Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vz7t1xxZS7Y8mi76AGQLhqb1ZQs.roa
File: Vz7t1xxZS7Y8mi76AGQLhqb1ZQs.roa (raw, json)
Hash identifier: f5Op16EAB77dhVLhwIcxz3vKwaJVulfI7NYLkrJ/rQU=
Subject key identifier: 57:3E:ED:D7:1C:59:4B:B6:3C:9A:2E:FA:00:64:0B:86:A6:F5:65:0B
Certificate issuer: /CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Certificate serial: 0194258FA7802B3BF41F37A5C1378184F76D
Authority key identifier: 56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vz7t1xxZS7Y8mi76AGQLhqb1ZQs.roa
Signing time: Thu 02 Jan 2025 05:49:19 +0000
ROA not before: Thu 02 Jan 2025 05:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 89.150.63.0/24 maxlen: 24
194.176.117.0/24 maxlen: 24
195.5.104.0/24 maxlen: 24
2a13:14c0::/32 maxlen: 48
2a13:14c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a7:80:2b:3b:f4:1f:37:a5:c1:37:81:84:f7:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Validity
Not Before: Jan 2 05:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=573eedd71c594bb63c9a2efa00640b86a6f5650b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:cb:cd:b6:f4:bb:18:f0:4f:d9:4b:6d:13:
4b:8d:f9:59:68:8a:c1:dc:b0:d9:e8:2e:45:e4:33:
6f:36:4f:0a:e6:a4:40:45:2e:a4:a1:f2:c9:2f:12:
90:77:ac:eb:e9:f3:78:a8:66:28:30:27:07:6b:d5:
cf:53:18:22:cd:17:58:cc:e8:f0:0c:e3:c8:f1:55:
0b:b8:83:b5:bd:11:7b:63:f3:70:8f:67:13:78:c4:
3e:be:d5:93:d5:f9:75:81:e7:79:ac:0b:f5:18:bb:
b7:c3:3b:d4:e0:ed:03:33:3d:d5:5a:e4:7f:ee:72:
5d:79:49:2c:fb:44:d3:ca:7e:89:70:7e:fb:ee:6c:
63:b4:0b:3f:28:61:b8:5e:32:c7:7e:f2:9c:b8:f2:
77:d4:46:86:f4:0c:65:fe:55:01:e9:51:42:f2:76:
08:69:ca:98:76:78:c9:29:7b:92:25:2e:0f:58:6f:
9e:2f:b4:2b:65:88:f5:21:2e:b1:41:eb:a5:78:77:
d5:54:08:98:38:ab:3a:5a:07:dd:8a:ba:ec:11:bc:
1c:4b:6e:8c:d0:53:63:35:be:c2:3c:9e:79:a7:57:
6d:65:9f:6e:49:c6:4b:59:46:c4:cc:45:45:e5:4a:
ef:51:a4:f4:45:18:3e:1f:16:22:40:d9:1f:d8:ab:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3E:ED:D7:1C:59:4B:B6:3C:9A:2E:FA:00:64:0B:86:A6:F5:65:0B
X509v3 Authority Key Identifier:
keyid:56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vz7t1xxZS7Y8mi76AGQLhqb1ZQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.63.0/24
194.176.117.0/24
195.5.104.0/24
IPv6:
2a13:14c0::/31
Signature Algorithm: sha256WithRSAEncryption
55:14:67:e2:15:3d:b5:de:4d:c7:c9:48:a3:9b:68:11:07:cb:
73:26:91:86:02:1e:62:28:37:8c:f6:76:47:b3:17:ef:c9:bc:
20:7c:ec:c3:08:76:0e:6f:91:22:b8:7e:e0:eb:e1:f4:66:c4:
4a:b8:3d:5e:58:e7:c0:80:4c:ac:2b:f9:b3:87:f1:70:f8:be:
6b:dd:e8:f9:47:e3:7e:d7:0f:d6:81:39:ac:a0:08:ae:55:be:
a4:b6:96:e3:47:0e:ce:3b:09:7c:79:46:d0:6f:b9:e2:d4:b1:
55:8a:9d:d5:2c:80:0b:5e:74:4c:1d:52:33:92:e3:6e:cd:3f:
59:d9:90:e0:21:98:a3:48:70:77:04:d4:b4:06:95:1f:c6:88:
48:2d:1f:43:6c:59:b3:89:e8:b9:b5:07:e0:d5:18:b4:17:b4:
16:98:9a:3c:8e:b5:87:84:7d:ca:78:c3:f7:bf:4e:62:7e:69:
25:09:b9:db:76:a9:e2:af:43:1f:03:a2:e5:9b:ad:ca:89:2b:
81:60:a4:80:a0:7b:36:05:df:20:c6:b9:59:ec:82:72:c6:34:
7b:90:d9:bd:43:09:41:79:a2:2f:b7:e7:cb:d6:0d:aa:80:47:
70:d1:f2:32:54:41:c5:33:13:d8:49:f6:17:b0:d9:48:90:4c:
d1:01:6e:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlj6eAKzv0HzelwTeBhPdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWQ5YjJjMjI3YjQxM2M1MDU4MTMyOTRmYWFkYjZkYmJj
MmRkNjYwHhcNMjUwMTAyMDU0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzNlZWRkNzFjNTk0YmI2M2M5YTJlZmEwMDY0MGI4NmE2ZjU2NTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgLLzbb0uxjwT9lLbRNLjflZaIrB
3LDZ6C5F5DNvNk8K5qRARS6kofLJLxKQd6zr6fN4qGYoMCcHa9XPUxgizRdYzOjw
DOPI8VULuIO1vRF7Y/Nwj2cTeMQ+vtWT1fl1ged5rAv1GLu3wzvU4O0DMz3VWuR/
7nJdeUks+0TTyn6JcH777mxjtAs/KGG4XjLHfvKcuPJ31EaG9Axl/lUB6VFC8nYI
acqYdnjJKXuSJS4PWG+eL7QrZYj1IS6xQeuleHfVVAiYOKs6WgfdirrsEbwcS26M
0FNjNb7CPJ55p1dtZZ9uScZLWUbEzEVF5UrvUaT0RRg+HxYiQNkf2KviCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFc+7dccWUu2PJou+gBkC4am9WULMB8GA1UdIwQY
MBaAFFatmywie0E8UFgTKU+q2227wt1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYt
NzE4YjhjN2M5MzM1LzEvVno3dDF4eFpTN1k4bWk3NkFHUUxocWIxWlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYtNzE4YjhjN2M5MzM1
LzEvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWZY/AwQA
wrB1AwQAwwVoMA0EAgACMAcDBQEqExTAMA0GCSqGSIb3DQEBCwUAA4IBAQBVFGfi
FT213k3HyUijm2gRB8tzJpGGAh5iKDeM9nZHsxfvybwgfOzDCHYOb5EiuH7g6+H0
ZsRKuD1eWOfAgEysK/mzh/Fw+L5r3ej5R+N+1w/WgTmsoAiuVb6ktpbjRw7OOwl8
eUbQb7ni1LFVip3VLIALXnRMHVIzkuNuzT9Z2ZDgIZijSHB3BNS0BpUfxohILR9D
bFmziei5tQfg1Ri0F7QWmJo8jrWHhH3KeMP3v05ifmklCbnbdqnir0MfA6Llm63K
iSuBYKSAoHs2Bd8gxrlZ7IJyxjR7kNm9QwlBeaIvt+fL1g2qgEdw0fIyVEHFMxPY
SfYXsNlIkEzRAW7V
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:35 2025 by rpki-client