Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/vrYtR17Us0uRR4gxZn7liWGR4no.roa
File: vrYtR17Us0uRR4gxZn7liWGR4no.roa (raw, json)
Hash identifier: iPAbeEWSZ9JV1k70IoKGFIA+pbF0zGakCFdiJ4Nxk/U=
Subject key identifier: BE:B6:2D:47:5E:D4:B3:4B:91:47:88:31:66:7E:E5:89:61:91:E2:7A
Certificate issuer: /CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Certificate serial: 01942068583FEDB0329891950FC7D2F180DC
Authority key identifier: 4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/vrYtR17Us0uRR4gxZn7liWGR4no.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56504
IP address blocks: 178.237.57.0/24 maxlen: 24
178.237.58.0/24 maxlen: 24
2a0d:5540:1::/48 maxlen: 48
2a0d:5540:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:58:3f:ed:b0:32:98:91:95:0f:c7:d2:f1:80:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beb62d475ed4b34b91478831667ee5896191e27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:84:6f:39:dd:02:1e:6e:f6:3d:c8:67:94:
08:ee:99:64:0f:90:4f:e7:79:16:03:b2:d5:7f:7c:
b8:75:d5:08:6f:ef:ab:98:dd:46:a4:84:09:78:fc:
11:0e:7d:c0:03:29:56:12:ae:01:8c:cf:69:d1:16:
bf:23:87:02:7c:8d:2a:63:fe:b1:c1:0d:81:52:1c:
0e:e5:1b:fb:19:32:a9:4c:0e:e1:08:9d:fb:1f:0a:
09:31:b8:52:0d:3b:53:cf:64:d0:41:2a:84:77:f6:
63:00:1b:9a:b8:63:83:6a:04:ba:44:0f:23:da:8c:
f5:55:e5:80:07:e4:52:9c:09:ee:3f:64:fc:ce:f4:
99:7f:84:fc:c9:9f:84:f1:16:c9:20:0b:f2:1e:1c:
67:0d:94:b6:8f:4e:bb:7c:5e:66:f6:42:79:5e:eb:
1a:69:39:0a:25:98:16:36:52:e2:65:1a:fb:b0:0d:
52:cd:31:d3:27:e0:0c:28:c0:95:f6:ff:c6:8f:d2:
47:e7:cf:df:30:4b:18:89:1e:aa:af:75:c4:25:46:
92:4c:3b:c1:39:fd:0f:4b:ca:d8:c4:bf:18:fe:a9:
6e:69:ee:8d:01:a2:02:62:8d:c3:e5:cf:93:0f:a4:
fe:e2:a8:00:87:64:75:ae:44:a0:3f:5d:39:3c:95:
30:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B6:2D:47:5E:D4:B3:4B:91:47:88:31:66:7E:E5:89:61:91:E2:7A
X509v3 Authority Key Identifier:
keyid:4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/vrYtR17Us0uRR4gxZn7liWGR4no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.57.0-178.237.58.255
IPv6:
2a0d:5540:1::-2a0d:5540:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
db:fb:86:11:8c:be:29:9d:99:96:70:89:fb:86:f8:01:ba:81:
bc:fe:bf:e9:ff:46:d8:c5:e5:a6:75:fc:69:67:40:8a:f2:de:
0b:dc:4d:e5:0a:56:7d:36:12:cd:b5:a3:5b:db:6e:0e:bf:08:
d2:7c:f5:29:4b:2e:07:25:b6:83:c8:a1:97:c1:42:7a:1a:d4:
8a:cc:95:a9:1f:ec:80:0e:5d:46:dc:b7:a0:06:87:11:43:47:
c2:61:0c:40:9b:9f:2b:f4:3f:75:dc:eb:5e:33:86:0b:42:86:
bb:e9:28:e6:1f:1d:96:d9:02:f0:e1:56:b0:14:44:ae:79:ac:
7c:00:5c:a5:01:c8:83:0c:07:20:21:c1:42:b4:00:9b:c9:61:
af:b9:a8:fc:7b:83:d3:ab:70:5a:81:af:e4:33:a3:f7:38:75:
63:4b:6c:97:c5:1c:45:49:d4:e4:20:4b:75:0a:df:78:1f:f8:
24:c7:63:eb:fa:c1:fc:02:ba:fc:57:4f:22:3b:84:e3:f0:7f:
4c:bd:b5:cb:5a:33:74:80:a9:ba:21:da:21:68:9c:81:44:67:
71:c8:3a:e8:5f:e1:fa:0e:b3:54:eb:13:2d:3d:d0:51:46:f0:
a2:83:98:79:8b:bb:72:99:fb:ec:06:e3:fd:9a:ee:96:58:fa:
38:b6:98:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQgaFg/7bAymJGVD8fS8YDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTlhZmQyMWNiOGZiZTZiODUwODAwY2Q0YjQ5ZjI1NjJj
OTJiYTAwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWI2MmQ0NzVlZDRiMzRiOTE0Nzg4MzE2NjdlZTU4OTYxOTFlMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYyEbzndAh5u9j3IZ5QI7plkD5BP
53kWA7LVf3y4ddUIb++rmN1GpIQJePwRDn3AAylWEq4BjM9p0Ra/I4cCfI0qY/6x
wQ2BUhwO5Rv7GTKpTA7hCJ37HwoJMbhSDTtTz2TQQSqEd/ZjABuauGODagS6RA8j
2oz1VeWAB+RSnAnuP2T8zvSZf4T8yZ+E8RbJIAvyHhxnDZS2j067fF5m9kJ5Xusa
aTkKJZgWNlLiZRr7sA1SzTHTJ+AMKMCV9v/Gj9JH58/fMEsYiR6qr3XEJUaSTDvB
Of0PS8rYxL8Y/qluae6NAaICYo3D5c+TD6T+4qgAh2R1rkSgP105PJUwbQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL62LUde1LNLkUeIMWZ+5YlhkeJ6MB8GA1UdIwQY
MBaAFEupr9IcuPvmuFCADNS0nyViySugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmIt
ZjY5NjIyNDI1NjUxLzEvdnJZdFIxN1VzMHVSUjRneFpuN2xpV0dSNG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmItZjY5NjIyNDI1NjUx
LzEvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBACy7TkD
BACy7TowGgQCAAIwFDASAwcAKg1VQAABAwcAKg1VQAACMA0GCSqGSIb3DQEBCwUA
A4IBAQDb+4YRjL4pnZmWcIn7hvgBuoG8/r/p/0bYxeWmdfxpZ0CK8t4L3E3lClZ9
NhLNtaNb224OvwjSfPUpSy4HJbaDyKGXwUJ6GtSKzJWpH+yADl1G3LegBocRQ0fC
YQxAm58r9D913OteM4YLQoa76SjmHx2W2QLw4VawFESueax8AFylAciDDAcgIcFC
tACbyWGvuaj8e4PTq3Baga/kM6P3OHVjS2yXxRxFSdTkIEt1Ct94H/gkx2Pr+sH8
Arr8V08iO4Tj8H9MvbXLWjN0gKm6IdohaJyBRGdxyDroX+H6DrNU6xMtPdBRRvCi
g5h5i7tymfvsBuP9mu6WWPo4tph+
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:22:51 2025 by rpki-client