Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/VeXx5ss28RdiFQabOo44sW0D-uE.roa
File: VeXx5ss28RdiFQabOo44sW0D-uE.roa (raw, json)
Hash identifier: j6Jz+YU5cYvOQEdn0V6yO0OwGez7zeI8FG5nxA95NRI=
Subject key identifier: 55:E5:F1:E6:CB:36:F1:17:62:15:06:9B:3A:8E:38:B1:6D:03:FA:E1
Certificate issuer: /CN=7bcb127c7cd778607296b88386e894ae1de385bf
Certificate serial: 01942368CADB4B393EFD11A50810F61A90A4
Authority key identifier: 7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/VeXx5ss28RdiFQabOo44sW0D-uE.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198430
IP address blocks: 46.174.168.0/21 maxlen: 24
46.174.169.0/24 maxlen: 24
91.234.252.0/23 maxlen: 24
91.237.172.0/23 maxlen: 24
91.239.28.0/22 maxlen: 24
91.246.168.0/22 maxlen: 24
193.150.50.0/23 maxlen: 24
194.28.228.0/22 maxlen: 24
2001:678:d40::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ca:db:4b:39:3e:fd:11:a5:08:10:f6:1a:90:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bcb127c7cd778607296b88386e894ae1de385bf
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55e5f1e6cb36f1176215069b3a8e38b16d03fae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:1c:fb:5c:db:d2:19:f4:97:6d:8a:73:9f:
98:db:4f:09:84:7e:b1:57:4d:fd:b0:c1:d6:81:80:
36:d6:2f:69:3c:d8:e3:63:37:d1:2f:fb:d9:0a:36:
69:2b:3d:38:40:0e:61:25:5e:43:28:9b:d4:b8:37:
0a:e6:c4:96:16:f9:69:be:6c:fc:31:66:0a:27:45:
ac:c5:e7:ab:0d:2e:7e:44:51:70:64:e4:05:15:fa:
b3:bb:c2:ad:cd:d9:bb:b4:3c:6f:ac:8d:2e:ad:2f:
75:4d:a1:fd:6a:ea:fb:90:8c:b4:fe:f0:59:7e:d9:
52:f8:19:59:02:2a:ac:4d:83:21:8e:49:53:65:c8:
16:5c:62:c5:8b:6e:25:be:e7:ee:d4:97:6d:7a:15:
71:7f:75:15:1c:16:1e:dd:14:d8:8d:4f:70:a9:b5:
fc:bd:74:00:45:f1:92:5d:94:aa:99:76:a9:51:d2:
91:15:6e:03:ce:1a:ec:08:67:71:87:f2:a8:17:7c:
25:b9:ef:f6:85:9b:a7:6a:74:8d:10:11:fd:e2:b2:
61:ff:44:4d:c8:6b:b8:36:de:e9:f8:33:d2:b9:6b:
84:2a:95:8c:b1:07:63:f9:70:9c:a6:71:89:af:a7:
e6:4a:a2:74:64:a2:e6:97:0d:b9:f0:05:f0:df:35:
b7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E5:F1:E6:CB:36:F1:17:62:15:06:9B:3A:8E:38:B1:6D:03:FA:E1
X509v3 Authority Key Identifier:
keyid:7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/VeXx5ss28RdiFQabOo44sW0D-uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.168.0/21
91.234.252.0/23
91.237.172.0/23
91.239.28.0/22
91.246.168.0/22
193.150.50.0/23
194.28.228.0/22
IPv6:
2001:678:d40::/48
Signature Algorithm: sha256WithRSAEncryption
2c:0b:4e:d4:b4:77:15:5f:f9:be:95:3e:3f:fb:d4:a7:3a:bf:
eb:a0:0d:2f:1e:26:72:de:31:7d:7f:c5:88:cb:d9:ad:fc:c7:
93:8f:5b:d6:08:7b:c1:0c:20:e2:15:65:8c:82:7c:69:63:6a:
13:7a:51:47:b8:4b:34:04:80:59:88:b9:98:cd:95:52:ee:71:
7d:ad:59:dd:47:22:8c:9d:eb:f8:33:9c:3c:e5:36:31:e0:94:
cb:8f:19:54:a5:2d:8d:99:97:52:c5:fe:6b:ee:d3:4b:2c:16:
06:a3:6d:06:64:a1:d2:b5:1e:e3:5d:dc:41:9d:db:8c:95:75:
22:4b:d7:2b:90:d7:07:4a:f3:19:9e:9f:47:78:ff:01:ce:4e:
bc:ce:cd:5f:d9:47:1d:3c:01:60:ac:34:df:3f:1e:af:3c:2d:
ed:90:f2:89:ab:98:5e:96:16:df:22:99:b3:aa:5e:49:69:e1:
fd:48:cf:f3:0b:4d:bd:81:81:80:b5:44:2d:73:29:96:b4:66:
e1:be:69:4b:c3:f5:b3:db:a9:f7:1f:68:41:45:11:b5:29:ed:
7c:d2:41:d0:f2:e0:e4:14:6e:59:18:c4:55:17:34:17:3d:41:
14:63:2f:65:13:a6:75:d5:a1:50:de:e3:97:cd:dc:d3:fd:fa:
a9:6d:9f:6a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQjaMrbSzk+/RGlCBD2GpCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiY2IxMjdjN2NkNzc4NjA3Mjk2Yjg4Mzg2ZTg5NGFlMWRl
Mzg1YmYwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU1ZjFlNmNiMzZmMTE3NjIxNTA2OWIzYThlMzhiMTZkMDNmYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4Ec+1zb0hn0l22Kc5+Y208JhH6x
V039sMHWgYA21i9pPNjjYzfRL/vZCjZpKz04QA5hJV5DKJvUuDcK5sSWFvlpvmz8
MWYKJ0WsxeerDS5+RFFwZOQFFfqzu8Ktzdm7tDxvrI0urS91TaH9aur7kIy0/vBZ
ftlS+BlZAiqsTYMhjklTZcgWXGLFi24lvufu1JdtehVxf3UVHBYe3RTYjU9wqbX8
vXQARfGSXZSqmXapUdKRFW4DzhrsCGdxh/KoF3wlue/2hZunanSNEBH94rJh/0RN
yGu4Nt7p+DPSuWuEKpWMsQdj+XCcpnGJr6fmSqJ0ZKLmlw258AXw3zW34QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFXl8ebLNvEXYhUGmzqOOLFtA/rhMB8GA1UdIwQY
MBaAFHvLEnx813hgcpa4g4bolK4d44W/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWIt
MmUyMGE3OWY3MTQ1LzEvVmVYeDVzczI4UmRpRlFhYk9vNDRzVzBELXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWItMmUyMGE3OWY3MTQ1
LzEvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDLq6oAwQB
W+r8AwQBW+2sAwQCW+8cAwQCW/aoAwQBwZYyAwQCwhzkMA8EAgACMAkDBwAgAQZ4
DUAwDQYJKoZIhvcNAQELBQADggEBACwLTtS0dxVf+b6VPj/71Kc6v+ugDS8eJnLe
MX1/xYjL2a38x5OPW9YIe8EMIOIVZYyCfGljahN6UUe4SzQEgFmIuZjNlVLucX2t
Wd1HIoyd6/gznDzlNjHglMuPGVSlLY2Zl1LF/mvu00ssFgajbQZkodK1HuNd3EGd
24yVdSJL1yuQ1wdK8xmen0d4/wHOTrzOzV/ZRx08AWCsNN8/Hq88Le2Q8omrmF6W
Ft8imbOqXklp4f1Iz/MLTb2BgYC1RC1zKZa0ZuG+aUvD9bPbqfcfaEFFEbUp7XzS
QdDy4OQUblkYxFUXNBc9QRRjL2UTpnXVoVDe45fN3NP9+qltn2o=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:25 2025 by rpki-client