Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/VJcC3DZjVaOocdNxvr3eh-uH0lw.roa
File: VJcC3DZjVaOocdNxvr3eh-uH0lw.roa (raw, json)
Hash identifier: S/FApMeQF+bI8dQe3+ptgHneEZT+L8zmVlOAZBtIFyI=
Subject key identifier: 54:97:02:DC:36:63:55:A3:A8:71:D3:71:BE:BD:DE:87:EB:87:D2:5C
Certificate issuer: /CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1
Certificate serial: 0194C21299DFD2F9A5D6AFD79027D777A1FD
Authority key identifier: F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/VJcC3DZjVaOocdNxvr3eh-uH0lw.roa
Signing time: Sat 01 Feb 2025 15:13:06 +0000
ROA not before: Sat 01 Feb 2025 15:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216211
IP address blocks: 80.249.134.0/24 maxlen: 24
2a13:edc0:1::/48 maxlen: 48
2a13:edc0:2::/48 maxlen: 48
2a13:edc0:3::/48 maxlen: 48
2a13:edc0:4::/48 maxlen: 48
2a13:edc0:5::/48 maxlen: 48
2a13:edc0:6::/48 maxlen: 48
2a13:edc0:7::/48 maxlen: 48
2a13:edc0:8::/48 maxlen: 48
2a13:edc0:9::/48 maxlen: 48
2a13:edc0:10::/48 maxlen: 48
2a13:edc0:11::/48 maxlen: 48
2a13:edc0:12::/48 maxlen: 48
2a13:edc0:13::/48 maxlen: 48
2a13:edc0:14::/48 maxlen: 48
2a13:edc0:15::/48 maxlen: 48
2a13:edc0:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c2:12:99:df:d2:f9:a5:d6:af:d7:90:27:d7:77:a1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1
Validity
Not Before: Feb 1 15:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=549702dc366355a3a871d371bebdde87eb87d25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:c5:56:de:41:33:ad:9a:44:08:51:80:95:
9e:2d:7a:ea:e0:19:70:41:04:cc:41:3f:5d:88:db:
e0:6d:9f:dc:8b:3b:1e:51:88:eb:67:7a:af:16:82:
03:d4:c8:53:f5:7d:ed:9e:90:e5:d7:e4:48:3e:84:
0e:42:df:2f:e8:ec:df:61:26:31:04:84:61:5a:71:
ed:af:86:f5:d3:a8:1e:6e:2b:49:c2:b1:93:76:8c:
ca:2a:8c:64:0d:7b:81:b9:8e:d1:57:74:10:66:70:
10:36:28:10:b6:94:cb:e7:0b:dc:af:ed:bc:11:d9:
04:8a:ee:49:0c:59:43:e7:b1:2c:20:7b:d2:2b:9d:
3a:f9:89:9f:18:59:10:00:34:40:24:2a:1f:09:11:
c7:10:fc:86:cb:02:78:91:cc:3c:e9:2a:92:bc:03:
85:97:6b:36:2b:a0:28:15:2f:4a:30:98:e3:9a:78:
a6:4f:d9:24:59:12:ac:ae:f8:60:a3:be:3e:f2:5e:
5f:a1:a2:25:34:a7:04:40:af:fd:68:f8:ae:5e:96:
77:a9:0f:93:5e:17:17:42:09:5e:3a:30:c3:12:f0:
f9:7e:af:e8:aa:2d:04:4e:76:42:2b:e1:63:6c:ba:
e9:77:20:1b:fe:9a:f3:54:98:e0:1e:a8:ab:8e:31:
cd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:97:02:DC:36:63:55:A3:A8:71:D3:71:BE:BD:DE:87:EB:87:D2:5C
X509v3 Authority Key Identifier:
keyid:F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/VJcC3DZjVaOocdNxvr3eh-uH0lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.134.0/24
IPv6:
2a13:edc0:1::-2a13:edc0:9:ffff:ffff:ffff:ffff:ffff
2a13:edc0:10::-2a13:edc0:16:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:ec:3b:99:e6:c1:04:ab:5e:5a:47:30:ee:e9:8c:33:8b:75:
98:c0:cb:f2:93:bf:da:f5:1a:7c:5c:12:4e:4a:a0:ea:7a:e1:
5b:06:a5:86:2b:46:88:ab:cb:7e:37:3b:b6:d9:75:63:fd:ea:
3f:ee:dc:9f:de:1e:24:94:ad:63:8e:7a:33:80:3b:07:31:12:
87:7f:43:30:6e:53:5a:2d:d1:db:8f:aa:53:8c:e7:42:38:5a:
93:1c:79:8d:f2:80:d1:e6:26:9f:d7:87:30:01:68:51:f7:7f:
ea:71:ff:f9:57:cc:12:87:0f:39:f1:49:42:95:86:7c:7a:7b:
ce:f8:6c:9f:a3:48:78:2e:2c:79:44:87:c6:a3:d7:94:77:8d:
2e:1e:f3:ec:8f:4e:2e:2b:c2:5b:b2:c9:e7:70:3a:5e:84:1d:
38:b9:bb:2f:9e:0a:6f:0f:80:22:5c:14:25:e4:5d:f5:ae:39:
f0:10:00:00:eb:53:f6:8a:02:84:88:8c:6b:3e:40:14:11:e7:
a2:44:e1:9b:57:04:56:a5:b9:bd:89:b2:8a:85:c8:d2:27:ce:
3c:1f:1b:9a:99:2e:51:05:33:03:d7:dd:ed:c2:8e:e3:93:95:
11:68:8f:6d:47:ca:d2:6a:13:3a:a3:b6:df:f7:90:72:3c:8e:
5d:5b:b8:9c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZTCEpnf0vml1q/XkCfXd6H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWVkN2IxZjYzYjUxYWE1MTZhOWZmY2IwMzVhM2EwZDY5
ZTY1YTEwHhcNMjUwMjAxMTUxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDk3MDJkYzM2NjM1NWEzYTg3MWQzNzFiZWJkZGU4N2ViODdkMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3bFVt5BM62aRAhRgJWeLXrq4Blw
QQTMQT9diNvgbZ/cizseUYjrZ3qvFoID1MhT9X3tnpDl1+RIPoQOQt8v6OzfYSYx
BIRhWnHtr4b106gebitJwrGTdozKKoxkDXuBuY7RV3QQZnAQNigQtpTL5wvcr+28
EdkEiu5JDFlD57EsIHvSK506+YmfGFkQADRAJCofCRHHEPyGywJ4kcw86SqSvAOF
l2s2K6AoFS9KMJjjmnimT9kkWRKsrvhgo74+8l5foaIlNKcEQK/9aPiuXpZ3qQ+T
XhcXQgleOjDDEvD5fq/oqi0ETnZCK+FjbLrpdyAb/przVJjgHqirjjHNRwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFSXAtw2Y1WjqHHTcb693ofrh9JcMB8GA1UdIwQY
MBaAFPMe17H2O1GqUWqf/LA1o6DWnmWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDct
YmQyYjNhYmFlMTIxLzEvVkpjQzNEWmpWYU9vY2ROeHZyM2VoLXVIMGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDctYmQyYjNhYmFlMTIx
LzEvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQAUPmGMC4E
AgACMCgwEgMHACoT7cAAAQMHASoT7cAACDASAwcEKhPtwAAQAwcAKhPtwAAWMA0G
CSqGSIb3DQEBCwUAA4IBAQCU7DuZ5sEEq15aRzDu6Ywzi3WYwMvyk7/a9Rp8XBJO
SqDqeuFbBqWGK0aIq8t+Nzu22XVj/eo/7tyf3h4klK1jjnozgDsHMRKHf0MwblNa
LdHbj6pTjOdCOFqTHHmN8oDR5iaf14cwAWhR93/qcf/5V8wShw858UlClYZ8envO
+Gyfo0h4Lix5RIfGo9eUd40uHvPsj04uK8JbssnncDpehB04ubsvngpvD4AiXBQl
5F31rjnwEAAA61P2igKEiIxrPkAUEeeiROGbVwRWpbm9ibKKhcjSJ848HxuamS5R
BTMD193two7jk5URaI9tR8rSahM6o7bf95ByPI5dW7ic
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:30:12 2025 by rpki-client