Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Vhz0sD1X3JaMKF503gdqv8PhsM4.roa
File: Vhz0sD1X3JaMKF503gdqv8PhsM4.roa (raw, json)
Hash identifier: BrYUMuaIlMfGnn+c8/veAwX47+8CrpdMnhe1CB99ngw=
Subject key identifier: 56:1C:F4:B0:3D:57:DC:96:8C:28:5E:74:DE:07:6A:BF:C3:E1:B0:CE
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019832F18574ACD24B2959FBE11C7F32F43F
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Vhz0sD1X3JaMKF503gdqv8PhsM4.roa
Signing time: Tue 22 Jul 2025 16:22:25 +0000
ROA not before: Tue 22 Jul 2025 16:22:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210415
IP address blocks: 2.59.195.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
45.80.80.0/24 maxlen: 24
45.130.163.0/24 maxlen: 24
45.137.12.0/23 maxlen: 24
45.137.139.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
89.42.113.0/24 maxlen: 24
91.132.30.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
185.226.192.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
201.49.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:f1:85:74:ac:d2:4b:29:59:fb:e1:1c:7f:32:f4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 22 16:22:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=561cf4b03d57dc968c285e74de076abfc3e1b0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c2:4e:17:4d:c5:c1:29:fc:88:35:f4:9a:94:
23:ed:4b:5e:0e:52:77:e8:ee:71:45:76:46:2c:02:
11:47:70:54:5e:0a:44:1d:8a:77:ef:dc:9a:d3:a1:
15:04:90:da:30:f2:be:50:05:90:17:2c:7a:db:54:
e6:9e:61:53:88:ce:67:e4:e5:42:df:c1:99:7f:fb:
0c:ce:58:c6:2c:96:74:05:a6:86:13:97:18:32:a8:
60:d0:de:c1:05:ac:5e:ca:df:4c:41:09:f9:83:cc:
32:9b:00:06:09:c6:fd:0f:a9:ff:21:81:4f:8b:42:
89:2a:3a:d1:99:45:7b:66:0e:0f:f8:2a:05:54:2c:
32:25:92:65:aa:72:29:2a:04:89:5c:1b:3e:ef:29:
cd:ae:79:a3:ab:5e:34:bb:f5:95:ff:e5:6f:90:44:
6d:7a:1e:26:a3:91:63:06:9e:9b:ae:3f:96:68:51:
5b:81:31:d4:8b:38:55:d2:60:bd:72:4c:51:e1:79:
e3:52:ee:88:38:6a:f7:05:a8:cc:23:3f:68:ad:b8:
61:ea:82:f2:88:d8:e8:9d:48:32:a3:e7:49:a8:3a:
48:df:af:03:7f:46:9e:8e:62:16:9a:82:3e:84:9f:
0c:8d:de:2f:56:ac:d2:c1:3d:8e:e9:58:3b:86:67:
e3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1C:F4:B0:3D:57:DC:96:8C:28:5E:74:DE:07:6A:BF:C3:E1:B0:CE
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Vhz0sD1X3JaMKF503gdqv8PhsM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.195.0/24
31.15.7.0/24
45.80.80.0/24
45.130.163.0/24
45.137.12.0/23
45.137.139.0/24
45.145.135.0/24
80.66.125.0/24
89.42.113.0/24
91.132.30.0/24
178.19.42.0/24
185.226.192.0/24
185.231.187.0/24
185.246.15.0/24
201.49.188.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:27:e2:c3:d8:11:2a:0e:e6:5b:b2:9b:b0:1b:17:ae:b7:40:
ce:5a:28:63:15:4d:65:c6:8b:1e:d7:08:32:13:3d:6e:7d:8b:
4b:38:f3:55:c3:2e:ad:1e:51:d4:a3:1c:d0:66:b2:82:b5:d2:
22:d1:ae:97:3f:90:93:65:8b:1f:9b:d4:e4:8c:33:c6:be:c7:
31:4c:94:9f:50:02:6f:32:ca:7f:ae:e9:32:b9:61:c3:42:e9:
15:79:b8:b4:60:1f:94:aa:57:13:ad:96:78:38:17:2e:35:e0:
70:d2:f9:fc:7a:4f:3d:71:d1:68:79:da:ef:b5:20:95:17:ca:
5f:11:bc:31:51:aa:2b:93:a8:cb:4c:a7:11:fd:7f:cc:c8:ba:
c4:e4:a0:cf:28:a4:cf:93:89:38:9f:5c:56:56:30:cf:a8:fe:
5f:7c:b6:03:ef:99:61:4e:c4:78:35:30:d5:4c:1b:8c:1e:11:
fe:d1:c9:f3:f2:84:1b:71:22:61:ad:05:19:52:cf:7c:93:d8:
4a:73:98:05:3c:52:ea:b5:62:94:a3:ac:60:c1:fd:50:12:4c:
bc:bd:78:c5:54:99:ba:9d:7e:85:5d:d4:cf:7d:0b:01:d2:ff:
7c:f0:86:f3:cc:52:32:f6:d7:ee:57:c4:47:07:98:95:76:69:
53:48:aa:43
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZgy8YV0rNJLKVn74Rx/MvQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNzIyMTYyMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFjZjRiMDNkNTdkYzk2OGMyODVlNzRkZTA3NmFiZmMzZTFiMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MJOF03FwSn8iDX0mpQj7UteDlJ3
6O5xRXZGLAIRR3BUXgpEHYp379ya06EVBJDaMPK+UAWQFyx621TmnmFTiM5n5OVC
38GZf/sMzljGLJZ0BaaGE5cYMqhg0N7BBaxeyt9MQQn5g8wymwAGCcb9D6n/IYFP
i0KJKjrRmUV7Zg4P+CoFVCwyJZJlqnIpKgSJXBs+7ynNrnmjq140u/WV/+VvkERt
eh4mo5FjBp6brj+WaFFbgTHUizhV0mC9ckxR4XnjUu6IOGr3BajMIz9orbhh6oLy
iNjonUgyo+dJqDpI368Df0aejmIWmoI+hJ8Mjd4vVqzSwT2O6Vg7hmfjCQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFYc9LA9V9yWjChedN4Har/D4bDOMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVmh6MHNEMVgzSmFNS0Y1MDNnZHF2OFBoc000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjvDAwQA
Hw8HAwQALVBQAwQALYKjAwQBLYkMAwQALYmLAwQALZGHAwQAUEJ9AwQAWSpxAwQA
W4QeAwQAshMqAwQAueLAAwQAuee7AwQAufYPAwQAyTG8MA0GCSqGSIb3DQEBCwUA
A4IBAQDMJ+LD2BEqDuZbspuwGxeut0DOWihjFU1lxose1wgyEz1ufYtLOPNVwy6t
HlHUoxzQZrKCtdIi0a6XP5CTZYsfm9TkjDPGvscxTJSfUAJvMsp/rukyuWHDQukV
ebi0YB+UqlcTrZZ4OBcuNeBw0vn8ek89cdFoedrvtSCVF8pfEbwxUaork6jLTKcR
/X/MyLrE5KDPKKTPk4k4n1xWVjDPqP5ffLYD75lhTsR4NTDVTBuMHhH+0cnz8oQb
cSJhrQUZUs98k9hKc5gFPFLqtWKUo6xgwf1QEky8vXjFVJm6nX6FXdTPfQsB0v98
8IbzzFIy9tfuV8RHB5iVdmlTSKpD
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:04:13 2025 by rpki-client