dc:af:40:69:fe:c1:ad:a9:c8:
cb:d6:41:c0:d6:9c:79:2e:cc:d0:bb:a1:1d:ce:92:30:07:80:
1c:1a:a4:85:8e:e4:b8:4f:e5:c0:da:a4:d4:61:be:19:c2:b1:
00:61:f3:16:d8:49:9f:06:81:e8:af:c4:0e:ff:58:9e:0d:62:
96:c0:4c:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR7x+Zz2MdKB6Z/JuWEgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgyNjQ2M2YyZGMyNmYxYTU2ODE0MzZmMTJhYzQ2MmUwMzc4MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsDXZtVcWKTYisUU7At5TCzEKHzY
egl7BUkqZX40fRwvdgpr4ZAzrorZdqoSUaqzyvwhMpHQCSLqytVYzod4nu4Lls8X
b87DnZIYdSMF75dYL3TAWggJYTugSXXH+VXR95202lYUFUPkfMVXEO6wq86dhHAh
CM64lcCm76XCq3ivOsQofy9s/gUadFryPA37YuLzK8XZHkO2fWmENhyURjbG4O2v
/Ugr4ZC9bLy+OoehycJBKXv5Bb37M7lA+Dk5f6Cq8Cv1T5uItKjW+aLQaYXVY5g0
2XaY4h6aebqEe5F5OTpYukeUMIzUrJbS7fH44BJd+Bg3e7EmiQMOpXUhfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFWCZGPy3CbxpWgUNvEqxGLgN4DEMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvVllKa1lfTGNKdkdsYUJRMjhTckVZdUEzZ01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLgg0AwQA
LgiZAwQBbfioMA0GCSqGSIb3DQEBCwUAA4IBAQAnhuLq2V5y/abVt/GXLD1n4MY5
Q+hj4c1lstxB44qP7Q3zzc4Fc0PBz7Ej2QjQEnuHU4LG1jIEJAvgJxaek66iHSlK
gYjOMmkQ0GVOm9cgjQ5ijJpJAevk6O+NpNMsHpiTloaXKL+Ho+0sOo1KbcGnOywu
5a98+9vq3t1U9gKmIqnQiWfshMkNIAwdwZmdoVJZTJsOJXgZVE3ZwDewocahQoBl
VlZ5B8gHERtO0Sfe7TsOTu5mu7dij5NwVtTcr0Bp/sGtqcjL1kHA1px5LszQu6Ed
zpIwB4AcGqSFjuS4T+XA2qTUYb4ZwrEAYfMW2EmfBoHor8QO/1ieDWKWwEy5
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:12:53 2025 by rpki-client