Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VimoZDwh45TkWi67qSatlJI1aHk.roa
File: VimoZDwh45TkWi67qSatlJI1aHk.roa (raw, json)
Hash identifier: lEY9ExmPIuqNTcIkFM74+pTvg6MExoYgW3Kzu8up6Ns=
Subject key identifier: 56:29:A8:64:3C:21:E3:94:E4:5A:2E:BB:A9:26:AD:94:92:35:68:79
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0197EEDF1C6F10C5412D99735A4DEEEA2085
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VimoZDwh45TkWi67qSatlJI1aHk.roa
Signing time: Wed 09 Jul 2025 11:08:08 +0000
ROA not before: Wed 09 Jul 2025 11:08:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 140.150.8.0/24 maxlen: 24
140.150.17.0/24 maxlen: 24
146.103.69.0/24 maxlen: 24
146.103.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 18:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:df:1c:6f:10:c5:41:2d:99:73:5a:4d:ee:ea:20:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jul 9 11:08:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5629a8643c21e394e45a2ebba926ad9492356879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:05:ef:71:e1:ae:8a:6c:a8:d2:50:f0:b8:
ad:04:4d:80:84:ce:98:40:9a:9e:2f:98:35:e4:6a:
d9:df:25:cf:59:ee:89:cc:91:0e:4e:d8:d6:f2:55:
84:1b:ab:5c:0c:c6:10:3a:e8:7d:37:c0:a0:99:6f:
b3:b1:60:d3:1c:eb:ef:bd:2d:8d:69:c6:07:54:ee:
52:69:f5:90:c5:1e:b1:7a:a5:39:e0:94:34:c6:f5:
0e:ed:24:38:50:82:95:36:da:3e:9e:77:08:18:e3:
8e:29:a4:a3:5b:06:5b:36:2c:94:d7:51:9a:01:e6:
e1:17:a4:cc:61:42:99:28:a3:cb:a3:5e:7c:cd:04:
7e:ba:76:ce:98:8b:9d:1f:fd:23:34:20:59:7e:b4:
26:ae:af:b7:ef:c9:f8:d5:e0:d8:fa:c5:0c:70:2c:
f6:af:ac:80:99:e1:06:64:33:fb:c1:f5:2c:6e:02:
c9:2a:88:24:87:bd:da:9c:7b:a4:30:e0:d3:5c:85:
e1:04:18:41:5e:45:37:ea:1b:a9:6a:f5:e9:66:7b:
f3:fd:96:63:ef:3d:3c:5b:60:1e:6f:f0:32:7d:c1:
49:8c:7c:f3:94:3a:a4:62:ff:02:23:10:0f:ab:5f:
9c:66:82:4f:45:55:fd:ec:fe:28:58:8a:e2:06:55:
35:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:29:A8:64:3C:21:E3:94:E4:5A:2E:BB:A9:26:AD:94:92:35:68:79
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VimoZDwh45TkWi67qSatlJI1aHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.8.0/24
140.150.17.0/24
146.103.69.0-146.103.70.255
Signature Algorithm: sha256WithRSAEncryption
a7:32:07:59:3b:ce:1f:d8:54:08:11:d1:d6:06:82:93:e4:57:
52:7f:3f:0b:29:6a:21:a7:bb:9d:8d:33:ea:a1:39:fd:8a:5f:
27:7a:a7:69:5e:68:b7:11:bf:f8:3f:3d:ca:c0:e3:5e:7b:18:
89:77:0a:3a:11:81:46:08:fa:d0:78:c4:4f:77:b2:6c:59:d6:
12:3a:41:f5:06:da:f3:68:f9:91:6e:58:7d:90:ae:c9:43:dc:
a9:0e:8d:e2:6b:9f:aa:07:10:f5:10:e8:c0:c9:fc:b1:73:45:
5e:88:34:4f:e7:0e:da:49:75:8a:e9:d3:68:41:1b:72:c3:f9:
61:3e:aa:1e:01:28:d0:cc:29:25:7a:5c:61:fa:ad:34:9a:94:
01:d1:7d:27:32:8c:94:92:98:45:cb:22:57:31:94:f2:a0:6b:
c5:b8:a9:36:c4:f2:e9:71:51:a1:d6:b0:ab:e0:35:2f:88:66:
6e:e4:26:dd:15:0d:c4:40:f2:f4:96:a1:74:11:d1:65:0b:4b:
17:13:d5:75:e9:7a:28:1d:16:03:52:1c:9a:83:ff:8a:41:b8:
72:1c:4d:a5:4c:e4:88:31:61:49:a6:04:74:8c:bb:88:b7:ca:
55:3b:e8:9c:8c:a1:8f:fd:9a:f1:b6:ff:b3:3a:57:f4:4d:d4:
86:8b:b9:e2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfu3xxvEMVBLZlzWk3u6iCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNzA5MTEwODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjI5YTg2NDNjMjFlMzk0ZTQ1YTJlYmJhOTI2YWQ5NDkyMzU2ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmQF73HhropsqNJQ8LitBE2AhM6Y
QJqeL5g15GrZ3yXPWe6JzJEOTtjW8lWEG6tcDMYQOuh9N8CgmW+zsWDTHOvvvS2N
acYHVO5SafWQxR6xeqU54JQ0xvUO7SQ4UIKVNto+nncIGOOOKaSjWwZbNiyU11Ga
AebhF6TMYUKZKKPLo158zQR+unbOmIudH/0jNCBZfrQmrq+378n41eDY+sUMcCz2
r6yAmeEGZDP7wfUsbgLJKogkh73anHukMODTXIXhBBhBXkU36hupavXpZnvz/ZZj
7z08W2Aeb/AyfcFJjHzzlDqkYv8CIxAPq1+cZoJPRVX97P4oWIriBlU1aQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFYpqGQ8IeOU5Fouu6kmrZSSNWh5MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvVmltb1pEd2g0NVRrV2k2N3FTYXRsSkkxYUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjJYIAwQA
jJYRMAwDBACSZ0UDBACSZ0YwDQYJKoZIhvcNAQELBQADggEBAKcyB1k7zh/YVAgR
0dYGgpPkV1J/PwspaiGnu52NM+qhOf2KXyd6p2leaLcRv/g/PcrA4157GIl3CjoR
gUYI+tB4xE93smxZ1hI6QfUG2vNo+ZFuWH2QrslD3KkOjeJrn6oHEPUQ6MDJ/LFz
RV6INE/nDtpJdYrp02hBG3LD+WE+qh4BKNDMKSV6XGH6rTSalAHRfScyjJSSmEXL
IlcxlPKga8W4qTbE8ulxUaHWsKvgNS+IZm7kJt0VDcRA8vSWoXQR0WULSxcT1XXp
eigdFgNSHJqD/4pBuHIcTaVM5IgxYUmmBHSMu4i3ylU76JyMoY/9mvG2/7M6V/RN
1IaLueI=
-----END CERTIFICATE-----
Generated at Mon Jul 28 01:07:10 2025 by rpki-client