Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/vCDztrlrNrPt9fo6YouxSjnnFVQ.roa
File: vCDztrlrNrPt9fo6YouxSjnnFVQ.roa (raw, json)
Hash identifier: C9gjTPImSV8XGrjP1z+30zoQvLbM1GI48tOhez4Na0Q=
Subject key identifier: BC:20:F3:B6:B9:6B:36:B3:ED:F5:FA:3A:62:8B:B1:4A:39:E7:15:54
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC53DECC05D516748D2C603633029
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/vCDztrlrNrPt9fo6YouxSjnnFVQ.roa
Signing time: Thu 02 Jan 2025 09:49:44 +0000
ROA not before: Thu 02 Jan 2025 09:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15910
IP address blocks: 212.183.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c5:3d:ec:c0:5d:51:67:48:d2:c6:03:63:30:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc20f3b6b96b36b3edf5fa3a628bb14a39e71554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:67:65:66:02:3b:21:2e:be:04:6b:b5:c4:19:
cb:88:f5:6e:fe:e6:f7:5c:8d:3e:42:10:43:46:7c:
f9:ac:57:fa:cd:7e:b4:bf:e2:8d:1f:c8:fd:86:e5:
db:8c:b3:ca:b1:1c:41:8d:e6:37:85:6f:d0:95:ea:
ff:14:69:39:55:71:4d:f7:ac:ca:db:22:9a:71:37:
b9:dd:06:f9:e3:3c:23:95:0d:1d:93:10:6e:60:c8:
48:94:8f:9d:bc:dc:d1:a0:b8:29:8f:2c:73:b7:54:
2e:f2:a8:35:73:93:91:47:cd:0a:1a:4c:3e:f6:26:
71:79:91:f1:56:b5:22:f6:fd:74:43:e5:a1:85:e8:
bd:64:4f:a8:cc:14:28:00:53:ac:e8:15:b6:a7:ce:
1b:9b:20:70:0a:91:46:05:2b:a5:46:bb:99:11:13:
25:22:19:54:95:83:5e:ab:63:3a:b6:73:d5:99:97:
f2:1f:c6:1f:ba:a1:2c:47:f8:88:90:89:f3:5d:3f:
97:0b:10:16:ad:47:8b:05:ff:0c:89:65:2b:50:d5:
99:7f:7c:f6:f6:0b:34:57:9c:6a:c6:c5:27:49:a3:
00:b8:3d:7d:45:ea:3b:9c:d1:ce:36:00:e0:d9:35:
e2:88:7f:1c:7a:1d:0d:0a:43:4c:c5:db:9d:6d:d7:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:20:F3:B6:B9:6B:36:B3:ED:F5:FA:3A:62:8B:B1:4A:39:E7:15:54
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/vCDztrlrNrPt9fo6YouxSjnnFVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.183.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:f8:d2:ab:89:e2:c1:da:b4:d3:2e:ae:b7:26:08:05:2c:df:
f7:2c:43:3a:17:29:5c:3e:df:13:1b:42:27:a2:f6:f2:1f:23:
f3:ba:fd:70:10:ca:0e:6b:2a:a3:af:38:a7:5c:73:27:44:ce:
0d:3c:52:54:c4:38:48:a5:cf:42:8d:78:06:4d:29:10:17:44:
6b:ac:08:a8:b7:67:71:e5:3a:b3:55:98:b7:97:58:50:46:d7:
b4:ff:22:c4:1e:4f:92:cf:61:bf:aa:08:e7:c6:b7:6e:3f:a2:
4f:94:9e:f9:14:d7:75:19:1b:9b:50:50:ff:b4:04:ee:84:b5:
61:a5:8f:1e:36:aa:72:53:65:92:69:bf:67:1c:69:d2:f1:f9:
e6:b6:79:d4:49:34:4b:62:a8:da:72:41:8b:fa:fd:e1:17:64:
be:6f:9b:0c:92:b0:49:be:5d:f3:b1:0b:91:ae:9c:e5:c7:a4:
15:55:d1:ff:7a:8c:c8:d0:30:55:cc:cd:c2:2b:9e:6a:bf:b0:
3f:91:54:18:b7:6a:a6:5a:cc:7f:a7:8d:f5:92:6f:65:a1:9f:
0f:e3:34:7e:1e:8f:51:83:39:d2:36:bf:51:7c:fe:1f:80:06:
09:77:3f:c3:d8:50:89:99:0d:9c:86:bc:f9:c6:a0:45:26:8d:
c0:45:b2:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8U97MBdUWdI0sYDYzApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzIwZjNiNmI5NmIzNmIzZWRmNWZhM2E2MjhiYjE0YTM5ZTcxNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWdlZgI7IS6+BGu1xBnLiPVu/ub3
XI0+QhBDRnz5rFf6zX60v+KNH8j9huXbjLPKsRxBjeY3hW/Qler/FGk5VXFN96zK
2yKacTe53Qb54zwjlQ0dkxBuYMhIlI+dvNzRoLgpjyxzt1Qu8qg1c5ORR80KGkw+
9iZxeZHxVrUi9v10Q+Whhei9ZE+ozBQoAFOs6BW2p84bmyBwCpFGBSulRruZERMl
IhlUlYNeq2M6tnPVmZfyH8YfuqEsR/iIkInzXT+XCxAWrUeLBf8MiWUrUNWZf3z2
9gs0V5xqxsUnSaMAuD19Reo7nNHONgDg2TXiiH8ceh0NCkNMxdudbdfzoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwg87a5azaz7fX6OmKLsUo55xVUMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvdkNEenRybHJOclB0OWZvNllvdXhTam5uRlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LcFMA0G
CSqGSIb3DQEBCwUAA4IBAQCg+NKrieLB2rTTLq63JggFLN/3LEM6FylcPt8TG0In
ovbyHyPzuv1wEMoOayqjrzinXHMnRM4NPFJUxDhIpc9CjXgGTSkQF0RrrAiot2dx
5TqzVZi3l1hQRte0/yLEHk+Sz2G/qgjnxrduP6JPlJ75FNd1GRubUFD/tATuhLVh
pY8eNqpyU2WSab9nHGnS8fnmtnnUSTRLYqjackGL+v3hF2S+b5sMkrBJvl3zsQuR
rpzlx6QVVdH/eozI0DBVzM3CK55qv7A/kVQYt2qmWsx/p431km9loZ8P4zR+Ho9R
gznSNr9RfP4fgAYJdz/D2FCJmQ2chrz5xqBFJo3ARbL1
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:21 2025 by rpki-client