Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/VJzfvUbstsweL94z-ivJL9s3ZVk.roa
File: VJzfvUbstsweL94z-ivJL9s3ZVk.roa (raw, json)
Hash identifier: HgLrKuozmz+yIcpW2tKbtdhcaLEc8ycsnDPCev84zDI=
Subject key identifier: 54:9C:DF:BD:46:EC:B6:CC:1E:2F:DE:33:FA:2B:C9:2F:DB:37:65:59
Certificate issuer: /CN=ba4c685efa6a2c1045637f027a325c0aec79c015
Certificate serial: 019427471673B3F4F9E07A62C8F9DE57887F
Authority key identifier: BA:4C:68:5E:FA:6A:2C:10:45:63:7F:02:7A:32:5C:0A:EC:79:C0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/VJzfvUbstsweL94z-ivJL9s3ZVk.roa
Signing time: Thu 02 Jan 2025 13:49:17 +0000
ROA not before: Thu 02 Jan 2025 13:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12557
IP address blocks: 185.117.180.0/22 maxlen: 22
185.117.182.0/24 maxlen: 24
2a03:52a0::/32 maxlen: 32
2a03:52a0:172::/48 maxlen: 48
2a03:52a0:180::/48 maxlen: 48
2a03:52a0:181::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:16:73:b3:f4:f9:e0:7a:62:c8:f9:de:57:88:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4c685efa6a2c1045637f027a325c0aec79c015
Validity
Not Before: Jan 2 13:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=549cdfbd46ecb6cc1e2fde33fa2bc92fdb376559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d1:dd:5f:45:c1:d2:63:66:c8:82:8d:74:36:
fe:75:72:ef:95:f9:3b:2d:e3:f6:41:29:2a:c4:3f:
5d:0d:3d:65:92:be:8b:44:0d:47:a0:ca:92:e2:15:
e7:98:18:33:ed:98:05:bb:19:8d:19:09:bd:2b:63:
a2:2a:75:0f:cc:2a:9c:6f:02:bc:77:77:e5:3e:9d:
c9:18:3e:10:bf:40:48:b3:cb:99:b4:c3:d8:be:1a:
5d:ad:d7:c7:70:f7:f8:bd:b0:15:c6:04:3b:32:a2:
a9:0f:de:d5:df:58:47:a0:dc:33:cf:3d:fc:e5:b0:
7f:45:18:d6:bd:20:6b:7a:b9:e2:ba:f2:d8:8c:69:
f5:9a:80:43:e5:55:76:93:a2:b4:77:6f:8f:21:44:
be:d1:5c:1d:08:94:ce:b3:5c:9e:09:b6:ab:2c:11:
c9:d3:df:0b:cc:94:94:36:e3:5e:f1:cb:b6:54:91:
46:29:7e:2e:ad:12:20:30:af:5f:40:ae:5f:0e:be:
7e:cc:e8:64:65:b2:6a:5f:56:d0:61:bd:2f:64:a6:
40:aa:83:ba:ab:6e:b0:12:9e:98:89:3c:2a:f6:2c:
12:2a:6f:53:83:b8:0b:02:d1:88:86:ff:13:ff:2b:
b7:60:6e:d2:b1:b2:5d:96:e7:34:ec:60:ad:30:14:
79:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9C:DF:BD:46:EC:B6:CC:1E:2F:DE:33:FA:2B:C9:2F:DB:37:65:59
X509v3 Authority Key Identifier:
keyid:BA:4C:68:5E:FA:6A:2C:10:45:63:7F:02:7A:32:5C:0A:EC:79:C0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/VJzfvUbstsweL94z-ivJL9s3ZVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.180.0/22
IPv6:
2a03:52a0::/32
Signature Algorithm: sha256WithRSAEncryption
53:d0:b1:67:68:29:24:42:f5:e1:81:a9:41:6a:c4:8d:51:3b:
4d:13:60:9d:3c:28:8a:8f:4e:e5:ea:89:98:7b:9a:ab:4a:eb:
c2:2e:e6:e1:4f:20:50:ae:a7:be:84:f9:21:b6:61:82:2d:69:
f3:c9:4c:4d:82:62:5d:0d:20:46:8d:6d:92:9a:47:a4:b6:53:
95:2f:16:9c:ea:8e:9e:91:2a:57:cd:21:3f:09:50:15:1f:5e:
e8:eb:fa:6e:2f:fe:74:c2:da:9c:b5:dc:b6:e2:d6:52:31:88:
72:8b:93:fc:95:d8:37:3f:a0:52:58:ee:0e:f8:0f:69:98:57:
3d:c8:2b:55:50:75:11:bf:f2:bd:b6:7f:ae:8d:7d:0b:9f:b2:
45:ac:ae:31:55:a4:4c:2c:b5:48:78:0e:d8:47:4f:2a:c3:61:
7a:f3:9c:3f:86:33:20:59:f2:f2:a3:88:a6:1f:9b:f7:b7:f4:
23:1d:98:09:e9:4d:5c:2c:ef:3c:a2:35:45:d5:2a:58:f2:94:
98:08:b7:be:66:45:fb:8e:c2:12:7e:fb:88:05:8d:ea:c3:b1:
62:b1:5a:23:a9:8b:9f:d6:a0:7b:70:56:4b:99:46:b3:5d:12:
31:93:e1:58:af:47:d8:e2:0a:20:aa:c1:45:fb:51:2f:34:49:
57:51:80:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRxZzs/T54HpiyPneV4h/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGM2ODVlZmE2YTJjMTA0NTYzN2YwMjdhMzI1YzBhZWM3
OWMwMTUwHhcNMjUwMTAyMTM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDljZGZiZDQ2ZWNiNmNjMWUyZmRlMzNmYTJiYzkyZmRiMzc2NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtHdX0XB0mNmyIKNdDb+dXLvlfk7
LeP2QSkqxD9dDT1lkr6LRA1HoMqS4hXnmBgz7ZgFuxmNGQm9K2OiKnUPzCqcbwK8
d3flPp3JGD4Qv0BIs8uZtMPYvhpdrdfHcPf4vbAVxgQ7MqKpD97V31hHoNwzzz38
5bB/RRjWvSBrerniuvLYjGn1moBD5VV2k6K0d2+PIUS+0VwdCJTOs1yeCbarLBHJ
098LzJSUNuNe8cu2VJFGKX4urRIgMK9fQK5fDr5+zOhkZbJqX1bQYb0vZKZAqoO6
q26wEp6YiTwq9iwSKm9Tg7gLAtGIhv8T/yu3YG7SsbJdluc07GCtMBR51QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFSc371G7LbMHi/eM/oryS/bN2VZMB8GA1UdIwQY
MBaAFLpMaF76aiwQRWN/AnoyXArsecAVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWt4b1h2cHFMQkJGWTM4Q2VqSmNDdXg1d0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80Mjg3MmEtNTYxNy00ZWMyLWFiOGQt
Yzg2MDQ3MjA2NDJkLzEvVkp6ZnZVYnN0c3dlTDk0ei1pdkpMOXMzWlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80Mjg3MmEtNTYxNy00ZWMyLWFiOGQtYzg2MDQ3MjA2NDJk
LzEvdWt4b1h2cHFMQkJGWTM4Q2VqSmNDdXg1d0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXW0MA0E
AgACMAcDBQAqA1KgMA0GCSqGSIb3DQEBCwUAA4IBAQBT0LFnaCkkQvXhgalBasSN
UTtNE2CdPCiKj07l6omYe5qrSuvCLubhTyBQrqe+hPkhtmGCLWnzyUxNgmJdDSBG
jW2SmkektlOVLxac6o6ekSpXzSE/CVAVH17o6/puL/50wtqctdy24tZSMYhyi5P8
ldg3P6BSWO4O+A9pmFc9yCtVUHURv/K9tn+ujX0Ln7JFrK4xVaRMLLVIeA7YR08q
w2F685w/hjMgWfLyo4imH5v3t/QjHZgJ6U1cLO88ojVF1SpY8pSYCLe+ZkX7jsIS
fvuIBY3qw7FisVojqYuf1qB7cFZLmUazXRIxk+FYr0fY4gogqsFF+1EvNElXUYCB
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:37 2025 by rpki-client