Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/VftZMAe-HTAVpMfwxes2FDGztqs.roa
File: VftZMAe-HTAVpMfwxes2FDGztqs.roa (raw, json)
Hash identifier: KKajIYpdkVhXrGRISoXddoe+7uEBtFz7JC2M/TbIWjs=
Subject key identifier: 55:FB:59:30:07:BE:1D:30:15:A4:C7:F0:C5:EB:36:14:31:B3:B6:AB
Certificate issuer: /CN=689c68a45661f90a4059bd8c29a3c967bf92e855
Certificate serial: 01942827A7893A372B3B2A42EA55FECB2F79
Authority key identifier: 68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/VftZMAe-HTAVpMfwxes2FDGztqs.roa
Signing time: Thu 02 Jan 2025 17:54:34 +0000
ROA not before: Thu 02 Jan 2025 17:54:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211839
IP address blocks: 193.163.71.0/24 maxlen: 24
2a10:89c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 04:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a7:89:3a:37:2b:3b:2a:42:ea:55:fe:cb:2f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=689c68a45661f90a4059bd8c29a3c967bf92e855
Validity
Not Before: Jan 2 17:54:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55fb593007be1d3015a4c7f0c5eb361431b3b6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:27:76:4c:59:33:f1:bd:18:6c:55:2a:ea:
fa:cb:c6:13:9b:d5:b9:37:77:7a:8b:4d:2f:11:48:
b8:a6:ae:d1:45:e2:14:0c:bb:3b:5b:fe:eb:cd:5f:
36:2f:62:e4:27:6b:19:d6:e0:0c:bd:7a:5e:56:4e:
85:2e:e6:eb:4d:a3:03:a7:3d:b8:0f:e4:bd:91:e1:
d8:c7:a9:e7:76:82:57:74:f4:24:8a:ef:ba:06:0c:
12:1d:47:26:f5:aa:17:bb:af:29:f3:4b:27:b8:d9:
20:43:83:7d:ad:44:0b:2a:8d:8d:db:a4:1b:12:1a:
1e:ac:66:8a:ae:42:e0:99:b0:79:94:6d:60:1d:28:
96:37:e6:06:a4:f6:40:94:1b:c1:25:9b:58:00:a3:
f5:bc:12:0c:3d:26:4c:cf:39:e2:dd:97:60:22:7c:
c1:64:81:8f:01:18:c5:71:e3:ed:a6:e2:53:4f:27:
38:b5:02:39:ef:3b:ea:ee:70:ca:3d:d6:16:51:a4:
4c:5b:8e:87:95:8e:c4:73:dc:02:7f:c7:a5:58:bc:
74:63:a1:8a:7a:d2:cf:12:30:5a:18:44:e2:08:d6:
e6:64:46:15:6e:c3:85:52:32:0c:48:9d:76:c6:da:
c2:1d:55:cb:f6:f9:47:5a:e1:54:1f:e4:86:81:16:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FB:59:30:07:BE:1D:30:15:A4:C7:F0:C5:EB:36:14:31:B3:B6:AB
X509v3 Authority Key Identifier:
keyid:68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/VftZMAe-HTAVpMfwxes2FDGztqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.71.0/24
IPv6:
2a10:89c0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:3f:63:e1:d6:92:ba:64:0d:52:d7:b8:46:24:24:e5:60:46:
a0:eb:ec:7c:49:55:2d:58:62:32:25:ae:f4:49:a9:a4:af:07:
77:fd:c3:01:11:ab:91:ee:36:41:ce:e6:2c:42:fe:3f:0a:15:
4e:63:47:9d:4f:75:4f:d0:f9:94:58:3a:d2:98:6f:a1:35:b3:
18:34:cc:39:b0:03:ec:f2:73:a2:08:ec:82:ff:8d:22:b0:07:
e5:7f:60:34:5c:f8:2c:c0:ab:3d:ef:be:77:b7:04:2f:d5:67:
1c:af:52:62:24:64:3f:a6:69:86:d0:72:ce:87:13:a4:d8:7b:
35:5b:4d:05:27:63:88:2a:38:bd:c2:bd:40:61:56:af:f4:29:
bc:0b:aa:d2:d6:84:af:a1:ce:44:f6:5c:a3:8a:7c:32:cf:af:
b5:0c:10:fb:74:2b:2e:fa:9a:26:3d:5c:89:3b:a4:75:c2:07:
5f:c5:33:41:b7:24:e1:0c:1f:30:6a:01:cb:3b:b6:d9:e1:92:
a2:67:7d:03:6f:5c:4b:4a:ce:8e:37:52:d1:fd:94:c5:3f:d3:
e9:a3:c6:17:98:ef:a4:9b:e6:6e:b1:7e:92:48:ef:55:a2:12:
45:7d:3d:18:5f:d1:10:18:ac:68:47:f7:c3:9b:be:03:d1:3d:
29:3e:df:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJ6eJOjcrOypC6lX+yy95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OWM2OGE0NTY2MWY5MGE0MDU5YmQ4YzI5YTNjOTY3YmY5
MmU4NTUwHhcNMjUwMTAyMTc1NDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZiNTkzMDA3YmUxZDMwMTVhNGM3ZjBjNWViMzYxNDMxYjNiNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt0ndkxZM/G9GGxVKur6y8YTm9W5
N3d6i00vEUi4pq7RReIUDLs7W/7rzV82L2LkJ2sZ1uAMvXpeVk6FLubrTaMDpz24
D+S9keHYx6nndoJXdPQkiu+6BgwSHUcm9aoXu68p80snuNkgQ4N9rUQLKo2N26Qb
EhoerGaKrkLgmbB5lG1gHSiWN+YGpPZAlBvBJZtYAKP1vBIMPSZMzzni3ZdgInzB
ZIGPARjFcePtpuJTTyc4tQI57zvq7nDKPdYWUaRMW46HlY7Ec9wCf8elWLx0Y6GK
etLPEjBaGETiCNbmZEYVbsOFUjIMSJ12xtrCHVXL9vlHWuFUH+SGgRboWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFX7WTAHvh0wFaTH8MXrNhQxs7arMB8GA1UdIwQY
MBaAFGicaKRWYfkKQFm9jCmjyWe/kuhVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUt
YjYyMDdmNzU1MjY3LzEvVmZ0Wk1BZS1IVEFWcE1md3hlczJGREd6dHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUtYjYyMDdmNzU1MjY3
LzEvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaNHMA0E
AgACMAcDBQMqEInAMA0GCSqGSIb3DQEBCwUAA4IBAQCoP2Ph1pK6ZA1S17hGJCTl
YEag6+x8SVUtWGIyJa70Samkrwd3/cMBEauR7jZBzuYsQv4/ChVOY0edT3VP0PmU
WDrSmG+hNbMYNMw5sAPs8nOiCOyC/40isAflf2A0XPgswKs97753twQv1Wccr1Ji
JGQ/pmmG0HLOhxOk2Hs1W00FJ2OIKji9wr1AYVav9Cm8C6rS1oSvoc5E9lyjinwy
z6+1DBD7dCsu+pomPVyJO6R1wgdfxTNBtyThDB8wagHLO7bZ4ZKiZ30Db1xLSs6O
N1LR/ZTFP9Ppo8YXmO+km+ZusX6SSO9VohJFfT0YX9EQGKxoR/fDm74D0T0pPt+A
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:01:14 2025 by rpki-client