Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/VNzG3ccHyaf-Ofv5con_nysGgHU.roa
File: VNzG3ccHyaf-Ofv5con_nysGgHU.roa (raw, json)
Hash identifier: 2VzIYqdKT2jmdmX+vgJ//7c0c5nGJoT0dOFUmm0WlfQ=
Subject key identifier: 54:DC:C6:DD:C7:07:C9:A7:FE:39:FB:F9:72:89:FF:9F:2B:06:80:75
Certificate issuer: /CN=ae501827144a3188bea1ccee58656fd6429d8f95
Certificate serial: 0194DC0780622F42E1DA564872EF11E22D0E
Authority key identifier: AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/VNzG3ccHyaf-Ofv5con_nysGgHU.roa
Signing time: Thu 06 Feb 2025 16:11:06 +0000
ROA not before: Thu 06 Feb 2025 16:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48152
IP address blocks: 137.221.32.0/19 maxlen: 24
149.137.212.0/22 maxlen: 22
149.137.214.0/24 maxlen: 24
149.137.215.0/24 maxlen: 24
185.173.76.0/22 maxlen: 24
2a0b:3d00::/30 maxlen: 48
2a0b:3d04::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 18:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:07:80:62:2f:42:e1:da:56:48:72:ef:11:e2:2d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae501827144a3188bea1ccee58656fd6429d8f95
Validity
Not Before: Feb 6 16:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54dcc6ddc707c9a7fe39fbf97289ff9f2b068075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:e3:64:88:16:5a:20:24:e2:69:b2:c2:74:
28:8a:88:e8:68:4c:42:9c:df:cb:fa:14:3b:00:6a:
85:14:a6:63:a6:0c:ce:27:bb:31:53:6e:c7:84:dc:
15:33:65:1f:9a:9f:c0:f8:93:69:da:f0:2a:51:58:
e7:66:ae:c7:53:75:b3:52:4b:f6:d0:15:13:d5:ff:
b2:96:46:d2:6c:3f:56:dd:8a:8c:44:be:4e:4f:ca:
76:b4:9d:bb:d2:d5:7a:8e:a2:58:09:be:f2:12:4f:
25:28:57:2f:86:80:ed:b4:91:5f:34:c6:51:a6:89:
43:84:ff:28:a8:51:37:42:9b:d5:b7:5a:2d:d5:5e:
39:b7:40:1e:b7:22:8e:58:6c:6f:1c:bc:ca:a7:09:
a8:11:89:90:f1:36:4e:81:e6:f7:e6:60:f2:1a:40:
00:47:32:90:07:62:3c:19:7b:8e:3b:95:29:bc:85:
1c:7e:4e:29:2d:a8:ed:4f:ef:51:aa:2a:31:b2:b7:
f5:3a:f1:51:c3:62:c9:4d:9d:03:40:e3:53:dc:34:
12:9f:b4:a1:de:6b:d7:b6:4b:d9:44:4d:f2:74:e3:
d2:4e:e7:7d:55:7d:11:49:9b:5b:66:95:d1:bd:26:
53:42:fb:8b:a1:d2:59:08:52:ba:bb:cd:cf:1b:3c:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DC:C6:DD:C7:07:C9:A7:FE:39:FB:F9:72:89:FF:9F:2B:06:80:75
X509v3 Authority Key Identifier:
keyid:AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/VNzG3ccHyaf-Ofv5con_nysGgHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.32.0/19
149.137.212.0/22
185.173.76.0/22
IPv6:
2a0b:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
a6:81:78:42:54:24:40:81:2a:42:b2:8f:7a:03:98:63:eb:ea:
03:c3:c2:cf:86:ad:b6:8d:06:14:5c:22:00:f7:8a:75:f3:02:
c9:73:26:5c:61:2b:7c:3c:fd:2c:16:65:1d:7f:75:bf:2d:30:
97:11:c4:56:05:1e:0e:59:cc:43:91:85:77:06:d8:00:61:a4:
2b:8f:f2:b3:69:a0:c1:5f:48:7a:7b:ef:6d:d2:4c:60:40:df:
bc:d4:05:7b:45:25:af:e1:87:25:a6:38:c3:00:91:3e:92:06:
ba:df:32:54:aa:f4:a0:ac:83:46:f2:44:17:c7:7f:4e:f0:44:
cd:57:aa:50:5d:60:07:7f:db:15:63:2d:99:d9:ee:25:66:fa:
57:00:1e:cb:11:d5:67:2a:66:c1:e7:98:0d:27:e4:af:c9:6d:
aa:bf:b5:d0:5e:fe:e5:7d:d8:1e:48:ad:b0:5f:38:46:9e:fe:
cc:25:e4:db:a0:3b:05:36:de:f7:71:15:68:07:9a:c8:26:01:
47:48:2a:7a:23:a6:da:df:9c:ed:1e:26:8f:97:2d:9f:cb:c8:
c8:d5:6c:aa:ae:af:d2:da:dc:f3:69:fc:c2:74:ed:08:58:ae:
8f:3e:0e:d0:2f:f9:ca:b2:82:21:38:f7:c4:ad:3d:c7:f3:dc:
c5:aa:8f:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZTcB4BiL0Lh2lZIcu8R4i0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTAxODI3MTQ0YTMxODhiZWExY2NlZTU4NjU2ZmQ2NDI5
ZDhmOTUwHhcNMjUwMjA2MTYxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRjYzZkZGM3MDdjOWE3ZmUzOWZiZjk3Mjg5ZmY5ZjJiMDY4MDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUPjZIgWWiAk4mmywnQoiojoaExC
nN/L+hQ7AGqFFKZjpgzOJ7sxU27HhNwVM2Ufmp/A+JNp2vAqUVjnZq7HU3WzUkv2
0BUT1f+ylkbSbD9W3YqMRL5OT8p2tJ270tV6jqJYCb7yEk8lKFcvhoDttJFfNMZR
polDhP8oqFE3QpvVt1ot1V45t0AetyKOWGxvHLzKpwmoEYmQ8TZOgeb35mDyGkAA
RzKQB2I8GXuOO5UpvIUcfk4pLajtT+9Rqioxsrf1OvFRw2LJTZ0DQONT3DQSn7Sh
3mvXtkvZRE3ydOPSTud9VX0RSZtbZpXRvSZTQvuLodJZCFK6u83PGzzejQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFTcxt3HB8mn/jn7+XKJ/58rBoB1MB8GA1UdIwQY
MBaAFK5QGCcUSjGIvqHM7lhlb9ZCnY+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODIt
MDk4NmQ4YjBjNmQ5LzEvVk56RzNjY0h5YWYtT2Z2NWNvbl9ueXNHZ0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODItMDk4NmQ4YjBjNmQ5
LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFid0gAwQC
lYnUAwQCua1MMA0EAgACMAcDBQMqCz0AMA0GCSqGSIb3DQEBCwUAA4IBAQCmgXhC
VCRAgSpCso96A5hj6+oDw8LPhq22jQYUXCIA94p18wLJcyZcYSt8PP0sFmUdf3W/
LTCXEcRWBR4OWcxDkYV3BtgAYaQrj/KzaaDBX0h6e+9t0kxgQN+81AV7RSWv4Ycl
pjjDAJE+kga63zJUqvSgrING8kQXx39O8ETNV6pQXWAHf9sVYy2Z2e4lZvpXAB7L
EdVnKmbB55gNJ+SvyW2qv7XQXv7lfdgeSK2wXzhGnv7MJeTboDsFNt73cRVoB5rI
JgFHSCp6I6ba35ztHiaPly2fy8jI1Wyqrq/S2tzzafzCdO0IWK6PPg7QL/nKsoIh
OPfErT3H89zFqo/d
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:41:52 2025 by rpki-client