Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/vYeUQvTtmRwFxe2HjEVg0-w3YtY.roa
File: vYeUQvTtmRwFxe2HjEVg0-w3YtY.roa (raw, json)
Hash identifier: 5J5aN+7Pc9ymOEzVJcf+044A0ctdwVC0r43YEoVys+8=
Subject key identifier: BD:87:94:42:F4:ED:99:1C:05:C5:ED:87:8C:45:60:D3:EC:37:62:D6
Certificate issuer: /CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Certificate serial: 019424B3A3B1B6864662876885B1A97B0F33
Authority key identifier: 82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/vYeUQvTtmRwFxe2HjEVg0-w3YtY.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25215
IP address blocks: 155.140.82.0/24 maxlen: 24
155.140.83.0/24 maxlen: 24
155.140.90.0/24 maxlen: 24
155.140.91.0/24 maxlen: 24
155.140.102.0/23 maxlen: 24
155.140.104.0/23 maxlen: 24
159.50.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/gvolsvyxRoEUtziSirINh2G_iDE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/gvolsvyxRoEUtziSirINh2G_iDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a3:b1:b6:86:46:62:87:68:85:b1:a9:7b:0f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fa25b2fcb1468114b738928ab20d8761bf8831
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd879442f4ed991c05c5ed878c4560d3ec3762d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ee:2b:87:29:fe:df:d6:63:7a:80:58:9d:29:
4e:a2:38:5c:84:9c:d9:c8:3e:1d:b2:46:1f:ee:40:
49:46:c4:56:f1:8f:b5:3d:4e:26:17:28:cc:84:b8:
be:88:eb:ea:76:85:ef:94:cf:5b:4e:8b:0d:04:21:
3c:ed:a3:a8:eb:59:e7:a8:86:4f:a9:eb:fa:9e:c8:
60:1c:2b:68:a5:0c:b1:bf:a7:74:06:32:35:59:5c:
d2:9c:a3:fa:f5:2b:08:29:bd:65:d8:32:9f:f6:14:
d9:9f:05:c8:55:32:14:23:31:7d:d3:c1:9c:e6:5f:
3b:12:91:04:f1:b7:af:f3:45:db:cd:13:f8:8e:ab:
a1:88:4a:3c:88:40:75:d5:ed:94:1f:74:bc:27:6e:
b3:1c:bf:8c:b6:4e:e2:e2:af:c1:77:79:5b:c8:f3:
51:6b:d9:e1:5e:47:dc:a3:eb:4e:82:89:03:08:f5:
fe:50:66:6d:38:ee:70:50:63:20:6c:5b:96:e8:d8:
ff:bf:24:bc:48:35:1a:4a:d8:a6:16:0e:38:ea:ac:
61:35:e9:43:70:bc:1d:54:8e:4b:5b:ed:c9:76:01:
61:ff:c8:c2:5a:32:63:da:70:57:f3:fa:42:14:0d:
cc:ab:57:e2:f9:86:f9:b8:4d:ea:4c:18:ab:57:e0:
fc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:87:94:42:F4:ED:99:1C:05:C5:ED:87:8C:45:60:D3:EC:37:62:D6
X509v3 Authority Key Identifier:
keyid:82:FA:25:B2:FC:B1:46:81:14:B7:38:92:8A:B2:0D:87:61:BF:88:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvolsvyxRoEUtziSirINh2G_iDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/vYeUQvTtmRwFxe2HjEVg0-w3YtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1371a6-f5f3-43bf-aff4-7685c9670017/1/gvolsvyxRoEUtziSirINh2G_iDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.140.82.0/23
155.140.90.0/23
155.140.102.0-155.140.105.255
159.50.174.0/24
Signature Algorithm: sha256WithRSAEncryption
18:85:7e:84:d9:c8:a1:03:e1:a0:aa:9b:c2:28:38:2a:50:9f:
59:07:01:65:63:b3:db:8e:9a:4c:59:ca:6e:4f:40:a6:57:1f:
94:15:7c:e6:1c:34:5e:fd:4d:9f:d2:d7:86:83:2c:21:e5:83:
a0:78:d4:cb:97:8a:ec:fd:43:40:c4:3c:3d:5a:95:ef:3f:b3:
9b:9d:f1:6f:fd:38:19:33:60:9b:8e:48:94:d6:d4:9e:9b:82:
9b:14:67:be:fd:b8:3f:e7:5c:1a:50:6c:20:48:2c:a0:9a:5c:
a4:31:45:5c:2e:d5:d0:15:ae:c8:3b:a4:9f:68:e8:1f:ae:0f:
8f:b3:f3:d1:85:7a:a8:0c:06:03:43:80:97:dc:c5:68:c0:1c:
60:87:02:dc:ca:8b:15:23:bf:36:c7:99:11:96:e7:aa:a2:3e:
da:f1:7a:ba:32:e4:16:31:22:8e:1e:d6:5c:2b:02:24:b0:23:
06:54:bf:ba:d8:81:d8:a9:92:99:db:a6:51:71:02:a5:66:e6:
da:9f:d9:04:9c:00:77:cb:c4:13:b2:f5:dd:b6:f5:a7:e2:4a:
e8:4c:d9:7b:8b:03:7a:15:01:d5:86:88:af:6d:85:99:df:71:
39:8b:8e:6a:9f:f3:aa:cc:5a:51:7b:d5:10:1b:19:07:7c:52:
8c:5e:3d:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQks6OxtoZGYodohbGpew8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmEyNWIyZmNiMTQ2ODExNGI3Mzg5MjhhYjIwZDg3NjFi
Zjg4MzEwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg3OTQ0MmY0ZWQ5OTFjMDVjNWVkODc4YzQ1NjBkM2VjMzc2MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO4rhyn+39ZjeoBYnSlOojhchJzZ
yD4dskYf7kBJRsRW8Y+1PU4mFyjMhLi+iOvqdoXvlM9bTosNBCE87aOo61nnqIZP
qev6nshgHCtopQyxv6d0BjI1WVzSnKP69SsIKb1l2DKf9hTZnwXIVTIUIzF908Gc
5l87EpEE8bev80XbzRP4jquhiEo8iEB11e2UH3S8J26zHL+Mtk7i4q/Bd3lbyPNR
a9nhXkfco+tOgokDCPX+UGZtOO5wUGMgbFuW6Nj/vyS8SDUaStimFg446qxhNelD
cLwdVI5LW+3JdgFh/8jCWjJj2nBX8/pCFA3Mq1fi+Yb5uE3qTBirV+D81QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFL2HlEL07ZkcBcXth4xFYNPsN2LWMB8GA1UdIwQY
MBaAFIL6JbL8sUaBFLc4koqyDYdhv4gxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQt
NzY4NWM5NjcwMDE3LzEvdlllVVF2VHRtUndGeGUySGpFVmcwLXczWXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMzcxYTYtZjVmMy00M2JmLWFmZjQtNzY4NWM5NjcwMDE3
LzEvZ3ZvbHN2eXhSb0VVdHppU2lySU5oMkdfaURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBm4xSAwQB
m4xaMAwDBAGbjGYDBAGbjGgDBACfMq4wDQYJKoZIhvcNAQELBQADggEBABiFfoTZ
yKED4aCqm8IoOCpQn1kHAWVjs9uOmkxZym5PQKZXH5QVfOYcNF79TZ/S14aDLCHl
g6B41MuXiuz9Q0DEPD1ale8/s5ud8W/9OBkzYJuOSJTW1J6bgpsUZ779uD/nXBpQ
bCBILKCaXKQxRVwu1dAVrsg7pJ9o6B+uD4+z89GFeqgMBgNDgJfcxWjAHGCHAtzK
ixUjvzbHmRGW56qiPtrxeroy5BYxIo4e1lwrAiSwIwZUv7rYgdipkpnbplFxAqVm
5tqf2QScAHfLxBOy9d229afiSuhM2XuLA3oVAdWGiK9thZnfcTmLjmqf86rMWlF7
1RAbGQd8UoxePfg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:23:38 2025 by rpki-client