Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Ss9eeiCVuWCNJmImGff-1n45lWA.roa
File: Ss9eeiCVuWCNJmImGff-1n45lWA.roa (raw, json)
Hash identifier: zlpeAvdqJBpxOyHRcrVmcRB4NLd3aJqqYyX9zP43hIU=
Subject key identifier: 4A:CF:5E:7A:20:95:B9:60:8D:26:62:26:19:F7:FE:D6:7E:39:95:60
Certificate issuer: /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial: 019426D9EFF3DBA542C8C63B853C5FC73A91
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Ss9eeiCVuWCNJmImGff-1n45lWA.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213023
IP address blocks: 185.189.180.0/24 maxlen: 24
2a0b:f380::/48 maxlen: 48
2a0b:f380:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ef:f3:db:a5:42:c8:c6:3b:85:3c:5f:c7:3a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4acf5e7a2095b9608d26622619f7fed67e399560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:a0:36:23:59:84:2d:1a:fd:20:ba:b4:6a:
6a:70:e7:46:db:73:8b:00:0d:c9:4c:ba:1c:9a:99:
8d:70:0d:d7:09:af:9e:be:11:89:9e:c7:e8:9c:b4:
b5:c6:1a:cf:04:e7:b2:73:1a:f2:68:68:59:89:ca:
0c:62:21:3e:1c:8e:d6:25:86:a2:0f:18:ad:85:3d:
5d:d0:e9:d1:f1:ea:a6:92:9c:7c:3d:c6:e0:77:a0:
18:09:03:63:3b:5d:f6:35:59:74:cc:29:e8:60:15:
72:03:66:e9:e4:b4:6b:3a:88:73:c6:61:4d:e5:ed:
65:fb:73:dc:ae:ef:0c:d5:7d:5c:0a:7a:a2:a4:00:
ec:fb:98:55:eb:70:6a:8b:62:17:a4:ad:b1:d5:f3:
b5:b7:d2:82:ca:4b:4e:a8:50:16:62:51:b8:d6:d2:
49:8d:84:c0:43:84:29:47:23:43:15:f9:9f:de:d5:
0e:d0:98:83:ec:a9:b3:79:79:84:97:48:c8:53:19:
18:c5:47:9c:2a:e6:dd:16:a0:d8:e0:9a:4c:e0:30:
61:76:30:5d:29:d4:6a:91:61:83:37:20:74:eb:a2:
c0:e4:77:39:d0:5c:66:66:97:2b:29:83:29:e8:f1:
67:2d:31:2b:29:ef:ea:01:4e:4f:6b:b8:09:7d:01:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CF:5E:7A:20:95:B9:60:8D:26:62:26:19:F7:FE:D6:7E:39:95:60
X509v3 Authority Key Identifier:
keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Ss9eeiCVuWCNJmImGff-1n45lWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.180.0/24
IPv6:
2a0b:f380::/48
2a0b:f380:a::/48
Signature Algorithm: sha256WithRSAEncryption
c9:21:31:a7:1e:52:52:43:cb:5f:88:06:00:50:fd:96:25:ab:
17:b3:6b:e4:1d:9a:d6:ac:ab:a5:5f:bc:54:66:35:31:b1:85:
b8:09:dc:fb:66:79:38:42:dc:98:ff:fa:83:37:32:18:67:1a:
33:76:2c:b1:29:72:a8:87:79:22:1e:1c:24:e0:6d:f6:48:89:
b1:3b:00:48:88:8b:0f:38:9b:67:a2:e6:57:9e:db:2f:34:c4:
ad:37:73:48:50:a0:94:ce:0d:9d:5b:ff:d8:bd:d0:fc:52:48:
6a:b0:03:e8:f1:1e:b4:66:de:39:b2:e8:41:68:cc:de:7e:ba:
e3:69:4e:49:cd:4d:c3:01:6e:6e:95:af:63:bf:1a:b5:d3:44:
84:47:33:56:79:95:cb:64:2c:02:01:2a:c9:0c:07:b8:9b:00:
af:99:9b:86:4f:0e:fb:44:3f:df:fa:18:9e:07:7e:58:5e:69:
83:06:2e:da:bd:e5:85:21:e2:11:91:8c:d7:8c:23:f4:7e:eb:
79:55:da:a7:95:83:06:97:da:97:45:1f:0c:41:c1:53:d8:4a:
78:88:a0:b5:60:cd:f9:f6:ba:0b:a0:24:fa:2f:05:e9:f1:20:
aa:d2:ef:f8:72:8a:23:4f:e9:18:02:4b:19:a6:f0:91:7e:8f:
62:e9:1a:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQm2e/z26VCyMY7hTxfxzqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNmNWU3YTIwOTViOTYwOGQyNjYyMjYxOWY3ZmVkNjdlMzk5NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJOgNiNZhC0a/SC6tGpqcOdG23OL
AA3JTLocmpmNcA3XCa+evhGJnsfonLS1xhrPBOeycxryaGhZicoMYiE+HI7WJYai
DxithT1d0OnR8eqmkpx8Pcbgd6AYCQNjO132NVl0zCnoYBVyA2bp5LRrOohzxmFN
5e1l+3Pcru8M1X1cCnqipADs+5hV63Bqi2IXpK2x1fO1t9KCyktOqFAWYlG41tJJ
jYTAQ4QpRyNDFfmf3tUO0JiD7KmzeXmEl0jIUxkYxUecKubdFqDY4JpM4DBhdjBd
KdRqkWGDNyB066LA5Hc50FxmZpcrKYMp6PFnLTErKe/qAU5Pa7gJfQFs+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFErPXnoglblgjSZiJhn3/tZ+OZVgMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvU3M5ZWVpQ1Z1V0NOSm1JbUdmZi0xbjQ1bFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAub20MBgE
AgACMBIDBwAqC/OAAAADBwAqC/OAAAowDQYJKoZIhvcNAQELBQADggEBAMkhMace
UlJDy1+IBgBQ/ZYlqxeza+Qdmtasq6VfvFRmNTGxhbgJ3PtmeThC3Jj/+oM3Mhhn
GjN2LLEpcqiHeSIeHCTgbfZIibE7AEiIiw84m2ei5lee2y80xK03c0hQoJTODZ1b
/9i90PxSSGqwA+jxHrRm3jmy6EFozN5+uuNpTknNTcMBbm6Vr2O/GrXTRIRHM1Z5
lctkLAIBKskMB7ibAK+Zm4ZPDvtEP9/6GJ4HflheaYMGLtq95YUh4hGRjNeMI/R+
63lV2qeVgwaX2pdFHwxBwVPYSniIoLVgzfn2ugugJPovBenxIKrS7/hyiiNP6RgC
Sxmm8JF+j2LpGvs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:29:24 2025 by rpki-client