Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vG4B52z6cCGO3fGu4RMw_1TIenE.roa
File: vG4B52z6cCGO3fGu4RMw_1TIenE.roa (raw, json)
Hash identifier: MvDaURCdE20bL5qOnkBFd0oZgxow2HXLwisqpghXpBU=
Subject key identifier: BC:6E:01:E7:6C:FA:70:21:8E:DD:F1:AE:E1:13:30:FF:54:C8:7A:71
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427484408A81C09570C37AF699CF9B5CC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vG4B52z6cCGO3fGu4RMw_1TIenE.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 192.36.247.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
192.71.254.0/23 maxlen: 24
192.176.43.0/24 maxlen: 24
193.182.113.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
2a01:280:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:44:08:a8:1c:09:57:0c:37:af:69:9c:f9:b5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc6e01e76cfa70218eddf1aee11330ff54c87a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:de:0f:81:a0:12:63:91:26:f8:f6:cb:23:a1:
37:2e:fc:58:11:68:90:8f:f4:80:9e:19:10:fc:ec:
eb:eb:04:dd:0b:31:af:5a:47:7e:12:d4:49:a3:ca:
6e:9c:d9:da:c7:1d:b8:7f:a1:aa:30:76:ea:b6:fa:
fa:ba:96:65:7b:85:00:83:45:4a:e4:e8:04:f2:71:
4b:9c:a6:8b:65:86:8d:43:98:15:14:30:22:2b:04:
2f:b2:87:44:48:ca:ae:17:d3:20:e1:5d:0d:ec:d5:
65:02:b3:a9:bd:a2:84:a1:39:2a:64:cf:62:3a:c5:
ef:30:20:78:de:62:2c:be:2d:4a:0e:27:fc:80:a5:
7c:8c:f3:ea:44:4f:f6:13:e5:24:48:9b:2d:3e:40:
98:cd:4c:00:66:d2:fd:0a:91:ae:64:03:85:49:30:
38:a4:27:4b:f8:57:c1:28:95:14:fd:b5:bd:ee:e8:
b5:67:e4:5f:0b:96:ec:50:6f:6b:68:71:5d:d7:5e:
0d:84:c8:19:5f:b1:e4:58:09:cb:48:64:39:06:91:
2a:79:75:4c:aa:80:1f:aa:7c:15:76:23:55:d6:25:
0a:6a:4d:37:b2:f1:fc:b7:3f:f1:90:fe:c2:ea:84:
e7:b9:69:5a:e3:67:e8:70:37:f7:a7:f1:4c:c7:16:
6b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6E:01:E7:6C:FA:70:21:8E:DD:F1:AE:E1:13:30:FF:54:C8:7A:71
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vG4B52z6cCGO3fGu4RMw_1TIenE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
192.176.43.0/24
193.182.113.0/24
193.234.120.0/22
IPv6:
2a01:280:6::/48
Signature Algorithm: sha256WithRSAEncryption
3b:d0:02:6e:63:ee:e2:a0:82:7f:7a:c3:e5:c2:8f:bb:1d:36:
1b:c3:dd:20:29:b1:3b:a4:96:45:5c:a0:8a:1b:54:f5:21:0c:
ec:19:3e:fe:a1:96:54:8b:de:c4:d6:62:64:e6:2a:20:e8:e9:
04:59:e2:17:aa:ca:8e:ea:82:48:5e:0a:56:24:04:35:fb:98:
88:d9:de:7a:a5:1b:55:3b:24:b7:21:01:aa:4e:04:80:98:d6:
6e:b0:80:57:f0:68:5a:f1:fc:42:e0:7a:67:f2:05:6e:4f:75:
c7:bd:be:fa:00:d6:87:c7:3f:14:b0:61:10:6f:af:95:09:73:
f0:bd:95:50:f6:a5:4a:0f:9f:e3:37:e7:42:f8:85:ed:75:12:
66:e9:25:c9:9c:5d:ca:a1:8d:08:b2:6c:a3:7c:31:0e:43:f0:
2b:db:f7:68:f3:22:77:75:16:52:21:75:61:92:75:be:32:fb:
49:ce:ed:43:b3:e2:60:4d:24:c4:f2:e9:63:36:a4:e2:67:b7:
1c:d3:8a:2f:48:b2:3d:cd:df:bc:1d:cc:1a:a5:65:d2:9e:31:
91:62:87:eb:43:77:1f:7c:62:f9:7c:30:ef:1a:b6:99:7d:9a:
2a:28:3b:cf:ac:bc:2b:95:1f:c9:0f:c1:36:fe:7b:ed:af:bf:
96:14:5c:4b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQnSEQIqBwJVww3r2mc+bXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzZlMDFlNzZjZmE3MDIxOGVkZGYxYWVlMTEzMzBmZjU0Yzg3YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd4PgaASY5Em+PbLI6E3LvxYEWiQ
j/SAnhkQ/Ozr6wTdCzGvWkd+EtRJo8punNnaxx24f6GqMHbqtvr6upZle4UAg0VK
5OgE8nFLnKaLZYaNQ5gVFDAiKwQvsodESMquF9Mg4V0N7NVlArOpvaKEoTkqZM9i
OsXvMCB43mIsvi1KDif8gKV8jPPqRE/2E+UkSJstPkCYzUwAZtL9CpGuZAOFSTA4
pCdL+FfBKJUU/bW97ui1Z+RfC5bsUG9raHFd114NhMgZX7HkWAnLSGQ5BpEqeXVM
qoAfqnwVdiNV1iUKak03svH8tz/xkP7C6oTnuWla42focDf3p/FMxxZrbwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLxuAeds+nAhjt3xruETMP9UyHpxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdkc0QjUyejZjQ0dPM2ZHdTRSTXdfMVRJZW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwLArAwQAwbZxAwQCwep4MA8EAgACMAkDBwAqAQKAAAYwDQYJ
KoZIhvcNAQELBQADggEBADvQAm5j7uKggn96w+XCj7sdNhvD3SApsTuklkVcoIob
VPUhDOwZPv6hllSL3sTWYmTmKiDo6QRZ4heqyo7qgkheClYkBDX7mIjZ3nqlG1U7
JLchAapOBICY1m6wgFfwaFrx/ELgemfyBW5Pdce9vvoA1ofHPxSwYRBvr5UJc/C9
lVD2pUoPn+M350L4he11EmbpJcmcXcqhjQiybKN8MQ5D8Cvb92jzInd1FlIhdWGS
db4y+0nO7UOz4mBNJMTy6WM2pOJntxzTii9Isj3N37wdzBqlZdKeMZFih+tDdx98
Yvl8MO8atpl9miooO8+svCuVH8kPwTb+e+2vv5YUXEs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:31 2025 by rpki-client