Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/vmLDD1TBTYG-hEjE6Ab3SFuTYs0.roa
File: vmLDD1TBTYG-hEjE6Ab3SFuTYs0.roa (raw, json)
Hash identifier: NyOwpcin3g/lVGCyaCZG0ziR33wb6JD1mwKtweMIjl0=
Subject key identifier: BE:62:C3:0F:54:C1:4D:81:BE:84:48:C4:E8:06:F7:48:5B:93:62:CD
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAED2049DF3DDF9753B0053C6A2E5C
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/vmLDD1TBTYG-hEjE6Ab3SFuTYs0.roa
Signing time: Wed 01 Jan 2025 17:47:37 +0000
ROA not before: Wed 01 Jan 2025 17:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39575
IP address blocks: 213.128.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:ed:20:49:df:3d:df:97:53:b0:05:3c:6a:2e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be62c30f54c14d81be8448c4e806f7485b9362cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:bf:79:8c:47:d4:e9:99:71:06:13:da:b2:
33:90:86:f7:a7:50:57:4a:8e:54:61:c0:55:01:1a:
90:11:b3:2a:8a:6c:bd:49:6f:40:e4:62:a0:c9:32:
df:81:7a:f9:04:02:82:20:45:51:de:67:17:7e:5b:
fb:7f:79:f6:1c:fc:70:02:28:a3:be:80:9c:2a:98:
22:11:bb:e5:97:de:10:3a:4f:08:82:83:28:3f:9f:
e9:b5:82:39:b5:a7:97:27:1f:b6:07:a1:7e:10:1a:
d5:fe:91:64:86:9c:83:61:cc:89:b2:04:21:5e:2c:
bb:e1:4b:79:a3:8c:15:02:55:2e:5a:18:cf:08:a7:
fa:85:50:9c:79:93:34:c2:6e:9f:b7:22:c8:8c:23:
10:27:d9:df:ff:49:24:7a:5b:a3:1c:b2:55:01:f7:
f8:52:b3:80:08:d0:39:c7:4f:2b:d2:8a:5e:bf:24:
9d:68:7c:84:5c:f3:64:03:10:1a:62:4a:de:53:a4:
d2:e7:01:3e:10:cf:ef:c4:90:18:6c:b6:ba:97:4a:
62:49:c0:a4:49:23:da:2c:fa:68:51:8d:99:9e:d4:
b4:93:aa:3a:dd:39:59:10:ce:ca:41:5f:66:4e:f5:
cf:75:0d:09:af:60:63:cb:f2:51:11:97:59:b1:7a:
7f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:62:C3:0F:54:C1:4D:81:BE:84:48:C4:E8:06:F7:48:5B:93:62:CD
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/vmLDD1TBTYG-hEjE6Ab3SFuTYs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.128.209.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a6:76:4f:63:34:c4:ee:cf:51:7e:24:25:83:38:dd:a6:11:
93:a3:8f:28:f1:2d:fa:80:4f:ff:c2:27:0f:f0:d5:97:f1:87:
bb:e7:24:d5:34:01:59:e9:13:7f:68:a9:30:20:02:29:8e:59:
7f:90:01:e6:47:48:50:a0:80:09:5b:92:17:6d:09:52:6e:2b:
2e:01:60:16:0d:0f:62:41:1a:ae:35:cf:2c:88:28:3f:eb:2d:
5d:bc:20:7c:60:6a:30:aa:5a:1a:c6:aa:eb:2b:37:76:72:ef:
27:f8:f0:89:80:20:66:77:52:52:b5:6a:b4:d5:04:03:6d:1e:
ff:12:e4:95:aa:4e:91:97:7d:34:0c:dc:66:13:d2:77:38:41:
df:62:7a:64:40:36:00:5d:ac:ee:de:8d:44:03:f1:34:6a:90:
45:80:8b:95:4f:3e:d0:e0:86:92:f4:0f:34:a4:18:43:6c:07:
d7:1c:a3:3a:c1:b1:86:d7:0a:2b:a3:c5:d8:c5:ef:6c:61:2a:
9c:49:4c:5e:e5:de:ba:a1:7e:70:98:dd:f6:82:2b:dd:e2:d6:
b1:51:ea:55:8c:a8:bf:85:9f:a9:a3:8d:dc:08:8b:ef:3c:1f:
4b:cb:cb:7a:e4:2c:85:37:b0:8e:4f:a9:f5:e6:ac:9e:04:2c:
8e:ae:1b:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+u0gSd8935dTsAU8ai5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYyYzMwZjU0YzE0ZDgxYmU4NDQ4YzRlODA2Zjc0ODViOTM2MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+G/eYxH1OmZcQYT2rIzkIb3p1BX
So5UYcBVARqQEbMqimy9SW9A5GKgyTLfgXr5BAKCIEVR3mcXflv7f3n2HPxwAiij
voCcKpgiEbvll94QOk8IgoMoP5/ptYI5taeXJx+2B6F+EBrV/pFkhpyDYcyJsgQh
Xiy74Ut5o4wVAlUuWhjPCKf6hVCceZM0wm6ftyLIjCMQJ9nf/0kkelujHLJVAff4
UrOACNA5x08r0opevySdaHyEXPNkAxAaYkreU6TS5wE+EM/vxJAYbLa6l0piScCk
SSPaLPpoUY2ZntS0k6o63TlZEM7KQV9mTvXPdQ0Jr2Bjy/JREZdZsXp/xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5iww9UwU2BvoRIxOgG90hbk2LNMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvdm1MREQxVEJUWUctaEVqRTZBYjNTRnVUWXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YDRMA0G
CSqGSIb3DQEBCwUAA4IBAQA4pnZPYzTE7s9RfiQlgzjdphGTo48o8S36gE//wicP
8NWX8Ye75yTVNAFZ6RN/aKkwIAIpjll/kAHmR0hQoIAJW5IXbQlSbisuAWAWDQ9i
QRquNc8siCg/6y1dvCB8YGowqloaxqrrKzd2cu8n+PCJgCBmd1JStWq01QQDbR7/
EuSVqk6Rl300DNxmE9J3OEHfYnpkQDYAXazu3o1EA/E0apBFgIuVTz7Q4IaS9A80
pBhDbAfXHKM6wbGG1woro8XYxe9sYSqcSUxe5d66oX5wmN32givd4taxUepVjKi/
hZ+po43cCIvvPB9Ly8t65CyFN7COT6n15qyeBCyOrhsl
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:08:41 2025 by rpki-client