Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Vaon60b4zHrksDOoYnDPkaadIxU.roa
File: Vaon60b4zHrksDOoYnDPkaadIxU.roa (raw, json)
Hash identifier: Uok4nskSinodPJTJYseZVbLMCiqE058+0pxNVBQOsk8=
Subject key identifier: 55:AA:27:EB:46:F8:CC:7A:E4:B0:33:A8:62:70:CF:91:A6:9D:23:15
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B8EE71F9C4202237DFACE83B765DE
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Vaon60b4zHrksDOoYnDPkaadIxU.roa
Signing time: Thu 02 Jan 2025 09:49:30 +0000
ROA not before: Thu 02 Jan 2025 09:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50563
IP address blocks: 5.154.0.0/24 maxlen: 24
5.154.44.0/24 maxlen: 24
84.236.143.0/24 maxlen: 24
88.148.52.0/23 maxlen: 23
88.148.52.0/24 maxlen: 24
88.148.53.0/24 maxlen: 24
88.148.115.0/24 maxlen: 24
89.46.140.0/23 maxlen: 23
89.46.140.0/24 maxlen: 24
89.46.141.0/24 maxlen: 24
94.76.141.0/24 maxlen: 24
94.76.146.0/24 maxlen: 24
94.76.171.0/24 maxlen: 24
176.56.116.0/24 maxlen: 24
176.227.145.0/24 maxlen: 24
178.156.57.0/24 maxlen: 24
178.156.121.0/24 maxlen: 24
185.27.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8e:e7:1f:9c:42:02:23:7d:fa:ce:83:b7:65:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55aa27eb46f8cc7ae4b033a86270cf91a69d2315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6c:f7:11:7b:49:c5:25:e9:39:0a:dc:23:a6:
80:60:81:5a:a2:11:b5:f4:eb:48:0a:5f:b8:ba:95:
ce:fc:ac:65:cc:d5:60:2f:eb:dc:aa:9f:5b:bb:fb:
af:89:b7:42:da:bd:5e:83:63:39:a1:c5:84:2e:f8:
d4:61:49:a1:19:49:7c:7e:08:c6:b7:52:1f:6b:96:
97:e0:57:22:08:c9:c0:a0:cf:78:8e:a1:24:43:2b:
0a:d6:1f:6c:e7:fd:13:cb:4f:c8:49:46:92:cc:39:
b9:9c:85:93:d9:57:66:a4:9f:9f:23:23:bb:70:3b:
84:ad:90:d7:ef:1a:d4:54:f7:24:88:c3:f7:2b:16:
25:dd:3f:26:18:10:00:0d:c7:1a:1b:73:61:af:36:
ac:58:32:b7:5d:d0:c7:37:df:f1:fd:a3:e9:f1:2f:
ee:9f:50:29:5c:db:99:da:9c:48:61:fa:33:f6:2e:
57:fb:19:47:d8:83:4b:c8:a6:ec:45:ef:fb:42:a6:
4e:5c:4d:76:1b:00:0e:c8:70:39:1b:4c:3e:92:ad:
51:f8:2e:de:a7:6f:38:b6:5f:05:dd:8c:75:01:1f:
b7:e9:8e:f3:a4:31:ff:7c:d9:59:b3:4a:e5:cc:74:
8f:7d:f4:69:d8:65:e1:99:a0:96:6b:9d:1f:88:30:
a6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AA:27:EB:46:F8:CC:7A:E4:B0:33:A8:62:70:CF:91:A6:9D:23:15
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Vaon60b4zHrksDOoYnDPkaadIxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.0.0/24
5.154.44.0/24
84.236.143.0/24
88.148.52.0/23
88.148.115.0/24
89.46.140.0/23
94.76.141.0/24
94.76.146.0/24
94.76.171.0/24
176.56.116.0/24
176.227.145.0/24
178.156.57.0/24
178.156.121.0/24
185.27.125.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ad:d5:19:47:05:92:29:8d:76:2b:d3:18:27:89:dd:a1:49:
b7:35:35:06:ce:e6:0e:fd:1e:b3:52:09:4f:5a:4c:df:ad:11:
18:fe:e2:a5:f7:64:6a:9b:9f:a4:05:0f:7b:cc:9f:e9:c2:e3:
40:c7:52:1c:98:1f:db:73:ed:b9:e2:92:76:eb:12:0f:8e:81:
a8:1c:e4:5c:b5:97:0c:c8:f8:91:1c:f6:fe:ea:f8:2c:b9:39:
4b:d7:18:fa:01:b2:77:99:4a:9e:56:c6:f8:ca:60:55:21:32:
bb:f4:34:f3:72:0f:64:05:d8:6a:59:91:dd:a7:f2:ae:83:b2:
b0:5c:b7:b7:ed:23:7d:99:0c:d2:fd:87:79:a0:54:82:99:fa:
cd:7e:eb:74:12:b6:82:29:36:a4:97:e1:73:18:4b:bd:00:a6:
9f:6d:07:89:98:ea:10:03:96:90:b4:5a:99:08:9d:44:2a:1f:
f3:db:29:78:37:00:e4:6a:dd:ef:33:29:f0:01:b1:4e:c9:86:
59:f1:b1:8a:9f:27:a4:3d:4a:a8:76:b1:65:1e:4e:c4:65:dc:
5b:f3:ba:29:b3:bc:bf:a7:ec:54:81:88:18:ee:64:af:a8:b7:
32:e8:40:59:92:ce:43:50:4e:7c:e2:7e:ca:31:31:d8:f0:cc:
91:95:93:a2
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQma47nH5xCAiN9+s6Dt2XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFhMjdlYjQ2ZjhjYzdhZTRiMDMzYTg2MjcwY2Y5MWE2OWQyMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mz3EXtJxSXpOQrcI6aAYIFaohG1
9OtICl+4upXO/KxlzNVgL+vcqp9bu/uvibdC2r1eg2M5ocWELvjUYUmhGUl8fgjG
t1Ifa5aX4FciCMnAoM94jqEkQysK1h9s5/0Ty0/ISUaSzDm5nIWT2VdmpJ+fIyO7
cDuErZDX7xrUVPckiMP3KxYl3T8mGBAADccaG3NhrzasWDK3XdDHN9/x/aPp8S/u
n1ApXNuZ2pxIYfoz9i5X+xlH2INLyKbsRe/7QqZOXE12GwAOyHA5G0w+kq1R+C7e
p284tl8F3Yx1AR+36Y7zpDH/fNlZs0rlzHSPffRp2GXhmaCWa50fiDCm7wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFWqJ+tG+Mx65LAzqGJwz5GmnSMVMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvVmFvbjYwYjR6SHJrc0RPb1luRFBrYWFkSXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABZoAAwQA
BZosAwQAVOyPAwQBWJQ0AwQAWJRzAwQBWS6MAwQAXkyNAwQAXkySAwQAXkyrAwQA
sDh0AwQAsOORAwQAspw5AwQAspx5AwQAuRt9MA0GCSqGSIb3DQEBCwUAA4IBAQCK
rdUZRwWSKY12K9MYJ4ndoUm3NTUGzuYO/R6zUglPWkzfrREY/uKl92Rqm5+kBQ97
zJ/pwuNAx1IcmB/bc+254pJ26xIPjoGoHORctZcMyPiRHPb+6vgsuTlL1xj6AbJ3
mUqeVsb4ymBVITK79DTzcg9kBdhqWZHdp/Kug7KwXLe37SN9mQzS/Yd5oFSCmfrN
fut0EraCKTakl+FzGEu9AKafbQeJmOoQA5aQtFqZCJ1EKh/z2yl4NwDkat3vMynw
AbFOyYZZ8bGKnyekPUqodrFlHk7EZdxb87ops7y/p+xUgYgY7mSvqLcy6EBZks5D
UE584n7KMTHY8MyRlZOi
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:42:07 2025 by rpki-client