Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/vKmVyZKo1mVbWaxUYsU2k0zxDdU.roa
File: vKmVyZKo1mVbWaxUYsU2k0zxDdU.roa (raw, json)
Hash identifier: gYV9eOLfrWkPtH6rFSHehM6qyeO4Oplr2KmQKju1kVs=
Subject key identifier: BC:A9:95:C9:92:A8:D6:65:5B:59:AC:54:62:C5:36:93:4C:F1:0D:D5
Certificate issuer: /CN=cb1d15194278a29aad57ca375f99588b976ef829
Certificate serial: 01941FFA2FA92126D4B3588DF47279C1CD7C
Authority key identifier: CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/vKmVyZKo1mVbWaxUYsU2k0zxDdU.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1930
IP address blocks: 192.68.209.0/24 maxlen: 24
192.82.127.0/24 maxlen: 24
192.86.138.0/24 maxlen: 24
192.88.17.0/24 maxlen: 24
192.88.250.0/24 maxlen: 24
192.88.251.0/24 maxlen: 24
192.88.252.0/24 maxlen: 24
192.88.253.0/24 maxlen: 24
192.88.254.0/24 maxlen: 24
192.92.142.0/24 maxlen: 24
192.135.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2f:a9:21:26:d4:b3:58:8d:f4:72:79:c1:cd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1d15194278a29aad57ca375f99588b976ef829
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca995c992a8d6655b59ac5462c536934cf10dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:71:b4:64:e3:95:b8:0d:66:64:5f:ef:5d:a3:
72:1d:ee:b9:48:04:d3:b5:21:2d:2a:9f:af:d4:01:
41:b0:14:c9:ae:14:c3:15:c2:f7:4f:08:1b:99:4b:
24:65:d5:f1:ed:61:45:60:e8:39:76:7d:06:c5:79:
3f:e1:7b:1a:46:30:c2:ea:fe:53:c2:32:1e:95:c3:
09:7e:94:2f:4d:77:35:27:f6:e6:f1:69:97:2d:58:
ca:24:a9:07:22:66:f7:0d:9c:02:84:fb:60:41:a2:
3a:47:25:5e:64:48:cf:10:f1:a4:39:64:de:ca:d7:
d5:d9:e6:1c:65:6b:6f:d4:56:e3:24:d3:e0:36:e3:
41:95:07:bb:aa:d7:8d:cd:6f:73:25:ed:73:bf:28:
e9:70:98:92:2f:d2:0f:59:c6:b7:8f:44:78:b5:e6:
07:32:55:f4:f3:35:7e:9b:26:30:11:73:c7:f6:a2:
b2:fc:45:a0:2c:f1:81:3e:51:29:90:70:16:18:a9:
82:98:a0:8e:6d:06:7d:b5:46:e2:24:c2:ad:48:b1:
5b:07:2f:14:e4:3b:51:90:f7:3d:10:d4:95:6d:b8:
3b:e5:d5:39:2b:67:ee:85:05:b9:49:87:d7:cc:80:
eb:8c:8f:f7:c0:0d:3f:be:95:05:a5:3a:7b:27:89:
f7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A9:95:C9:92:A8:D6:65:5B:59:AC:54:62:C5:36:93:4C:F1:0D:D5
X509v3 Authority Key Identifier:
keyid:CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/vKmVyZKo1mVbWaxUYsU2k0zxDdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.209.0/24
192.82.127.0/24
192.86.138.0/24
192.88.17.0/24
192.88.250.0-192.88.254.255
192.92.142.0/24
192.135.187.0/24
Signature Algorithm: sha256WithRSAEncryption
01:46:e2:70:54:ff:f2:c2:7a:63:7e:57:e4:68:16:0b:b5:91:
9f:20:34:e8:82:8f:3c:33:2c:01:5b:ec:8a:c9:5c:d6:32:26:
88:aa:6a:0a:85:43:fd:79:f3:52:e6:6b:c4:20:2b:02:b6:2d:
f6:a0:ee:37:05:92:64:4c:7c:82:6c:0d:33:88:44:2b:3e:e8:
81:d3:7c:f0:f1:9e:60:2b:7b:68:d6:08:7a:d8:d9:a2:80:5d:
b6:1e:ce:83:f7:8b:73:3d:72:eb:b0:32:c2:45:00:31:ef:8d:
9f:f7:e3:1d:11:63:4a:af:4e:79:bc:42:32:8e:4c:31:4f:15:
f0:4f:f2:3a:36:25:fc:a2:6d:24:30:7d:a9:70:f5:6d:31:39:
e8:de:59:9f:09:3b:00:42:91:3f:4b:dd:37:40:89:b3:85:9c:
9d:ff:f6:e4:78:de:c1:7e:be:2b:0c:d8:4e:c6:89:26:ba:77:
16:9c:82:af:67:ff:2e:21:f0:4a:92:ce:e6:4d:a8:6b:d3:3a:
62:bc:99:46:7a:51:33:18:66:72:cb:28:8d:9c:09:aa:95:57:
00:82:eb:fd:45:91:4f:08:c6:3c:f4:b9:67:46:30:0c:46:a2:
00:c2:4f:b6:b9:13:fb:f6:72:23:ab:87:c8:cf:f4:79:0f:42:
e4:05:98:49
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQf+i+pISbUs1iN9HJ5wc18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWQxNTE5NDI3OGEyOWFhZDU3Y2EzNzVmOTk1ODhiOTc2
ZWY4MjkwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E5OTVjOTkyYThkNjY1NWI1OWFjNTQ2MmM1MzY5MzRjZjEwZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHG0ZOOVuA1mZF/vXaNyHe65SATT
tSEtKp+v1AFBsBTJrhTDFcL3TwgbmUskZdXx7WFFYOg5dn0GxXk/4XsaRjDC6v5T
wjIelcMJfpQvTXc1J/bm8WmXLVjKJKkHImb3DZwChPtgQaI6RyVeZEjPEPGkOWTe
ytfV2eYcZWtv1FbjJNPgNuNBlQe7qteNzW9zJe1zvyjpcJiSL9IPWca3j0R4teYH
MlX08zV+myYwEXPH9qKy/EWgLPGBPlEpkHAWGKmCmKCObQZ9tUbiJMKtSLFbBy8U
5DtRkPc9ENSVbbg75dU5K2fuhQW5SYfXzIDrjI/3wA0/vpUFpTp7J4n3WQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLyplcmSqNZlW1msVGLFNpNM8Q3VMB8GA1UdIwQY
MBaAFMsdFRlCeKKarVfKN1+ZWIuXbvgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEt
MWZiMzg0MzVhZjc3LzEvdkttVnlaS28xbVZiV2F4VVlzVTJrMHp4RGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEtMWZiMzg0MzVhZjc3
LzEveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwETRAwQA
wFJ/AwQAwFaKAwQAwFgRMAwDBAHAWPoDBADAWP4DBADAXI4DBADAh7swDQYJKoZI
hvcNAQELBQADggEBAAFG4nBU//LCemN+V+RoFgu1kZ8gNOiCjzwzLAFb7IrJXNYy
JoiqagqFQ/1581Lma8QgKwK2Lfag7jcFkmRMfIJsDTOIRCs+6IHTfPDxnmAre2jW
CHrY2aKAXbYezoP3i3M9cuuwMsJFADHvjZ/34x0RY0qvTnm8QjKOTDFPFfBP8jo2
JfyibSQwfalw9W0xOejeWZ8JOwBCkT9L3TdAibOFnJ3/9uR43sF+visM2E7GiSa6
dxacgq9n/y4h8EqSzuZNqGvTOmK8mUZ6UTMYZnLLKI2cCaqVVwCC6/1FkU8Ixjz0
uWdGMAxGogDCT7a5E/v2ciOrh8jP9HkPQuQFmEk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:29:28 2025 by rpki-client