Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/VcpLmnndha8Y-vfgXC2dpkPqHYo.roa
File: VcpLmnndha8Y-vfgXC2dpkPqHYo.roa (raw, json)
Hash identifier: LeB85j8HcdjYpxaE0+430+0+/Pe7eOGrdSERq3WAn0k=
Subject key identifier: 55:CA:4B:9A:79:DD:85:AF:18:FA:F7:E0:5C:2D:9D:A6:43:EA:1D:8A
Certificate issuer: /CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Certificate serial: 0194228E124E09D6EAA5F81D1C67F9C2F0C2
Authority key identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/VcpLmnndha8Y-vfgXC2dpkPqHYo.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 80.67.96.0/20 maxlen: 24
92.54.0.0/18 maxlen: 18
185.10.168.0/22 maxlen: 22
2a02:a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.mft
rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:12:4e:09:d6:ea:a5:f8:1d:1c:67:f9:c2:f0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55ca4b9a79dd85af18faf7e05c2d9da643ea1d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:45:2d:98:9a:9e:37:40:84:d0:b5:fd:55:
cf:6b:a0:76:81:a7:de:28:4f:72:89:3d:64:9c:42:
fb:1b:54:ad:ab:bf:69:ef:55:80:99:ce:75:84:29:
df:b9:5c:2c:7a:a2:67:7d:5e:e3:00:d8:5e:93:b4:
21:33:b4:73:87:2d:fb:2c:f8:80:e5:8b:c2:00:62:
58:ae:25:a8:13:6c:e8:26:b4:46:b6:a2:59:cf:0a:
a5:67:6d:45:28:c9:e4:6b:04:bb:5d:4e:2e:8e:ac:
b2:9b:81:0b:99:4f:7e:08:ad:b8:a4:62:f2:7e:63:
f5:c2:87:bb:bd:41:64:e5:1a:30:9e:8c:5a:8c:83:
25:4c:e3:bc:a2:57:4e:61:be:10:0b:ec:5d:4a:b2:
f9:64:e0:45:ac:32:49:8b:2b:cc:43:2d:9a:2d:95:
21:b6:a2:63:9c:21:41:23:28:98:c3:44:20:fb:83:
20:18:b8:e6:55:9f:b4:10:e4:8f:da:80:66:d1:6b:
3f:7f:7a:b8:8b:b6:17:30:93:f8:2e:fa:9e:98:24:
66:33:11:a0:b4:9b:6a:81:08:2b:b8:79:e3:1c:e7:
73:ab:82:3a:81:7b:ec:d3:99:09:bf:ef:8e:5e:fb:
55:f0:40:57:28:55:d0:cd:4b:9c:aa:75:a1:65:fc:
91:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CA:4B:9A:79:DD:85:AF:18:FA:F7:E0:5C:2D:9D:A6:43:EA:1D:8A
X509v3 Authority Key Identifier:
keyid:5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/VcpLmnndha8Y-vfgXC2dpkPqHYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.96.0/20
92.54.0.0/18
185.10.168.0/22
IPv6:
2a02:a0::/32
Signature Algorithm: sha256WithRSAEncryption
72:cb:00:34:eb:6b:13:06:2f:d8:4f:a3:fe:47:12:23:03:eb:
78:b3:5e:ef:d4:fd:d2:14:a1:bc:84:1b:ec:47:ce:41:35:c2:
cd:de:8b:96:4f:ed:a7:26:f9:52:e1:04:8f:d7:fa:34:7e:a6:
fe:d6:cb:61:72:96:ad:13:da:37:ad:cf:b2:aa:42:bf:e9:31:
c8:6b:90:db:b6:57:2c:63:ca:8e:ac:eb:43:29:62:32:cd:ee:
e5:55:98:60:20:6e:82:d1:43:e0:7e:39:97:90:ee:31:52:ec:
83:3e:11:63:1a:c0:cb:62:68:2c:1c:50:be:5a:d3:2b:97:80:
4f:ca:74:83:96:3b:58:d6:58:cc:77:9a:93:7f:88:ae:3c:b5:
71:7a:4f:0e:74:63:46:98:16:1e:71:6b:ee:44:da:9d:19:fc:
b6:3d:99:39:27:8f:5a:0d:c1:04:98:2b:aa:31:be:67:71:4e:
91:e2:56:8d:0a:39:c2:73:29:e6:14:78:94:e1:f5:d5:d1:c0:
7d:3c:4a:de:7d:f9:ec:16:02:e4:53:71:d3:0b:b1:0a:91:f3:
3b:52:8c:ba:58:98:3d:a5:5c:4e:43:39:c4:3c:bb:ec:e2:27:
86:dc:53:f7:9a:7e:ac:ee:ba:d3:85:5c:a1:35:8b:28:22:0e:
13:1f:53:9d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijhJOCdbqpfgdHGf5wvDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTA1M2RmZTc3MTJlZTYzZGJmZjY0MGZhZTA3MzA4ZDY2
Y2U3NDgwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWNhNGI5YTc5ZGQ4NWFmMThmYWY3ZTA1YzJkOWRhNjQzZWExZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY5FLZianjdAhNC1/VXPa6B2gafe
KE9yiT1knEL7G1Stq79p71WAmc51hCnfuVwseqJnfV7jANhek7QhM7Rzhy37LPiA
5YvCAGJYriWoE2zoJrRGtqJZzwqlZ21FKMnkawS7XU4ujqyym4ELmU9+CK24pGLy
fmP1woe7vUFk5RownoxajIMlTOO8oldOYb4QC+xdSrL5ZOBFrDJJiyvMQy2aLZUh
tqJjnCFBIyiYw0Qg+4MgGLjmVZ+0EOSP2oBm0Ws/f3q4i7YXMJP4LvqemCRmMxGg
tJtqgQgruHnjHOdzq4I6gXvs05kJv++OXvtV8EBXKFXQzUucqnWhZfyRGwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFXKS5p53YWvGPr34FwtnaZD6h2KMB8GA1UdIwQY
MBaAFFygU9/ncS7mPb/2QPrgcwjWbOdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmIt
ODBjM2VhNGZkMDAwLzEvVmNwTG1ubmRoYThZLXZmZ1hDMmRwa1BxSFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmItODBjM2VhNGZkMDAw
LzEvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUENgAwQG
XDYAAwQCuQqoMA0EAgACMAcDBQAqAgCgMA0GCSqGSIb3DQEBCwUAA4IBAQByywA0
62sTBi/YT6P+RxIjA+t4s17v1P3SFKG8hBvsR85BNcLN3ouWT+2nJvlS4QSP1/o0
fqb+1sthcpatE9o3rc+yqkK/6THIa5DbtlcsY8qOrOtDKWIyze7lVZhgIG6C0UPg
fjmXkO4xUuyDPhFjGsDLYmgsHFC+WtMrl4BPynSDljtY1ljMd5qTf4iuPLVxek8O
dGNGmBYecWvuRNqdGfy2PZk5J49aDcEEmCuqMb5ncU6R4laNCjnCcynmFHiU4fXV
0cB9PEreffnsFgLkU3HTC7EKkfM7Uoy6WJg9pVxOQznEPLvs4ieG3FP3mn6s7rrT
hVyhNYsoIg4TH1Od
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:50:38 2025 by rpki-client