Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/VxIYrmkfaudMi3uvOgmfLEYS9i4.roa
File: VxIYrmkfaudMi3uvOgmfLEYS9i4.roa (raw, json)
Hash identifier: HVOJKOfT05YM4fO+NpvciBLZRFLtFXYsLyo0g2RCD3A=
Subject key identifier: 57:12:18:AE:69:1F:6A:E7:4C:8B:7B:AF:3A:09:9F:2C:46:12:F6:2E
Certificate issuer: /CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Certificate serial: 01942747E85184ABBC5BF536A59E3DD8CF6B
Authority key identifier: 12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/VxIYrmkfaudMi3uvOgmfLEYS9i4.roa
Signing time: Thu 02 Jan 2025 13:50:11 +0000
ROA not before: Thu 02 Jan 2025 13:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 128.176.0.0/16 maxlen: 16
185.151.152.0/22 maxlen: 22
2001:4cf0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/EoaPXjTu_vzmVcG7g4Mpn6VsXII.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/EoaPXjTu_vzmVcG7g4Mpn6VsXII.mft
rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e8:51:84:ab:bc:5b:f5:36:a5:9e:3d:d8:cf:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Validity
Not Before: Jan 2 13:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=571218ae691f6ae74c8b7baf3a099f2c4612f62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:4c:f2:c5:3d:40:e8:a3:09:35:a3:a2:df:
b4:03:fa:56:f3:f9:10:b0:e1:7b:43:76:cc:f9:cb:
01:9a:95:64:e0:2d:fc:72:eb:aa:fa:28:67:7d:a5:
69:ce:86:5f:d3:1c:c9:85:6e:b9:c9:65:d2:fb:bf:
db:df:ab:94:4a:64:a5:16:ac:ef:a6:24:16:a0:04:
ea:69:01:b7:37:29:4e:0e:f2:1d:b2:b8:97:75:7e:
1a:3d:ab:0d:3f:bc:47:93:5c:bc:5e:f9:e5:3b:cd:
13:b9:8a:d5:c7:37:6b:9b:c2:d7:82:b0:77:5d:15:
d7:22:bc:ee:de:f6:eb:3f:82:1d:ca:e6:da:36:fa:
83:30:9d:4a:94:31:f7:3d:16:91:4c:1a:93:e9:7d:
51:d9:fc:fe:8a:34:46:00:ba:58:08:b6:22:b5:66:
70:d8:4d:16:37:0e:58:98:59:36:b1:04:61:ee:07:
d8:fe:17:c8:44:8c:91:1e:d8:08:e4:f1:67:9c:48:
4e:5c:ba:32:a5:5a:ac:e0:39:b1:13:46:69:ad:18:
be:d2:d8:bb:af:7a:e5:1b:a0:57:f4:ab:43:1d:d9:
00:73:e3:f4:49:50:89:fd:93:14:4d:98:80:c2:9f:
78:57:2e:70:9c:c1:12:3b:32:13:ed:d0:74:62:19:
ff:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:12:18:AE:69:1F:6A:E7:4C:8B:7B:AF:3A:09:9F:2C:46:12:F6:2E
X509v3 Authority Key Identifier:
keyid:12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/VxIYrmkfaudMi3uvOgmfLEYS9i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/EoaPXjTu_vzmVcG7g4Mpn6VsXII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.176.0.0/16
185.151.152.0/22
IPv6:
2001:4cf0::/29
Signature Algorithm: sha256WithRSAEncryption
66:42:14:0e:fe:58:42:83:2e:b0:a7:07:b0:27:37:a7:ee:84:
99:ac:47:79:c8:54:25:ae:8f:1a:75:3f:cc:f4:59:41:77:44:
f7:41:c7:a0:1c:44:d4:76:c7:0a:27:9b:38:8d:7f:6c:b2:ee:
5a:55:2c:97:8e:5e:75:ed:1f:97:52:fe:4a:9c:63:f9:68:db:
a2:c1:d1:5a:ca:48:7b:8b:75:69:80:a8:74:e9:f6:5e:d7:4a:
94:84:76:80:c5:4b:1a:eb:e7:e8:94:f6:00:89:7f:36:eb:c0:
cc:e9:f3:3f:21:f4:74:73:5c:84:16:44:92:ee:23:da:91:2c:
c1:44:dd:fb:6a:7d:9b:58:5b:2b:49:32:cb:3f:a9:71:9a:11:
27:02:b3:7c:e8:05:4c:8f:04:09:95:6a:40:72:3a:15:70:fe:
55:d1:c2:79:63:1b:80:b8:38:1c:a3:a4:7b:a9:a6:8b:a1:59:
dd:22:1b:2e:84:91:9c:b6:3f:78:9d:a6:17:48:6e:05:b4:24:
b8:db:28:56:94:d9:61:de:c3:0c:50:bf:d7:db:db:88:9d:69:
0a:7a:bd:c5:90:3b:1c:c2:d1:6a:92:6f:97:f3:5e:e4:95:99:
4b:c0:ba:1f:db:86:a4:21:f6:3b:35:14:52:a1:d1:c5:b1:79:
4d:26:a9:7d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnR+hRhKu8W/U2pZ492M9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyODY4ZjVlMzRlZWZlZmNlNjU1YzFiYjgzODMyOTlmYTU2
YzVjODIwHhcNMjUwMTAyMTM1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzEyMThhZTY5MWY2YWU3NGM4YjdiYWYzYTA5OWYyYzQ2MTJmNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHRM8sU9QOijCTWjot+0A/pW8/kQ
sOF7Q3bM+csBmpVk4C38cuuq+ihnfaVpzoZf0xzJhW65yWXS+7/b36uUSmSlFqzv
piQWoATqaQG3NylODvIdsriXdX4aPasNP7xHk1y8XvnlO80TuYrVxzdrm8LXgrB3
XRXXIrzu3vbrP4IdyubaNvqDMJ1KlDH3PRaRTBqT6X1R2fz+ijRGALpYCLYitWZw
2E0WNw5YmFk2sQRh7gfY/hfIRIyRHtgI5PFnnEhOXLoypVqs4DmxE0ZprRi+0ti7
r3rlG6BX9KtDHdkAc+P0SVCJ/ZMUTZiAwp94Vy5wnMESOzIT7dB0Yhn/MwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFcSGK5pH2rnTIt7rzoJnyxGEvYuMB8GA1UdIwQY
MBaAFBKGj1407v785lXBu4ODKZ+lbFyCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW9hUFhqVHVfdnptVmNHN2c0TXBuNlZzWElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi80MzZhYTEtZjQ3YS00Y2Q1LTg3YTIt
MWYzNGVmYjViN2QxLzEvVnhJWXJta2ZhdWRNaTN1dk9nbWZMRVlTOWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi80MzZhYTEtZjQ3YS00Y2Q1LTg3YTItMWYzNGVmYjViN2Qx
LzEvRW9hUFhqVHVfdnptVmNHN2c0TXBuNlZzWElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAgLADBAK5
l5gwDQQCAAIwBwMFAyABTPAwDQYJKoZIhvcNAQELBQADggEBAGZCFA7+WEKDLrCn
B7AnN6fuhJmsR3nIVCWujxp1P8z0WUF3RPdBx6AcRNR2xwonmziNf2yy7lpVLJeO
XnXtH5dS/kqcY/lo26LB0VrKSHuLdWmAqHTp9l7XSpSEdoDFSxrr5+iU9gCJfzbr
wMzp8z8h9HRzXIQWRJLuI9qRLMFE3ftqfZtYWytJMss/qXGaEScCs3zoBUyPBAmV
akByOhVw/lXRwnljG4C4OByjpHuppouhWd0iGy6EkZy2P3idphdIbgW0JLjbKFaU
2WHewwxQv9fb24idaQp6vcWQOxzC0WqSb5fzXuSVmUvAuh/bhqQh9js1FFKh0cWx
eU0mqX0=
-----END CERTIFICATE-----
Generated at Sat Apr 12 14:54:15 2025 by rpki-client