Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vKIZs30r1pj9Wpo9vLTZuPScm8k.roa
File: vKIZs30r1pj9Wpo9vLTZuPScm8k.roa (raw, json)
Hash identifier: zkaNSKrQk9qvyhrM7kQr3nomNA3UzXxzvPMgeEH2u6c=
Subject key identifier: BC:A2:19:B3:7D:2B:D6:98:FD:5A:9A:3D:BC:B4:D9:B8:F4:9C:9B:C9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC79E6E1874165C18C140F8A2A73AE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vKIZs30r1pj9Wpo9vLTZuPScm8k.roa
Signing time: Thu 02 Jan 2025 07:48:10 +0000
ROA not before: Thu 02 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62048
IP address blocks: 45.86.87.0/24 maxlen: 24
91.246.49.0/24 maxlen: 24
188.253.1.0/24 maxlen: 24
188.253.2.0/24 maxlen: 24
188.253.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:79:e6:e1:87:41:65:c1:8c:14:0f:8a:2a:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca219b37d2bd698fd5a9a3dbcb4d9b8f49c9bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ea:dd:15:23:96:d3:3d:ba:e4:02:03:85:25:
35:65:54:6e:70:ba:d4:da:8e:b0:8c:a5:73:26:f2:
6e:22:0b:f7:84:c8:dc:85:75:7a:42:c7:19:cf:4e:
dd:21:e8:b4:03:13:33:c8:1f:1a:73:c3:22:60:ca:
06:6f:bb:60:58:10:89:ab:de:2a:ef:8b:72:5f:19:
70:ca:bd:92:91:81:7c:99:25:d8:24:fa:5d:a9:1d:
19:50:12:15:35:d4:98:b6:72:84:99:3b:c9:10:98:
21:08:18:60:7e:4a:69:73:7f:79:42:01:58:0a:69:
4c:ac:ab:3d:49:dc:15:86:0e:7c:2c:0d:f0:99:7b:
28:80:ff:14:52:c7:cc:50:33:46:26:c5:a5:b6:da:
30:c7:34:d4:ca:2a:47:67:4e:cc:fd:ab:23:65:d6:
0c:85:92:66:dd:68:68:4d:cb:99:d9:3d:cd:6c:b3:
b1:21:dc:0c:d7:07:52:f5:e8:c4:82:35:86:a5:dd:
d5:88:f0:08:77:5f:3a:01:9e:bf:05:32:16:01:2f:
dd:2b:5e:15:98:7d:66:b6:75:7f:e0:02:cc:a6:d2:
18:2a:2e:82:4d:95:97:b5:c0:54:bd:47:c2:20:63:
3a:3f:ec:83:b2:ac:5a:ff:86:ba:60:4b:ad:08:7f:
c9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A2:19:B3:7D:2B:D6:98:FD:5A:9A:3D:BC:B4:D9:B8:F4:9C:9B:C9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vKIZs30r1pj9Wpo9vLTZuPScm8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.87.0/24
91.246.49.0/24
188.253.1.0-188.253.3.255
Signature Algorithm: sha256WithRSAEncryption
d4:d9:50:24:9f:c5:f5:49:8e:98:cf:b7:df:7a:60:6d:7f:34:
46:93:4c:95:79:76:35:e2:5c:8f:89:66:e2:b9:37:cc:99:56:
37:f3:db:4e:01:f7:aa:34:ff:0b:85:5a:16:ff:b2:b6:52:58:
28:26:f3:ba:a3:bf:53:5b:07:2d:e3:5c:69:5c:c1:14:0b:a4:
59:48:5b:84:f3:ae:82:06:49:59:d1:34:7c:94:d1:89:14:d0:
3c:5f:19:a7:d7:0b:e5:0f:1e:d4:bc:b9:52:90:7f:ac:5f:6a:
91:f7:1d:03:8d:22:93:c1:34:d6:92:09:57:33:16:c6:3e:74:
f9:cd:e8:be:f0:85:fa:ee:69:17:25:b3:8e:a5:5f:8b:f8:64:
c3:61:76:be:1e:e2:5d:3d:93:1e:dd:af:f6:26:2d:03:c3:94:
d1:8b:2d:92:02:68:f0:88:58:68:07:63:91:ec:ff:1d:3f:e3:
71:04:97:c0:6b:1a:ac:90:0d:74:3b:00:b1:a9:ed:1c:29:ec:
b7:cc:22:c1:f0:4c:91:14:d9:b8:6b:9d:1a:76:ef:e6:d3:d1:
cf:86:2e:9e:35:0b:5c:5c:b3:b8:d2:ba:8f:33:56:bb:dc:4f:
17:9f:c9:44:65:74:70:11:a2:6f:fe:f6:32:64:e2:47:35:78:
ac:31:cb:71
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/Hnm4YdBZcGMFA+KKnOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EyMTliMzdkMmJkNjk4ZmQ1YTlhM2RiY2I0ZDliOGY0OWM5YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlurdFSOW0z265AIDhSU1ZVRucLrU
2o6wjKVzJvJuIgv3hMjchXV6QscZz07dIei0AxMzyB8ac8MiYMoGb7tgWBCJq94q
74tyXxlwyr2SkYF8mSXYJPpdqR0ZUBIVNdSYtnKEmTvJEJghCBhgfkppc395QgFY
CmlMrKs9SdwVhg58LA3wmXsogP8UUsfMUDNGJsWlttowxzTUyipHZ07M/asjZdYM
hZJm3WhoTcuZ2T3NbLOxIdwM1wdS9ejEgjWGpd3ViPAId186AZ6/BTIWAS/dK14V
mH1mtnV/4ALMptIYKi6CTZWXtcBUvUfCIGM6P+yDsqxa/4a6YEutCH/JbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLyiGbN9K9aY/VqaPby02bj0nJvJMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdktJWnMzMHIxcGo5V3BvOXZMVFp1UFNjbThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVZXAwQA
W/YxMAwDBAC8/QEDBAK8/QAwDQYJKoZIhvcNAQELBQADggEBANTZUCSfxfVJjpjP
t996YG1/NEaTTJV5djXiXI+JZuK5N8yZVjfz204B96o0/wuFWhb/srZSWCgm87qj
v1NbBy3jXGlcwRQLpFlIW4TzroIGSVnRNHyU0YkU0DxfGafXC+UPHtS8uVKQf6xf
apH3HQONIpPBNNaSCVczFsY+dPnN6L7whfruaRcls46lX4v4ZMNhdr4e4l09kx7d
r/YmLQPDlNGLLZICaPCIWGgHY5Hs/x0/43EEl8BrGqyQDXQ7ALGp7Rwp7LfMIsHw
TJEU2bhrnRp27+bT0c+GLp41C1xcs7jSuo8zVrvcTxefyURldHARom/+9jJk4kc1
eKwxy3E=
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:47:26 2025 by rpki-client