Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/fvjwad8hv5M8RT1bW6F3smOFB2Y.roa
File: fvjwad8hv5M8RT1bW6F3smOFB2Y.roa (raw, json)
Hash identifier: at0gl2Sa+um/oWDDDgR4biQkEbCFJi5QlnnXaGwjc0g=
Subject key identifier: 7E:F8:F0:69:DF:21:BF:93:3C:45:3D:5B:5B:A1:77:B2:63:85:07:66
Certificate issuer: /CN=8bc3948d8b93a21e6d57d9c6554d5edd107d09af
Certificate serial: 01946DFE8DD152FE21CCBA2793BD2B82F56C
Authority key identifier: 8B:C3:94:8D:8B:93:A2:1E:6D:57:D9:C6:55:4D:5E:DD:10:7D:09:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i8OUjYuToh5tV9nGVU1e3RB9Ca8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/fvjwad8hv5M8RT1bW6F3smOFB2Y.roa
Signing time: Thu 16 Jan 2025 07:23:06 +0000
ROA not before: Thu 16 Jan 2025 07:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60153
IP address blocks: 185.55.196.0/24 maxlen: 24
185.55.197.0/24 maxlen: 24
185.55.198.0/24 maxlen: 24
185.55.199.0/24 maxlen: 24
185.182.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/i8OUjYuToh5tV9nGVU1e3RB9Ca8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/i8OUjYuToh5tV9nGVU1e3RB9Ca8.mft
rsync://rpki.ripe.net/repository/DEFAULT/i8OUjYuToh5tV9nGVU1e3RB9Ca8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6d:fe:8d:d1:52:fe:21:cc:ba:27:93:bd:2b:82:f5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bc3948d8b93a21e6d57d9c6554d5edd107d09af
Validity
Not Before: Jan 16 07:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ef8f069df21bf933c453d5b5ba177b263850766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:a2:f6:92:43:c1:fb:8b:8e:26:5d:b5:88:
c1:4f:f0:d7:4a:c0:82:f7:3b:d8:8a:cb:77:fd:b1:
ba:40:e4:38:5b:c5:a0:16:90:62:2c:d4:dd:4a:48:
0d:7e:16:d7:d4:a2:ef:bf:7c:8d:62:21:2a:0a:58:
1a:bd:ea:d4:b9:7e:f9:ae:b3:d9:1a:26:3e:66:55:
bf:9d:f1:0d:c4:f4:a1:54:b7:27:98:c0:cc:07:03:
56:01:d4:17:e3:fb:02:6c:6c:e4:72:64:ba:97:58:
a4:27:2f:de:1d:ac:ce:37:62:0a:00:0b:fd:52:72:
e5:64:ad:38:93:c5:d3:c9:64:9b:5d:9b:82:6d:91:
49:28:fb:da:5c:20:57:50:dc:06:03:fe:17:be:bc:
9d:72:6a:56:6f:9e:31:42:82:67:7e:93:e4:b9:f7:
9b:ec:90:4e:20:00:fe:09:fe:49:25:42:98:d0:6e:
17:a9:41:3a:c3:b6:40:c4:0d:0b:c9:9f:a6:c9:a6:
97:18:0e:b3:01:0b:57:5d:f1:4d:8d:40:aa:3c:eb:
45:e7:9d:6a:3b:b6:a1:e4:bc:89:1a:82:87:ff:d9:
7a:06:01:ff:41:11:17:0f:a3:16:5c:5c:af:f7:1f:
32:2c:35:06:49:cf:c1:89:10:bf:a2:69:02:05:24:
c5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F8:F0:69:DF:21:BF:93:3C:45:3D:5B:5B:A1:77:B2:63:85:07:66
X509v3 Authority Key Identifier:
keyid:8B:C3:94:8D:8B:93:A2:1E:6D:57:D9:C6:55:4D:5E:DD:10:7D:09:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i8OUjYuToh5tV9nGVU1e3RB9Ca8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/fvjwad8hv5M8RT1bW6F3smOFB2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/510e57-38da-494d-8200-891fa21c6f0b/1/i8OUjYuToh5tV9nGVU1e3RB9Ca8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.196.0/22
185.182.64.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:f2:25:c0:4e:74:b0:4b:66:d4:d1:96:b0:f8:9f:c6:95:15:
33:ee:c8:0e:e8:10:21:af:fd:b0:4b:62:59:c5:99:f4:48:dc:
f1:78:34:4b:57:3c:6e:03:35:4f:8f:cc:73:3f:bd:a7:e7:48:
f6:b6:e8:08:34:88:64:91:7a:99:34:9a:49:7d:3c:be:5a:9f:
ad:bb:5d:7d:82:a6:9b:6b:26:34:a5:31:7c:48:fa:04:17:56:
c4:4c:53:5d:7b:b4:d4:3a:aa:40:cc:ec:8c:a5:6b:a9:33:c3:
46:fb:11:9e:09:f6:1e:50:a3:df:f0:3f:22:ed:e0:62:a4:18:
e5:0c:bc:79:cb:6d:5c:54:56:ce:d7:94:aa:ea:e5:86:07:c5:
c6:ac:fa:44:bb:c0:7e:21:37:1b:87:0a:bb:64:20:6f:d9:7b:
48:92:25:4c:18:bc:83:cf:3d:c6:b7:9d:e9:eb:47:d2:df:a5:
2f:12:e0:60:af:04:61:dd:18:c1:67:bd:fa:c1:0c:c4:5c:f1:
90:91:53:26:a7:00:8a:78:4e:38:dc:ca:69:ac:3c:96:8a:7a:
27:6c:14:00:f0:73:b3:6c:18:c6:9d:6f:df:b2:db:6f:b2:78:
41:35:49:24:b7:4e:d4:1c:31:87:73:f7:e3:fc:16:6e:d8:d3:
b9:e3:5b:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRt/o3RUv4hzLonk70rgvVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYzM5NDhkOGI5M2EyMWU2ZDU3ZDljNjU1NGQ1ZWRkMTA3
ZDA5YWYwHhcNMjUwMTE2MDcyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY4ZjA2OWRmMjFiZjkzM2M0NTNkNWI1YmExNzdiMjYzODUwNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC+i9pJDwfuLjiZdtYjBT/DXSsCC
9zvYist3/bG6QOQ4W8WgFpBiLNTdSkgNfhbX1KLvv3yNYiEqClgaverUuX75rrPZ
GiY+ZlW/nfENxPShVLcnmMDMBwNWAdQX4/sCbGzkcmS6l1ikJy/eHazON2IKAAv9
UnLlZK04k8XTyWSbXZuCbZFJKPvaXCBXUNwGA/4XvrydcmpWb54xQoJnfpPkufeb
7JBOIAD+Cf5JJUKY0G4XqUE6w7ZAxA0LyZ+myaaXGA6zAQtXXfFNjUCqPOtF551q
O7ah5LyJGoKH/9l6BgH/QREXD6MWXFyv9x8yLDUGSc/BiRC/omkCBSTFmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH748GnfIb+TPEU9W1uhd7JjhQdmMB8GA1UdIwQY
MBaAFIvDlI2Lk6IebVfZxlVNXt0QfQmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaThPVWpZdVRvaDV0VjluR1ZVMWUzUkI5Q2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MTBlNTctMzhkYS00OTRkLTgyMDAt
ODkxZmEyMWM2ZjBiLzEvZnZqd2FkOGh2NU04UlQxYlc2RjNzbU9GQjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MTBlNTctMzhkYS00OTRkLTgyMDAtODkxZmEyMWM2ZjBi
LzEvaThPVWpZdVRvaDV0VjluR1ZVMWUzUkI5Q2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTfEAwQA
ubZAMA0GCSqGSIb3DQEBCwUAA4IBAQA98iXATnSwS2bU0Zaw+J/GlRUz7sgO6BAh
r/2wS2JZxZn0SNzxeDRLVzxuAzVPj8xzP72n50j2tugINIhkkXqZNJpJfTy+Wp+t
u119gqabayY0pTF8SPoEF1bETFNde7TUOqpAzOyMpWupM8NG+xGeCfYeUKPf8D8i
7eBipBjlDLx5y21cVFbO15Sq6uWGB8XGrPpEu8B+ITcbhwq7ZCBv2XtIkiVMGLyD
zz3Gt53p60fS36UvEuBgrwRh3RjBZ736wQzEXPGQkVMmpwCKeE443MpprDyWinon
bBQA8HOzbBjGnW/fsttvsnhBNUkkt07UHDGHc/fj/BZu2NO541sm
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:17 2025 by rpki-client