Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/Vxpb4qJ9bYXDPXhzI_87rtiLuZ4.roa
File: Vxpb4qJ9bYXDPXhzI_87rtiLuZ4.roa (raw, json)
Hash identifier: ezjzpapAn7m7wLiPO5x/owz6rksCKM1DKAoQ0mrVR+k=
Subject key identifier: 57:1A:5B:E2:A2:7D:6D:85:C3:3D:78:73:23:FF:3B:AE:D8:8B:B9:9E
Certificate issuer: /CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Certificate serial: 01966D13B668AAD35FBBE601F63BAD25B502
Authority key identifier: 5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/Vxpb4qJ9bYXDPXhzI_87rtiLuZ4.roa
Signing time: Fri 25 Apr 2025 13:12:10 +0000
ROA not before: Fri 25 Apr 2025 13:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51306
IP address blocks: 151.216.45.0/24 maxlen: 24
194.127.244.0/22 maxlen: 24
2a07:cf80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:13:b6:68:aa:d3:5f:bb:e6:01:f6:3b:ad:25:b5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Validity
Not Before: Apr 25 13:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=571a5be2a27d6d85c33d787323ff3baed88bb99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ac:46:03:62:5e:a1:fc:bd:14:1a:d3:51:ad:
7c:cc:70:1e:32:4e:bf:6d:15:08:b1:74:2a:4c:b6:
6d:13:b8:45:76:ba:05:c1:d2:ce:42:a9:3d:82:51:
c0:3b:46:44:d1:cf:be:bb:f9:f9:11:f4:76:2e:8f:
2f:17:07:7f:0f:3b:15:3b:2d:c3:55:0d:41:44:d1:
71:9c:17:a1:90:0f:45:07:12:57:60:37:eb:b2:66:
54:a2:e2:1a:1a:d2:0f:49:97:59:7e:0f:8e:0d:ad:
7b:6f:0d:64:a6:c3:16:bf:20:83:a2:14:b6:32:56:
2e:51:41:0b:94:4f:39:24:ba:63:09:56:e3:6b:bb:
8c:43:d1:9b:fa:0d:1c:eb:a9:d7:38:63:40:dd:8a:
e4:55:02:ba:01:83:0b:ea:92:d5:d0:f6:69:29:6d:
fd:c6:d0:39:74:88:0a:b5:b3:09:ff:e7:c8:1e:5e:
c7:0f:17:c3:af:eb:3e:73:88:27:40:97:72:67:ca:
8e:68:19:cd:f3:1f:1f:ea:aa:cb:a4:31:25:59:b0:
2e:95:3d:d9:fc:2f:8b:ca:db:69:74:cc:28:5c:5e:
36:b0:ee:ac:21:23:ef:07:c6:1f:7c:b2:ba:3a:56:
6c:67:98:b2:14:d0:21:09:80:3a:c1:35:20:6e:28:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1A:5B:E2:A2:7D:6D:85:C3:3D:78:73:23:FF:3B:AE:D8:8B:B9:9E
X509v3 Authority Key Identifier:
keyid:5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/Vxpb4qJ9bYXDPXhzI_87rtiLuZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.45.0/24
194.127.244.0/22
IPv6:
2a07:cf80::/32
Signature Algorithm: sha256WithRSAEncryption
a3:62:2a:2c:0f:db:2d:b5:a5:5f:8d:d0:68:f5:88:a6:dd:ad:
d6:85:a1:30:48:fb:7c:0f:c7:a4:c3:12:78:e1:1b:8a:57:88:
bc:c0:52:b9:67:ad:72:5d:09:53:5e:7f:76:1f:6e:a4:67:fa:
f1:ac:44:3f:c6:85:e1:49:39:2f:85:38:b1:e9:df:fb:7b:f0:
ff:98:1e:ad:4b:04:fe:b0:85:e7:ef:28:2b:d5:9a:ed:1b:e0:
bd:25:9d:a6:a5:b0:ad:f4:63:f1:1e:f2:0c:b1:a7:4b:87:6e:
b0:de:89:2b:d4:0b:cf:8e:a0:95:36:f2:cb:3a:48:ba:a2:74:
25:be:14:2d:94:1e:6f:1b:71:da:50:77:6d:db:b2:87:a6:a3:
46:ba:f8:f0:c3:3a:5e:a7:a5:f6:78:f3:7b:fb:c5:4a:a5:2b:
4a:2a:e1:fa:35:8a:52:58:d6:da:b7:84:39:98:ce:4e:7f:98:
a8:6c:c3:49:36:cb:81:a5:58:32:55:b6:68:9e:f1:09:0c:c1:
f7:00:48:c6:b8:ca:a8:2d:62:bf:85:f1:9f:26:dc:8f:7b:e3:
94:a0:3f:b1:9c:9b:cc:54:78:8e:12:e0:3a:02:25:55:98:8b:
54:5f:10:d2:be:ea:0d:aa:46:be:6b:90:75:0a:0d:28:8c:24:
bc:f2:aa:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZZtE7ZoqtNfu+YB9jutJbUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDk0M2E0MWNlMjdlN2I3YmNmZGZmNjlhODljM2UzMzdl
YTYzYjUwHhcNMjUwNDI1MTMxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzFhNWJlMmEyN2Q2ZDg1YzMzZDc4NzMyM2ZmM2JhZWQ4OGJiOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKxGA2Jeofy9FBrTUa18zHAeMk6/
bRUIsXQqTLZtE7hFdroFwdLOQqk9glHAO0ZE0c++u/n5EfR2Lo8vFwd/DzsVOy3D
VQ1BRNFxnBehkA9FBxJXYDfrsmZUouIaGtIPSZdZfg+ODa17bw1kpsMWvyCDohS2
MlYuUUELlE85JLpjCVbja7uMQ9Gb+g0c66nXOGNA3YrkVQK6AYML6pLV0PZpKW39
xtA5dIgKtbMJ/+fIHl7HDxfDr+s+c4gnQJdyZ8qOaBnN8x8f6qrLpDElWbAulT3Z
/C+LyttpdMwoXF42sO6sISPvB8YffLK6OlZsZ5iyFNAhCYA6wTUgbih0hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFcaW+KifW2Fwz14cyP/O67Yi7meMB8GA1UdIwQY
MBaAFFrZQ6Qc4n57e8/f9pqJw+M36mO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQt
ODRmOTA1OTM5MTNjLzEvVnhwYjRxSjliWVhEUFhoeklfODdydGlMdVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQtODRmOTA1OTM5MTNj
LzEvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAl9gtAwQC
wn/0MA0EAgACMAcDBQAqB8+AMA0GCSqGSIb3DQEBCwUAA4IBAQCjYiosD9sttaVf
jdBo9Yim3a3WhaEwSPt8D8ekwxJ44RuKV4i8wFK5Z61yXQlTXn92H26kZ/rxrEQ/
xoXhSTkvhTix6d/7e/D/mB6tSwT+sIXn7ygr1ZrtG+C9JZ2mpbCt9GPxHvIMsadL
h26w3okr1AvPjqCVNvLLOki6onQlvhQtlB5vG3HaUHdt27KHpqNGuvjwwzpep6X2
ePN7+8VKpStKKuH6NYpSWNbat4Q5mM5Of5iobMNJNsuBpVgyVbZonvEJDMH3AEjG
uMqoLWK/hfGfJtyPe+OUoD+xnJvMVHiOEuA6AiVVmItUXxDSvuoNqka+a5B1Cg0o
jCS88qrc
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:11:39 2025 by rpki-client