Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/vDjAWnb2U_Zni3rwGpwjWOad_gQ.roa
File: vDjAWnb2U_Zni3rwGpwjWOad_gQ.roa (raw, json)
Hash identifier: YF5FP9GizLuKXZzGN/kv4NsbvKt5L3RdIPXM7DuHQbw=
Subject key identifier: BC:38:C0:5A:76:F6:53:F6:67:8B:7A:F0:1A:9C:23:58:E6:9D:FE:04
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 019420D5FAEBBA16D33D4760DB04F3C6A010
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/vDjAWnb2U_Zni3rwGpwjWOad_gQ.roa
Signing time: Wed 01 Jan 2025 07:48:01 +0000
ROA not before: Wed 01 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42306
IP address blocks: 37.44.208.0/22 maxlen: 22
46.253.96.0/21 maxlen: 21
46.253.104.0/21 maxlen: 21
77.236.192.0/19 maxlen: 19
185.134.160.0/22 maxlen: 22
2a03:f280::/29 maxlen: 29
2a06:ed40::/29 maxlen: 29
2a0e:5340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fa:eb:ba:16:d3:3d:47:60:db:04:f3:c6:a0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc38c05a76f653f6678b7af01a9c2358e69dfe04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:6a:9b:12:3a:b0:cc:ee:cf:dc:23:38:40:
52:62:b8:a9:b2:10:20:00:56:aa:7f:e1:42:80:3a:
23:8c:5d:e0:77:3a:30:2c:47:f5:a8:60:2b:8a:48:
ff:c3:4f:9a:0b:7c:12:cf:6d:ff:a9:42:0c:bc:d4:
7a:e7:27:75:3c:31:aa:ea:31:63:ab:e4:e8:69:7f:
e8:e6:44:2b:a9:71:de:32:49:f6:f9:1b:84:d3:4b:
6b:66:56:cd:cb:dd:5c:ae:8f:80:94:0a:a3:ee:8a:
d0:9b:e5:3e:0e:e8:31:0b:d6:39:e2:5f:08:dc:19:
37:e3:96:82:9f:51:80:3c:52:0b:21:0c:ea:10:4d:
22:2c:3c:6b:f0:41:c5:7a:b7:4b:d3:93:ac:3a:9e:
8a:8c:65:1c:a3:90:63:4a:78:af:99:9a:3a:9d:7c:
dd:96:4f:54:48:17:8c:83:08:ad:74:4b:ac:78:e0:
32:bc:32:7e:f0:a8:fb:ec:4c:d0:5f:e5:92:13:49:
62:12:2a:21:28:8c:01:3e:e4:bc:43:01:00:95:7c:
3e:2a:04:f6:4d:2c:b1:b9:1c:f9:98:e3:22:35:e5:
bb:95:23:0c:ff:e3:95:bb:3f:47:32:94:f7:16:56:
2c:a7:1b:5a:b2:b4:a5:80:15:7c:87:b8:f8:14:d9:
d0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:38:C0:5A:76:F6:53:F6:67:8B:7A:F0:1A:9C:23:58:E6:9D:FE:04
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/vDjAWnb2U_Zni3rwGpwjWOad_gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.208.0/22
46.253.96.0/20
77.236.192.0/19
185.134.160.0/22
IPv6:
2a03:f280::/29
2a06:ed40::/29
2a0e:5340::/29
Signature Algorithm: sha256WithRSAEncryption
03:20:8c:b7:64:bd:a8:e6:00:85:eb:f8:8e:f4:a1:43:14:89:
aa:4a:3c:08:66:45:27:83:bb:c4:d2:42:8a:08:0f:21:c5:a6:
be:a8:16:be:24:fd:d9:2a:57:79:a5:78:33:10:83:34:e9:52:
5a:c1:b9:52:bc:dd:78:23:a5:18:86:8e:2f:58:ab:45:74:ba:
fd:3c:73:59:77:eb:11:0e:bc:33:a8:e8:01:ac:0a:8d:7f:35:
98:77:47:2c:bf:b8:5d:4d:9f:84:be:f5:8a:71:8c:f0:e4:87:
ca:65:30:d2:3e:4e:54:cb:18:18:8b:fe:5f:84:35:94:34:49:
2b:15:80:bb:b3:51:fa:4d:4e:8b:1b:ec:1c:63:d3:ad:4e:dc:
72:54:c6:9a:8c:a6:47:67:08:1e:36:dd:a5:71:f8:3b:62:8a:
e3:78:6d:df:e6:57:3e:ed:a4:44:93:e1:ff:b1:bc:9c:9e:63:
ad:c0:17:e0:1a:70:94:b9:3c:44:2e:f6:57:68:77:f1:e6:b7:
96:5c:08:73:8f:64:b7:d1:7f:7a:33:7c:e4:7a:0b:09:82:12:
08:cb:ab:95:d7:85:4b:b5:eb:03:02:85:0e:56:dd:9e:59:68:
f5:08:6c:d4:0e:a8:b9:2d:c5:f1:36:55:a4:0e:37:fe:13:1f:
3c:8a:3d:a0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQg1frruhbTPUdg2wTzxqAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM4YzA1YTc2ZjY1M2Y2Njc4YjdhZjAxYTljMjM1OGU2OWRmZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp35qmxI6sMzuz9wjOEBSYripshAg
AFaqf+FCgDojjF3gdzowLEf1qGArikj/w0+aC3wSz23/qUIMvNR65yd1PDGq6jFj
q+ToaX/o5kQrqXHeMkn2+RuE00trZlbNy91cro+AlAqj7orQm+U+DugxC9Y54l8I
3Bk345aCn1GAPFILIQzqEE0iLDxr8EHFerdL05OsOp6KjGUco5BjSnivmZo6nXzd
lk9USBeMgwitdEuseOAyvDJ+8Kj77EzQX+WSE0liEiohKIwBPuS8QwEAlXw+KgT2
TSyxuRz5mOMiNeW7lSMM/+OVuz9HMpT3FlYspxtasrSlgBV8h7j4FNnQ/QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLw4wFp29lP2Z4t68BqcI1jmnf4EMB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvdkRqQVduYjJVX1puaTNyd0dwd2pXT2FkX2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAtYTY5OWJjYjA4YWUz
LzEvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCJSzQAwQE
Lv1gAwQFTezAAwQCuYagMBsEAgACMBUDBQMqA/KAAwUDKgbtQAMFAyoOU0AwDQYJ
KoZIhvcNAQELBQADggEBAAMgjLdkvajmAIXr+I70oUMUiapKPAhmRSeDu8TSQooI
DyHFpr6oFr4k/dkqV3mleDMQgzTpUlrBuVK83XgjpRiGji9Yq0V0uv08c1l36xEO
vDOo6AGsCo1/NZh3Ryy/uF1Nn4S+9YpxjPDkh8plMNI+TlTLGBiL/l+ENZQ0SSsV
gLuzUfpNTosb7Bxj061O3HJUxpqMpkdnCB423aVx+DtiiuN4bd/mVz7tpEST4f+x
vJyeY63AF+AacJS5PEQu9ldod/Hmt5ZcCHOPZLfRf3ozfOR6CwmCEgjLq5XXhUu1
6wMChQ5W3Z5ZaPUIbNQOqLktxfE2VaQON/4THzyKPaA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:50 2025 by rpki-client