Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/vMfdW02jbLqHp-27brKBsBhbgHY.roa
File: vMfdW02jbLqHp-27brKBsBhbgHY.roa (raw, json)
Hash identifier: oHK3CDonAtcVu8dAAlZMcFQZnOMNxTDFalDW/2pvfts=
Subject key identifier: BC:C7:DD:5B:4D:A3:6C:BA:87:A7:ED:BB:6E:B2:81:B0:18:5B:80:76
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01941F8C862209289BFAD6D3DA0F189100C4
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/vMfdW02jbLqHp-27brKBsBhbgHY.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198720
IP address blocks: 46.232.238.0/23 maxlen: 23
195.123.8.0/24 maxlen: 24
195.123.9.0/24 maxlen: 24
195.123.10.0/24 maxlen: 24
195.123.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 06:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:22:09:28:9b:fa:d6:d3:da:0f:18:91:00:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcc7dd5b4da36cba87a7edbb6eb281b0185b8076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:38:ba:84:9a:7d:df:ca:1c:13:f0:42:d0:
c5:fe:08:bf:99:4a:27:e3:bb:14:38:ce:bf:1a:89:
b4:e8:60:69:35:85:86:a1:19:88:82:0e:27:dc:19:
fe:19:03:51:71:3b:76:c2:a6:f2:8d:2d:81:73:28:
e2:fa:f3:3b:67:05:f2:c5:dc:8e:b0:3a:58:4e:64:
de:5b:26:9b:92:1c:40:c4:30:4b:3b:f4:7d:a5:0c:
dc:1c:7b:18:ac:22:4e:6e:eb:44:e3:65:a4:d5:37:
fc:4e:7c:b3:1a:c6:26:a1:00:ee:45:00:e1:80:8b:
ae:84:cd:bf:ef:fa:ce:1f:10:97:cc:a0:fc:76:a9:
85:50:47:20:e4:79:8d:e4:ba:35:fa:db:41:2c:f1:
3b:4e:2f:50:dd:8f:e1:4a:13:94:11:92:a5:29:c0:
3c:89:68:f4:54:3b:df:d6:70:3d:64:59:f7:2e:22:
f3:12:5f:9b:7f:7b:e2:fb:ef:e1:e7:3b:33:67:b9:
f9:e7:7d:fd:bf:46:92:35:c0:b8:5e:58:45:1b:a7:
00:77:ce:56:99:a7:12:1c:46:9e:f6:92:1f:69:ba:
f4:53:fe:b2:cf:a7:94:33:ce:fc:a5:44:c6:9e:43:
39:d0:b1:dc:ce:4b:70:d1:89:ef:a7:ce:7f:2c:fc:
36:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C7:DD:5B:4D:A3:6C:BA:87:A7:ED:BB:6E:B2:81:B0:18:5B:80:76
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/vMfdW02jbLqHp-27brKBsBhbgHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.238.0/23
195.123.8.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:41:e7:f1:1c:8c:56:14:0e:64:74:12:b6:de:c2:3c:1c:56:
43:a1:3d:fb:2c:75:14:8e:aa:cb:ac:de:68:e5:ba:2f:c5:16:
c5:da:50:2e:ea:ee:41:53:c6:81:fb:23:12:ca:99:e1:9a:57:
41:8c:59:66:03:7a:a6:07:f7:1d:c5:23:a2:9f:be:c4:cc:97:
90:63:14:69:78:74:de:1a:1f:8b:a8:c1:04:ed:0d:1a:d0:00:
62:31:e0:eb:ba:1d:8d:08:ba:b0:b0:5a:e7:ed:5b:1b:79:1d:
c1:1b:ae:c4:21:ee:aa:02:a7:c7:dd:1d:fc:0f:69:85:7d:3a:
11:72:50:af:cf:5f:02:c6:02:dd:3a:0d:e9:5d:20:da:6d:ab:
96:4a:33:ca:9d:06:65:c8:87:99:8b:d1:56:e6:b5:85:9f:71:
73:3b:60:18:42:18:60:e5:30:bf:5b:0f:ae:04:ed:85:e4:62:
81:ce:3b:64:e9:5a:21:65:ea:cd:95:3a:6b:b9:0d:40:f6:a6:
c6:5b:fc:62:23:15:cc:14:e4:70:c4:37:8b:cb:0a:dd:02:f5:
a6:25:e1:c0:bc:45:1a:10:ae:7d:9c:0e:3d:1d:30:c0:8b:df:
0f:88:cd:c3:62:a0:9c:17:df:56:08:36:e1:48:b0:cb:13:68:
4c:16:7e:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjIYiCSib+tbT2g8YkQDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2M3ZGQ1YjRkYTM2Y2JhODdhN2VkYmI2ZWIyODFiMDE4NWI4MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTU4uoSafd/KHBPwQtDF/gi/mUon
47sUOM6/Gom06GBpNYWGoRmIgg4n3Bn+GQNRcTt2wqbyjS2Bcyji+vM7ZwXyxdyO
sDpYTmTeWyabkhxAxDBLO/R9pQzcHHsYrCJObutE42Wk1Tf8TnyzGsYmoQDuRQDh
gIuuhM2/7/rOHxCXzKD8dqmFUEcg5HmN5Lo1+ttBLPE7Ti9Q3Y/hShOUEZKlKcA8
iWj0VDvf1nA9ZFn3LiLzEl+bf3vi++/h5zszZ7n55339v0aSNcC4XlhFG6cAd85W
macSHEae9pIfabr0U/6yz6eUM878pUTGnkM50LHczktw0Ynvp85/LPw2WwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzH3VtNo2y6h6ftu26ygbAYW4B2MB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvdk1mZFcwMmpiTHFIcC0yN2JyS0JzQmhiZ0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLujuAwQC
w3sIMA0GCSqGSIb3DQEBCwUAA4IBAQChQefxHIxWFA5kdBK23sI8HFZDoT37LHUU
jqrLrN5o5bovxRbF2lAu6u5BU8aB+yMSypnhmldBjFlmA3qmB/cdxSOin77EzJeQ
YxRpeHTeGh+LqMEE7Q0a0ABiMeDruh2NCLqwsFrn7VsbeR3BG67EIe6qAqfH3R38
D2mFfToRclCvz18CxgLdOg3pXSDabauWSjPKnQZlyIeZi9FW5rWFn3FzO2AYQhhg
5TC/Ww+uBO2F5GKBzjtk6VohZerNlTpruQ1A9qbGW/xiIxXMFORwxDeLywrdAvWm
JeHAvEUaEK59nA49HTDAi98PiM3DYqCcF99WCDbhSLDLE2hMFn6Q
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:14 2025 by rpki-client