Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/VdTIZg10bNsf97lJZgApyqs5rnw.roa
File: VdTIZg10bNsf97lJZgApyqs5rnw.roa (raw, json)
Hash identifier: JZmVNExP4W1uSJTEkKjxhG9IYISkRZKnN8IfaygiTvg=
Subject key identifier: 55:D4:C8:66:0D:74:6C:DB:1F:F7:B9:49:66:00:29:CA:AB:39:AE:7C
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 019420684EBFE21225978D74230717F2EB65
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/VdTIZg10bNsf97lJZgApyqs5rnw.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59962
IP address blocks: 151.232.112.0/24 maxlen: 24
151.232.113.0/24 maxlen: 24
151.232.114.0/24 maxlen: 24
151.232.115.0/24 maxlen: 24
151.232.116.0/24 maxlen: 24
151.232.117.0/24 maxlen: 24
151.232.118.0/24 maxlen: 24
151.232.119.0/24 maxlen: 24
151.232.120.0/24 maxlen: 24
151.232.121.0/24 maxlen: 24
151.232.122.0/24 maxlen: 24
151.232.123.0/24 maxlen: 24
151.232.124.0/24 maxlen: 24
151.232.125.0/24 maxlen: 24
151.232.126.0/24 maxlen: 24
151.232.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4e:bf:e2:12:25:97:8d:74:23:07:17:f2:eb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55d4c8660d746cdb1ff7b949660029caab39ae7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4d:b2:c9:36:83:e5:5e:77:29:6c:db:a7:cf:
36:5a:7f:a3:ba:6c:02:27:02:8f:c2:88:ae:46:f9:
c0:0d:c3:48:15:f5:3d:95:25:27:2a:32:72:3c:2d:
aa:45:81:c7:4a:81:94:a2:82:7c:f8:10:ed:e8:90:
7b:d1:ea:2d:1b:5e:30:d5:46:6e:5d:27:07:ed:93:
77:36:b7:e9:9c:7e:e3:54:4d:57:8c:b6:c5:3d:5e:
84:fe:eb:cb:d6:34:62:40:d3:3f:de:a1:02:44:0f:
80:d2:74:a9:80:01:b0:f6:97:14:5a:b5:07:5d:7a:
a3:17:f9:72:b4:36:43:c1:66:48:93:fe:21:6e:04:
a1:77:c1:02:f7:5e:31:5b:c2:3d:63:98:51:37:52:
b0:cd:43:9f:20:10:96:76:70:9f:b1:6b:c6:75:6f:
58:cb:26:54:cb:a1:93:70:8e:d1:33:cc:4d:0f:54:
bd:6a:a1:64:c8:aa:bd:a3:fb:9e:16:e2:a7:c9:d5:
35:f0:16:3d:2f:e7:65:06:26:86:e9:5e:9f:dc:56:
ed:89:03:cf:84:ea:d1:31:91:40:bc:11:a0:b1:b9:
25:1f:91:42:c0:5d:53:ac:ec:c3:b0:79:47:68:da:
ca:cc:80:ea:74:8f:01:23:cc:63:e4:e4:06:c6:e8:
2e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D4:C8:66:0D:74:6C:DB:1F:F7:B9:49:66:00:29:CA:AB:39:AE:7C
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/VdTIZg10bNsf97lJZgApyqs5rnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.232.112.0/20
Signature Algorithm: sha256WithRSAEncryption
49:b9:cd:97:f4:79:97:b2:fd:62:7d:2b:24:4b:12:18:d0:ba:
f2:9e:b9:59:b1:e2:c7:74:21:65:9f:30:72:73:0d:fa:f5:18:
fd:92:bc:6a:ab:22:54:7b:61:74:a9:31:f8:72:98:11:c4:69:
d3:5f:a2:ed:75:db:12:e1:2f:e9:0f:77:a1:b6:96:e1:a9:4f:
56:ce:4f:e3:f7:85:4a:b7:77:12:30:b6:99:cc:56:2a:5c:4b:
5c:80:44:77:a9:02:2a:61:f0:2d:fb:b2:99:5a:00:75:72:15:
9c:1d:71:b3:45:55:0c:23:25:c6:d9:aa:15:1b:9e:69:a7:2b:
ec:8f:43:f1:7d:ea:32:02:0c:d1:a9:4f:77:36:ad:2c:96:0a:
a0:28:e7:9a:3a:4f:64:d9:b7:88:e0:36:d7:7b:f6:af:41:ac:
61:91:09:57:ba:84:22:3c:ce:b5:87:a0:92:e6:6f:da:95:f7:
37:d8:a2:89:61:6f:4c:11:65:e9:b2:83:46:a3:bc:82:e7:82:
4e:34:5f:db:f6:c8:90:21:3b:0d:48:12:04:15:b1:6c:c6:ee:
6f:a2:ba:30:f2:34:c5:92:20:24:4a:f0:9d:4c:bc:39:49:ba:
4c:6d:24:2b:bd:0e:da:8a:15:ed:ba:4b:6e:e3:d3:c3:33:a0:
3e:ab:31:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaE6/4hIll410IwcX8utlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ0Yzg2NjBkNzQ2Y2RiMWZmN2I5NDk2NjAwMjljYWFiMzlhZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE2yyTaD5V53KWzbp882Wn+jumwC
JwKPwoiuRvnADcNIFfU9lSUnKjJyPC2qRYHHSoGUooJ8+BDt6JB70eotG14w1UZu
XScH7ZN3NrfpnH7jVE1XjLbFPV6E/uvL1jRiQNM/3qECRA+A0nSpgAGw9pcUWrUH
XXqjF/lytDZDwWZIk/4hbgShd8EC914xW8I9Y5hRN1KwzUOfIBCWdnCfsWvGdW9Y
yyZUy6GTcI7RM8xND1S9aqFkyKq9o/ueFuKnydU18BY9L+dlBiaG6V6f3FbtiQPP
hOrRMZFAvBGgsbklH5FCwF1TrOzDsHlHaNrKzIDqdI8BI8xj5OQGxuguoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXUyGYNdGzbH/e5SWYAKcqrOa58MB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvVmRUSVpnMTBiTnNmOTdsSlpnQXB5cXM1cm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEl+hwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJuc2X9HmXsv1ifSskSxIY0LrynrlZseLHdCFlnzBy
cw369Rj9krxqqyJUe2F0qTH4cpgRxGnTX6LtddsS4S/pD3ehtpbhqU9Wzk/j94VK
t3cSMLaZzFYqXEtcgER3qQIqYfAt+7KZWgB1chWcHXGzRVUMIyXG2aoVG55ppyvs
j0PxfeoyAgzRqU93Nq0slgqgKOeaOk9k2beI4DbXe/avQaxhkQlXuoQiPM61h6CS
5m/alfc32KKJYW9MEWXpsoNGo7yC54JONF/b9siQITsNSBIEFbFsxu5vorow8jTF
kiAkSvCdTLw5SbpMbSQrvQ7aihXtuktu49PDM6A+qzEo
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:36:59 2025 by rpki-client