Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VY-9ThLxtFTVVRO0SLJaeWT_ck8.roa
File: VY-9ThLxtFTVVRO0SLJaeWT_ck8.roa (raw, json)
Hash identifier: ERScFoksmJXeyaN0t1biHrLZ4SwnA3GMyDeI7VpwMIk=
Subject key identifier: 55:8F:BD:4E:12:F1:B4:54:D5:55:13:B4:48:B2:5A:79:64:FF:72:4F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143EF5027EE3C899D86094B6A21FF75
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VY-9ThLxtFTVVRO0SLJaeWT_ck8.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 82.153.246.0/24 maxlen: 24
109.176.21.0/24 maxlen: 24
109.176.23.0/24 maxlen: 24
109.176.206.0/24 maxlen: 24
213.218.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ef:50:27:ee:3c:89:9d:86:09:4b:6a:21:ff:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=558fbd4e12f1b454d55513b448b25a7964ff724f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b7:83:60:3a:55:5e:85:51:2b:bb:9f:41:d6:
ce:fb:82:c6:94:b5:92:78:54:47:89:ce:fc:73:92:
73:f0:a4:b5:55:88:6e:66:16:92:db:dc:37:b9:f1:
8c:fd:7b:3c:a9:dc:ab:65:b7:3d:90:be:ff:ff:b9:
95:fd:29:20:98:9f:23:d1:b0:e8:68:24:8b:ac:6e:
e4:f9:02:8c:25:77:68:b6:fd:83:57:4c:e7:ce:13:
4d:83:ab:22:b2:b0:7b:e2:ad:1a:f7:6d:7a:03:ae:
c4:62:28:f9:ce:6f:82:e5:c0:ad:b4:0d:67:6d:9e:
eb:8f:03:fc:98:db:0f:8d:ff:ee:38:45:37:5a:0b:
5a:e6:61:b7:56:a4:74:81:a7:b6:3f:bc:c8:80:17:
fd:80:97:28:c7:65:b1:c6:77:d2:c3:f8:20:ff:14:
53:36:18:3e:98:e8:79:a2:13:6e:1a:d9:d3:a3:e9:
dd:16:9f:34:0e:e0:05:bd:fc:3b:98:54:a7:17:18:
17:fd:61:85:11:89:db:1d:05:97:1a:49:40:93:03:
e9:a6:96:95:2b:d7:97:6b:81:e0:0a:63:2f:32:c4:
c7:6b:b7:c7:6c:68:2c:fe:6f:92:81:16:37:f7:bd:
df:71:52:35:48:17:51:32:e7:4b:32:6b:5f:a4:ef:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8F:BD:4E:12:F1:B4:54:D5:55:13:B4:48:B2:5A:79:64:FF:72:4F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VY-9ThLxtFTVVRO0SLJaeWT_ck8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.246.0/24
109.176.21.0/24
109.176.23.0/24
109.176.206.0/24
213.218.243.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9d:78:0d:04:f2:5a:f2:13:4c:56:65:73:4c:fb:c8:e0:e8:
da:05:a1:75:e8:04:ba:84:29:0f:f7:1c:98:21:a6:12:12:94:
60:77:c2:dc:65:6a:a3:aa:6f:f8:b6:e4:01:17:2a:8e:c0:dd:
c2:5b:54:1a:16:4c:cd:87:d6:66:0f:df:e3:a4:a3:a9:f8:07:
da:24:a5:a4:a4:5d:7b:41:2b:75:e5:86:54:61:95:85:1c:57:
92:4f:dd:9b:a4:35:c4:57:5c:92:e3:a9:81:c6:5d:f9:6c:0f:
06:04:06:2d:c1:c1:66:ff:7a:bb:c5:c0:a3:36:48:b7:8c:10:
d8:28:be:e0:bc:f6:e8:09:d6:4f:cb:4c:c7:0c:43:ee:41:31:
5f:4d:c3:c0:92:dd:0c:35:8c:df:30:ca:7a:72:bf:78:04:8a:
a8:37:ff:dd:4c:fb:64:a0:ad:ba:b4:f7:2f:23:21:71:bc:f0:
6b:51:e4:c3:0c:e8:1a:75:d0:06:14:7c:78:27:75:5b:cc:40:
6c:1a:e2:8f:cb:05:d8:80:c6:e5:00:63:1c:5f:90:96:a8:f8:
f2:c2:f4:a1:a2:64:dd:64:ca:a0:df:31:9e:52:5d:3d:11:95:
4a:2d:69:36:c8:f5:28:b5:17:4a:e6:2d:e6:f5:77:45:89:3c:
0a:94:45:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhQ+9QJ+48iZ2GCUtqIf91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NThmYmQ0ZTEyZjFiNDU0ZDU1NTEzYjQ0OGIyNWE3OTY0ZmY3MjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLeDYDpVXoVRK7ufQdbO+4LGlLWS
eFRHic78c5Jz8KS1VYhuZhaS29w3ufGM/Xs8qdyrZbc9kL7//7mV/SkgmJ8j0bDo
aCSLrG7k+QKMJXdotv2DV0znzhNNg6sisrB74q0a9216A67EYij5zm+C5cCttA1n
bZ7rjwP8mNsPjf/uOEU3Wgta5mG3VqR0gae2P7zIgBf9gJcox2WxxnfSw/gg/xRT
Nhg+mOh5ohNuGtnTo+ndFp80DuAFvfw7mFSnFxgX/WGFEYnbHQWXGklAkwPpppaV
K9eXa4HgCmMvMsTHa7fHbGgs/m+SgRY3973fcVI1SBdRMudLMmtfpO/KNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFWPvU4S8bRU1VUTtEiyWnlk/3JPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVlktOVRoTHh0RlRWVlJPMFNMSmFlV1RfY2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpn2AwQA
bbAVAwQAbbAXAwQAbbDOAwQA1drzMA0GCSqGSIb3DQEBCwUAA4IBAQAHnXgNBPJa
8hNMVmVzTPvI4OjaBaF16AS6hCkP9xyYIaYSEpRgd8LcZWqjqm/4tuQBFyqOwN3C
W1QaFkzNh9ZmD9/jpKOp+AfaJKWkpF17QSt15YZUYZWFHFeST92bpDXEV1yS46mB
xl35bA8GBAYtwcFm/3q7xcCjNki3jBDYKL7gvPboCdZPy0zHDEPuQTFfTcPAkt0M
NYzfMMp6cr94BIqoN//dTPtkoK26tPcvIyFxvPBrUeTDDOgaddAGFHx4J3VbzEBs
GuKPywXYgMblAGMcX5CWqPjywvShomTdZMqg3zGeUl09EZVKLWk2yPUotRdK5i3m
9XdFiTwKlEVe
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:23 2025 by rpki-client