Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/vT6MkqafH5VOMm1ZMgN21UjQYFs.roa
File: vT6MkqafH5VOMm1ZMgN21UjQYFs.roa (raw, json)
Hash identifier: dIHvBtvVugb4PHXdIHdFzDigve4LKcNg9oX/bIFSdDw=
Subject key identifier: BD:3E:8C:92:A6:9F:1F:95:4E:32:6D:59:32:03:76:D5:48:D0:60:5B
Certificate issuer: /CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Certificate serial: 019681FCCD864581F42FEED0A251B28114C7
Authority key identifier: 2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/vT6MkqafH5VOMm1ZMgN21UjQYFs.roa
Signing time: Tue 29 Apr 2025 14:39:10 +0000
ROA not before: Tue 29 Apr 2025 14:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202008
IP address blocks: 185.53.188.0/24 maxlen: 24
185.53.189.0/24 maxlen: 24
185.53.190.0/24 maxlen: 24
2a02:4060::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 04 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:fc:cd:86:45:81:f4:2f:ee:d0:a2:51:b2:81:14:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Validity
Not Before: Apr 29 14:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd3e8c92a69f1f954e326d59320376d548d0605b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:36:c5:7a:65:76:2d:ad:d6:b7:8d:e6:93:f6:
5a:42:b2:c6:ac:fd:dd:9c:02:e6:3b:0b:d2:49:e1:
84:a8:01:5e:05:16:63:3d:b9:5b:b1:8a:b0:d0:e0:
1d:ea:da:a6:ee:4a:14:8b:24:ac:f1:d1:07:50:2c:
5d:07:fc:e2:14:df:62:35:29:cd:5d:a4:ad:32:bb:
07:7c:db:3a:1d:3c:46:b7:8a:40:72:9b:68:2d:ee:
33:cf:42:5c:5c:16:09:81:ea:2f:1d:79:42:a7:02:
5c:07:20:42:9d:5d:58:f7:1a:c4:24:1e:5a:cf:67:
29:d3:47:e5:b8:21:24:88:9e:6f:4b:ea:44:a0:31:
1f:d9:74:a7:29:73:c8:7c:b4:49:29:c4:72:b8:e6:
8f:82:d5:50:ef:60:3e:d6:61:fb:34:57:ba:85:25:
64:09:79:fd:fd:27:19:3b:22:4a:ae:42:22:07:7d:
74:4c:34:24:aa:83:c2:76:a2:e9:91:a9:44:26:80:
68:49:2b:07:6a:1f:5c:d5:63:8d:47:75:95:b4:4c:
04:94:99:69:94:70:ce:9b:01:55:1c:81:b4:96:6c:
4d:59:ac:62:3f:df:01:74:0a:2a:a5:af:9b:c8:a6:
4f:db:42:ff:d3:27:ce:cb:e3:e8:57:b0:8a:08:65:
29:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3E:8C:92:A6:9F:1F:95:4E:32:6D:59:32:03:76:D5:48:D0:60:5B
X509v3 Authority Key Identifier:
keyid:2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/vT6MkqafH5VOMm1ZMgN21UjQYFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.188.0-185.53.190.255
IPv6:
2a02:4060::/29
Signature Algorithm: sha256WithRSAEncryption
a1:a0:f5:df:69:74:6d:31:78:1e:4b:ed:d1:24:d6:6a:50:e1:
5a:52:c7:b1:b0:cf:8b:1c:39:92:cc:6d:cb:a5:a5:3c:13:7f:
74:0c:27:fd:98:e3:f8:24:5f:fa:87:83:bc:0a:9e:11:d7:9b:
50:4d:6f:01:16:ca:a4:0e:3a:e3:a6:50:56:92:fb:dc:f8:0f:
fd:e5:cf:14:e5:50:0c:42:be:1b:49:39:a7:77:7d:f2:d3:8d:
1d:f3:65:ea:fe:01:6a:1c:cf:12:95:40:d4:5f:34:ec:ae:e0:
2d:9a:bf:01:df:81:ef:6e:90:b9:4d:94:0c:9f:cf:21:e9:f4:
c6:5f:e3:fd:ba:78:20:79:34:43:a7:e1:ef:70:76:4f:96:7b:
a0:ec:94:5a:90:e5:97:47:54:dd:57:84:e1:81:39:93:bc:66:
72:c8:c9:4a:6f:57:5c:11:7e:83:a5:d7:88:ab:9c:b2:c6:ac:
1f:f9:ea:f3:9a:15:f6:7a:14:30:7f:a5:59:fb:fa:45:e1:0e:
9b:81:89:1a:93:7e:50:7b:cb:2b:ed:e5:3c:56:27:be:98:e9:
f8:e9:8a:70:9a:bc:0a:64:c3:9d:8d:dd:97:d0:04:08:31:6a:
49:f9:95:77:db:d7:88:b7:8d:5c:36:79:33:1d:79:f1:04:dc:
74:28:13:28
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZaB/M2GRYH0L+7QolGygRTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTgyMDJiNGQwYzVjMTExZDM3NGYxZTk4YjczZGI0OTI0
ZDY0YjEwHhcNMjUwNDI5MTQzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNlOGM5MmE2OWYxZjk1NGUzMjZkNTkzMjAzNzZkNTQ4ZDA2MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zbFemV2La3Wt43mk/ZaQrLGrP3d
nALmOwvSSeGEqAFeBRZjPblbsYqw0OAd6tqm7koUiySs8dEHUCxdB/ziFN9iNSnN
XaStMrsHfNs6HTxGt4pAcptoLe4zz0JcXBYJgeovHXlCpwJcByBCnV1Y9xrEJB5a
z2cp00fluCEkiJ5vS+pEoDEf2XSnKXPIfLRJKcRyuOaPgtVQ72A+1mH7NFe6hSVk
CXn9/ScZOyJKrkIiB310TDQkqoPCdqLpkalEJoBoSSsHah9c1WONR3WVtEwElJlp
lHDOmwFVHIG0lmxNWaxiP98BdAoqpa+byKZP20L/0yfOy+PoV7CKCGUprwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL0+jJKmnx+VTjJtWTIDdtVI0GBbMB8GA1UdIwQY
MBaAFCqoICtNDFwRHTdPHpi3PbSSTWSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEt
NmU3YmFlNWZmODk4LzEvdlQ2TWtxYWZINVZPTW0xWk1nTjIxVWpRWUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEtNmU3YmFlNWZmODk4
LzEvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5NbwD
BAC5Nb4wDQQCAAIwBwMFAyoCQGAwDQYJKoZIhvcNAQELBQADggEBAKGg9d9pdG0x
eB5L7dEk1mpQ4VpSx7Gwz4scOZLMbculpTwTf3QMJ/2Y4/gkX/qHg7wKnhHXm1BN
bwEWyqQOOuOmUFaS+9z4D/3lzxTlUAxCvhtJOad3ffLTjR3zZer+AWoczxKVQNRf
NOyu4C2avwHfge9ukLlNlAyfzyHp9MZf4/26eCB5NEOn4e9wdk+We6DslFqQ5ZdH
VN1XhOGBOZO8ZnLIyUpvV1wRfoOl14irnLLGrB/56vOaFfZ6FDB/pVn7+kXhDpuB
iRqTflB7yyvt5TxWJ76Y6fjpinCavApkw52N3ZfQBAgxakn5lXfb14i3jVw2eTMd
efEE3HQoEyg=
-----END CERTIFICATE-----
Generated at Sat May 3 12:33:33 2025 by rpki-client