Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/VamyIGwTeApv3br21vu8DRl3PlY.roa
File: VamyIGwTeApv3br21vu8DRl3PlY.roa (raw, json)
Hash identifier: K9RmbYzkfK+s/ge5R78t4ap7tap6ruoWiSMqd2gyOlY=
Subject key identifier: 55:A9:B2:20:6C:13:78:0A:6F:DD:BA:F6:D6:FB:BC:0D:19:77:3E:56
Certificate issuer: /CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Certificate serial: 01942444A7A9AF8167624C98348856BADB90
Authority key identifier: 43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/VamyIGwTeApv3br21vu8DRl3PlY.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39498
IP address blocks: 146.19.127.0/24 maxlen: 24
185.122.244.0/23 maxlen: 23
185.122.244.0/24 maxlen: 24
185.122.245.0/24 maxlen: 24
185.122.246.0/23 maxlen: 23
185.122.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a7:a9:af:81:67:62:4c:98:34:88:56:ba:db:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55a9b2206c13780a6fddbaf6d6fbbc0d19773e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:7e:af:ad:38:fe:86:83:ce:fa:e2:5e:64:
46:01:5e:b6:f8:67:d7:70:f9:f3:17:44:b0:87:c2:
cc:1d:23:f0:6b:3b:75:79:a9:b2:5a:0c:ee:37:57:
54:a1:aa:0e:a3:98:8c:43:15:64:a5:9d:ee:c0:62:
22:82:4b:d2:12:1f:7d:16:06:43:1f:24:ab:3d:2a:
2c:3a:23:5f:a1:e0:b8:d7:b5:79:16:ac:5a:c6:bf:
f2:de:90:78:21:0b:8f:f7:05:29:16:76:ef:18:f4:
c5:df:e7:ce:e9:7b:0d:42:69:19:f1:dd:25:9f:ac:
a5:b4:40:0d:da:8b:b5:24:ec:55:e0:07:d4:f3:fe:
51:a5:08:75:4d:f1:44:86:ff:e0:5b:e9:3f:1b:8c:
7c:3f:39:b6:3a:8f:31:64:fe:9b:bb:73:e4:2b:bc:
93:1d:ea:69:62:50:01:60:ef:7c:36:17:2a:0f:85:
bc:1e:b8:a3:72:3d:e5:4c:c3:5e:0c:88:59:49:97:
93:04:e9:62:3e:ad:3c:78:e7:a3:5c:e4:d1:d6:6a:
4d:11:91:aa:59:31:e6:9a:ea:06:73:0c:ab:ab:20:
e5:a5:5e:32:9c:0a:d3:66:50:9d:16:ce:96:f6:9e:
b1:7e:e1:b2:3e:5a:94:85:b9:89:47:1e:8e:2f:9a:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A9:B2:20:6C:13:78:0A:6F:DD:BA:F6:D6:FB:BC:0D:19:77:3E:56
X509v3 Authority Key Identifier:
keyid:43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/VamyIGwTeApv3br21vu8DRl3PlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.127.0/24
185.122.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:99:66:2f:ef:34:5a:4d:42:83:b1:3f:03:38:9b:7b:6d:6f:
e5:7e:2e:e3:cc:6a:c6:a1:fc:0f:42:3e:b2:9a:26:0a:22:f4:
6e:54:29:08:60:ae:57:6b:ac:67:89:03:d3:3f:af:b4:85:de:
eb:63:5f:2c:53:2f:47:9f:ca:60:a1:5e:40:d7:82:20:ee:6f:
46:20:a9:fa:00:e4:eb:85:f1:ec:e8:2b:52:be:e0:2c:14:16:
43:57:b5:08:30:c8:15:aa:3d:c3:86:0c:48:00:9c:1f:a8:e4:
76:2a:c5:fd:a4:9b:47:2a:67:3b:02:55:a4:24:3b:e6:ad:a9:
fa:d4:9c:e7:e2:b6:70:bf:32:71:e1:ab:70:48:4a:d4:69:12:
72:22:46:06:4a:8e:4b:cf:2c:c0:e7:f4:a7:be:c5:0d:f5:cf:
b5:b3:c5:f8:ed:a3:76:72:a1:d6:81:f2:a7:c4:5b:3e:fe:03:
92:1e:57:d7:46:45:47:7f:92:18:f4:36:b4:ea:90:f3:8f:e9:
ec:a3:df:2a:b7:03:d3:c6:c4:46:5a:8b:a9:ee:61:c0:43:2a:
2f:53:dd:d8:19:13:29:80:0c:d0:d0:40:9b:cc:39:ae:08:c1:
2a:cd:e6:bb:f2:74:a1:06:e7:f7:d4:10:a3:68:8d:6d:e6:11:
07:8f:bb:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRKepr4FnYkyYNIhWutuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVmZTE2ZWM2YzAwZmQ0NWI1ZDkxOGQ5YjE3MmFjZDBh
NThkOTYwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE5YjIyMDZjMTM3ODBhNmZkZGJhZjZkNmZiYmMwZDE5NzczZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9t+r604/oaDzvriXmRGAV62+GfX
cPnzF0Swh8LMHSPwazt1eamyWgzuN1dUoaoOo5iMQxVkpZ3uwGIigkvSEh99FgZD
HySrPSosOiNfoeC417V5Fqxaxr/y3pB4IQuP9wUpFnbvGPTF3+fO6XsNQmkZ8d0l
n6yltEAN2ou1JOxV4AfU8/5RpQh1TfFEhv/gW+k/G4x8Pzm2Oo8xZP6bu3PkK7yT
HeppYlABYO98NhcqD4W8Hrijcj3lTMNeDIhZSZeTBOliPq08eOejXOTR1mpNEZGq
WTHmmuoGcwyrqyDlpV4ynArTZlCdFs6W9p6xfuGyPlqUhbmJRx6OL5oW6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFWpsiBsE3gKb9269tb7vA0Zdz5WMB8GA1UdIwQY
MBaAFEMu/hbsbAD9RbXZGNmxcqzQpY2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWIt
ZjM4OWE1MjY5ZmIyLzEvVmFteUlHd1RlQXB2M2JyMjF2dThEUmwzUGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWItZjM4OWE1MjY5ZmIy
LzEvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhN/AwQC
uXr0MA0GCSqGSIb3DQEBCwUAA4IBAQAemWYv7zRaTUKDsT8DOJt7bW/lfi7jzGrG
ofwPQj6ymiYKIvRuVCkIYK5Xa6xniQPTP6+0hd7rY18sUy9Hn8pgoV5A14Ig7m9G
IKn6AOTrhfHs6CtSvuAsFBZDV7UIMMgVqj3DhgxIAJwfqOR2KsX9pJtHKmc7AlWk
JDvmran61Jzn4rZwvzJx4atwSErUaRJyIkYGSo5LzyzA5/SnvsUN9c+1s8X47aN2
cqHWgfKnxFs+/gOSHlfXRkVHf5IY9Da06pDzj+nso98qtwPTxsRGWoup7mHAQyov
U93YGRMpgAzQ0ECbzDmuCMEqzea78nShBuf31BCjaI1t5hEHj7sM
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:56 2025 by rpki-client