Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/vufqvijErr72mITArBLgabL0mwI.roa
File: vufqvijErr72mITArBLgabL0mwI.roa (raw, json)
Hash identifier: flvn7/JnwrM6cv42CLW4VjmRwwX7CHHWhtVdLf/pPtY=
Subject key identifier: BE:E7:EA:BE:28:C4:AE:BE:F6:98:84:C0:AC:12:E0:69:B2:F4:9B:02
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196B19937E9171D387C4B0D3EC6A180BC55
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/vufqvijErr72mITArBLgabL0mwI.roa
Signing time: Thu 08 May 2025 20:32:10 +0000
ROA not before: Thu 08 May 2025 20:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215568
IP address blocks: 2a10:b42::/32 maxlen: 32
2a10:3f87::/32 maxlen: 32
2a13:b4c6::/32 maxlen: 32
2a13:c247:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:99:37:e9:17:1d:38:7c:4b:0d:3e:c6:a1:80:bc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 8 20:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bee7eabe28c4aebef69884c0ac12e069b2f49b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2c:54:1a:1a:56:36:7a:01:cc:d9:4f:d9:70:
81:bf:d4:5e:2e:64:19:21:49:49:f2:fb:9c:ec:6e:
73:b0:a5:8f:f4:88:b5:26:2f:82:79:e0:a9:4d:3a:
85:f7:ad:b0:e1:3f:de:24:99:77:a8:2e:73:31:8e:
57:b1:a3:4f:ba:db:42:26:c3:40:97:17:52:4d:53:
b7:a5:a9:aa:34:62:6c:de:ff:ab:51:55:f6:f9:69:
4b:fc:db:8e:d4:9a:62:8c:1c:e8:80:c7:52:7e:c4:
41:1c:60:23:0d:08:1a:21:bd:5b:a7:20:21:49:23:
c8:46:1d:e0:36:4a:42:a9:84:ac:50:b8:fb:b6:de:
29:15:aa:84:72:ae:ff:44:2b:c8:4b:97:8a:ff:b6:
37:5b:af:56:a2:fe:65:b9:aa:1f:49:50:da:70:d3:
8f:dd:68:f7:5f:d1:74:24:e9:c7:36:5c:e1:68:06:
07:86:54:6f:77:c6:76:5d:8a:f3:ac:52:be:02:58:
7c:01:4e:70:f0:c3:20:dd:2b:70:14:a2:46:45:60:
c9:fc:4a:9d:e1:82:1d:3b:7c:c7:95:13:3b:32:c5:
8f:c2:17:e9:7f:52:06:e1:ea:53:76:cf:4c:2d:9f:
be:4c:98:50:15:71:9a:7a:0c:02:a1:bc:de:83:c6:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E7:EA:BE:28:C4:AE:BE:F6:98:84:C0:AC:12:E0:69:B2:F4:9B:02
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/vufqvijErr72mITArBLgabL0mwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b42::/32
2a10:3f87::/32
2a13:b4c6::/32
2a13:c247:8000::/33
Signature Algorithm: sha256WithRSAEncryption
d1:f5:ad:98:90:eb:70:d1:c9:b4:d1:c8:cb:45:eb:d3:75:f3:
af:29:5b:4a:53:16:0a:7f:d1:96:72:5f:a9:05:c5:c8:c2:dd:
d6:ca:d8:d0:79:97:03:fb:a6:15:28:1c:3b:d2:5e:1b:20:9c:
03:14:de:fe:8a:38:a4:3e:44:bd:ba:09:4b:d6:70:61:13:a4:
1b:59:b3:13:1b:09:b7:fa:f6:8c:00:59:d6:b6:ae:5b:86:7a:
b2:2a:c2:00:fc:39:ce:b4:4c:22:15:a0:73:ad:cf:1d:4c:bc:
d6:5a:28:96:38:83:30:6d:97:42:dd:21:1a:99:f3:b4:d6:c0:
98:64:7c:30:18:af:63:26:b8:af:ce:36:a3:bf:91:9d:96:e3:
55:62:94:00:88:e1:bb:77:5c:8e:f3:5b:be:dc:0e:30:ac:54:
35:aa:70:ba:c4:48:49:82:d8:d2:0c:b2:82:00:b3:94:5d:8a:
79:d2:73:6c:44:44:7f:2c:88:90:a1:20:a0:50:6e:b0:94:b1:
30:4b:e0:5c:58:e4:10:ac:7a:4a:1b:6a:a3:63:19:c3:5a:c7:
88:a0:5e:ea:46:dd:31:7f:1c:3b:58:f9:66:60:59:be:e1:65:
12:43:73:c3:91:e5:d6:ed:23:5a:83:9f:f1:00:6c:eb:25:71:
94:c6:12:e5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZaxmTfpFx04fEsNPsahgLxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTA4MjAzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWU3ZWFiZTI4YzRhZWJlZjY5ODg0YzBhYzEyZTA2OWIyZjQ5YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCxUGhpWNnoBzNlP2XCBv9ReLmQZ
IUlJ8vuc7G5zsKWP9Ii1Ji+CeeCpTTqF962w4T/eJJl3qC5zMY5XsaNPuttCJsNA
lxdSTVO3pamqNGJs3v+rUVX2+WlL/NuO1JpijBzogMdSfsRBHGAjDQgaIb1bpyAh
SSPIRh3gNkpCqYSsULj7tt4pFaqEcq7/RCvIS5eK/7Y3W69Wov5luaofSVDacNOP
3Wj3X9F0JOnHNlzhaAYHhlRvd8Z2XYrzrFK+Alh8AU5w8MMg3StwFKJGRWDJ/Eqd
4YIdO3zHlRM7MsWPwhfpf1IG4epTds9MLZ++TJhQFXGaegwCobzeg8ay8QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL7n6r4oxK6+9piEwKwS4Gmy9JsCMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdnVmcXZpakVycjcybUlUQXJCTGdhYkwwbXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwUAKhALQgMF
ACoQP4cDBQAqE7TGAwYHKhPCR4AwDQYJKoZIhvcNAQELBQADggEBANH1rZiQ63DR
ybTRyMtF69N1868pW0pTFgp/0ZZyX6kFxcjC3dbK2NB5lwP7phUoHDvSXhsgnAMU
3v6KOKQ+RL26CUvWcGETpBtZsxMbCbf69owAWda2rluGerIqwgD8Oc60TCIVoHOt
zx1MvNZaKJY4gzBtl0LdIRqZ87TWwJhkfDAYr2MmuK/ONqO/kZ2W41VilACI4bt3
XI7zW77cDjCsVDWqcLrESEmC2NIMsoIAs5RdinnSc2xERH8siJChIKBQbrCUsTBL
4FxY5BCsekobaqNjGcNax4igXupG3TF/HDtY+WZgWb7hZRJDc8OR5dbtI1qDn/EA
bOslcZTGEuU=
-----END CERTIFICATE-----
Generated at Sun May 11 18:52:04 2025 by rpki-client