Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/VdXHdlxLvSXMtikY4Tkq1ivw7b0.roa
File: VdXHdlxLvSXMtikY4Tkq1ivw7b0.roa (raw, json)
Hash identifier: d4XyYarFCX7iHNvauLVhaF+5yte4Mx2+kXf0dxCZBfg=
Subject key identifier: 55:D5:C7:76:5C:4B:BD:25:CC:B6:29:18:E1:39:2A:D6:2B:F0:ED:BD
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDE5836300C05B3CEDB4B580A3AE5
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/VdXHdlxLvSXMtikY4Tkq1ivw7b0.roa
Signing time: Thu 02 Jan 2025 05:48:27 +0000
ROA not before: Thu 02 Jan 2025 05:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211891
IP address blocks: 2a12:7a40:9903::/48 maxlen: 48
2a12:7a40:9913::/48 maxlen: 48
2a12:7a40:9923::/48 maxlen: 48
2a12:7a40:9933::/48 maxlen: 48
2a12:7a40:9943::/48 maxlen: 48
2a12:7a40:9953::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:de:58:36:30:0c:05:b3:ce:db:4b:58:0a:3a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55d5c7765c4bbd25ccb62918e1392ad62bf0edbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:9c:23:7f:f2:d1:97:dc:0d:d7:99:ee:be:
c3:d4:42:45:1e:c9:80:be:71:da:4f:fe:65:cf:8d:
56:93:dc:e1:a7:2f:2b:b4:44:4a:c7:70:79:1b:7f:
71:b1:df:1e:5b:72:5c:30:fc:7b:00:07:49:11:8b:
39:e9:b0:b3:cc:25:c9:41:d3:c3:61:c7:8f:bb:ca:
f8:cf:51:4e:60:e7:95:81:81:b9:7a:aa:78:38:8e:
91:57:22:e0:77:dd:f2:2b:db:dd:07:82:92:9d:21:
0c:62:37:79:ef:9e:22:e6:73:56:4d:ee:9f:64:19:
a0:25:5e:a3:cc:1c:cf:b0:47:9b:b0:cf:c9:91:07:
88:b9:54:75:5c:0e:07:b5:f4:5c:7c:22:ff:5b:aa:
fb:62:1e:65:2e:e9:52:e7:28:13:c3:fb:82:60:49:
15:07:cc:8e:a1:a1:b3:6e:83:1d:23:0a:77:48:a5:
78:b5:bc:55:08:05:ed:c7:d0:7f:6a:cc:d7:43:1e:
f9:c2:2b:d1:ba:73:c0:76:17:ff:a3:9f:1a:fd:81:
d7:fc:46:ff:60:a9:0d:23:d4:67:4a:d4:6d:a2:2a:
d4:8b:11:ee:a1:76:94:83:07:42:0f:4c:ef:54:92:
d4:da:99:8b:05:82:c7:da:b9:61:cb:60:3e:d3:7d:
70:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D5:C7:76:5C:4B:BD:25:CC:B6:29:18:E1:39:2A:D6:2B:F0:ED:BD
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/VdXHdlxLvSXMtikY4Tkq1ivw7b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9903::/48
2a12:7a40:9913::/48
2a12:7a40:9923::/48
2a12:7a40:9933::/48
2a12:7a40:9943::/48
2a12:7a40:9953::/48
Signature Algorithm: sha256WithRSAEncryption
5c:8a:1d:44:3e:02:6e:4a:7f:f7:2b:b7:76:bd:67:d4:c1:39:
90:e5:a1:66:13:eb:6b:15:9e:0f:8a:53:0c:ea:58:fd:71:80:
ee:2d:03:38:5c:5d:f3:65:24:82:16:39:bb:cf:c6:d6:9e:cd:
a7:91:8b:72:ff:0e:05:e4:87:25:76:1d:84:ab:ac:ea:2d:df:
5d:f3:c3:8c:5e:26:6d:65:44:39:9a:9c:d6:55:06:da:c8:b1:
b3:27:5f:6b:b2:bf:f2:fc:83:6e:d0:83:c4:a4:83:d3:50:30:
7c:e0:7f:27:ce:69:71:0e:40:8c:08:bf:6d:f2:e7:eb:e3:24:
43:75:5b:33:19:42:f0:64:40:10:6a:61:fc:43:b8:64:9f:7a:
87:07:e1:1d:46:df:bb:6c:1a:8d:36:02:2e:1e:c5:f0:36:c1:
ad:14:57:d3:66:fe:3b:6a:f7:18:8c:13:4e:5c:af:09:59:d5:
8c:d0:99:c5:96:2f:07:cb:1e:1e:d1:bc:d5:e5:d5:bf:40:1d:
51:79:77:d0:91:85:a6:c6:b3:26:32:ca:b8:4b:d8:97:7b:e3:
8f:d1:15:67:20:d1:d9:e8:3a:97:18:a8:55:03:ae:f0:92:ba:
3b:be:7e:a8:0f:69:dc:22:fa:6b:c5:fe:b1:32:2f:34:63:1f:
0c:f2:d7:30
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljt5YNjAMBbPO20tYCjrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ1Yzc3NjVjNGJiZDI1Y2NiNjI5MThlMTM5MmFkNjJiZjBlZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcGcI3/y0ZfcDdeZ7r7D1EJFHsmA
vnHaT/5lz41Wk9zhpy8rtERKx3B5G39xsd8eW3JcMPx7AAdJEYs56bCzzCXJQdPD
YcePu8r4z1FOYOeVgYG5eqp4OI6RVyLgd93yK9vdB4KSnSEMYjd5754i5nNWTe6f
ZBmgJV6jzBzPsEebsM/JkQeIuVR1XA4HtfRcfCL/W6r7Yh5lLulS5ygTw/uCYEkV
B8yOoaGzboMdIwp3SKV4tbxVCAXtx9B/aszXQx75wivRunPAdhf/o58a/YHX/Eb/
YKkNI9RnStRtoirUixHuoXaUgwdCD0zvVJLU2pmLBYLH2rlhy2A+031wlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFXVx3ZcS70lzLYpGOE5KtYr8O29MB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvVmRYSGRseEx2U1hNdGlrWTRUa3ExaXZ3N2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkD
AwcAKhJ6QJkTAwcAKhJ6QJkjAwcAKhJ6QJkzAwcAKhJ6QJlDAwcAKhJ6QJlTMA0G
CSqGSIb3DQEBCwUAA4IBAQBcih1EPgJuSn/3K7d2vWfUwTmQ5aFmE+trFZ4PilMM
6lj9cYDuLQM4XF3zZSSCFjm7z8bWns2nkYty/w4F5Icldh2Eq6zqLd9d88OMXiZt
ZUQ5mpzWVQbayLGzJ19rsr/y/INu0IPEpIPTUDB84H8nzmlxDkCMCL9t8ufr4yRD
dVszGULwZEAQamH8Q7hkn3qHB+EdRt+7bBqNNgIuHsXwNsGtFFfTZv47avcYjBNO
XK8JWdWM0JnFli8Hyx4e0bzV5dW/QB1ReXfQkYWmxrMmMsq4S9iXe+OP0RVnINHZ
6DqXGKhVA67wkro7vn6oD2ncIvprxf6xMi80Yx8M8tcw
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:57:39 2025 by rpki-client