Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/vFfYVEKCcc2PyT6NhaZHTqsCyRc.roa
File: vFfYVEKCcc2PyT6NhaZHTqsCyRc.roa (raw, json)
Hash identifier: IviSD1XdrOD9s0OcxHYtTVilTBOr8uyUO7SjAFCSO3g=
Subject key identifier: BC:57:D8:54:42:82:71:CD:8F:C9:3E:8D:85:A6:47:4E:AB:02:C9:17
Certificate issuer: /CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Certificate serial: 0194982989B1EA66137BB441D2B9CB24B946
Authority key identifier: A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/vFfYVEKCcc2PyT6NhaZHTqsCyRc.roa
Signing time: Fri 24 Jan 2025 11:54:06 +0000
ROA not before: Fri 24 Jan 2025 11:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 93.115.103.0/24 maxlen: 24
185.253.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/qcxE1_HQ3Apavyd2SVth3kgZkl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/qcxE1_HQ3Apavyd2SVth3kgZkl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:29:89:b1:ea:66:13:7b:b4:41:d2:b9:cb:24:b9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Validity
Not Before: Jan 24 11:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc57d854428271cd8fc93e8d85a6474eab02c917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:54:94:da:9c:ea:aa:c9:d7:35:0e:7f:62:22:
8d:ff:23:58:92:42:d9:02:83:d9:3e:a5:34:f5:b7:
4c:9d:06:a0:d6:76:9d:28:ee:db:55:00:7e:c7:e1:
57:0e:d4:a1:43:8c:f9:34:b0:96:10:3b:d3:58:db:
d9:e0:b3:66:7c:9f:dc:ad:87:5f:a3:5c:fb:39:10:
6b:f2:0c:c6:a2:d1:7f:35:4f:d1:54:12:45:0a:8c:
df:1f:16:4e:52:bc:5f:e0:b3:16:8c:98:3e:49:f6:
2f:16:bc:9b:59:39:ca:6f:4f:5f:36:a2:3f:1e:30:
f3:11:b6:ec:7e:8e:14:53:e8:79:e2:90:0c:b9:bc:
e2:4c:06:41:b5:53:92:ef:f7:ca:f6:14:83:b7:3b:
b2:2c:cd:90:fa:32:e6:1b:a9:5a:00:1e:5a:3f:f1:
e8:2e:e3:06:ee:9f:99:7b:9e:92:e6:a6:8b:41:58:
14:76:48:da:19:0b:1e:fa:f7:31:5d:ff:f9:86:c0:
95:f7:35:8d:4d:8b:be:af:bc:ad:4a:53:f8:ad:4e:
42:dc:1f:4d:cb:ef:70:f9:2e:22:7e:64:94:6d:f3:
2b:30:7b:c5:31:3c:23:78:1e:92:09:79:0d:e5:95:
0b:72:62:15:af:ee:28:d0:a3:7d:86:ea:c4:02:4b:
60:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:57:D8:54:42:82:71:CD:8F:C9:3E:8D:85:A6:47:4E:AB:02:C9:17
X509v3 Authority Key Identifier:
keyid:A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/vFfYVEKCcc2PyT6NhaZHTqsCyRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/qcxE1_HQ3Apavyd2SVth3kgZkl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.103.0/24
185.253.9.0/24
Signature Algorithm: sha256WithRSAEncryption
97:07:e3:9d:5e:b1:d6:7f:5f:a0:28:c5:e8:14:02:cb:72:9d:
b7:06:da:4e:c5:8f:ea:ef:aa:80:3e:c1:99:ab:ac:3b:d5:d3:
17:28:8d:2a:6c:2a:2f:47:aa:ce:ea:99:f5:bf:ec:b1:63:e3:
c8:73:bb:dd:69:8c:91:ed:f5:53:20:f7:4a:43:08:28:6e:db:
12:03:91:e6:22:43:e6:52:f3:41:fd:6f:af:a9:ea:54:d9:d4:
07:52:37:53:67:cb:0c:a7:fe:64:d0:07:9f:0a:6b:3c:3a:f3:
d6:6c:69:91:6f:53:f3:9b:3b:43:70:6e:26:1d:27:5e:91:0b:
dd:b2:6a:10:7b:8b:42:ad:5a:fe:22:66:e8:58:ff:45:b2:aa:
1c:38:67:8b:75:69:a8:99:72:c5:c0:84:0d:68:a0:00:a8:a2:
bf:48:b6:38:ec:75:c1:d5:a5:e0:bd:84:87:c0:0e:62:21:b6:
eb:89:d8:58:1b:59:aa:ad:bd:fd:b6:07:4f:35:a7:29:a7:9c:
34:10:02:6b:41:72:0d:6c:ea:cd:85:e1:26:d5:a5:4f:26:fb:
f4:17:c7:4f:4d:1b:1d:9a:a0:1d:15:57:15:db:a9:88:77:ab:
fb:50:4f:d8:e9:4d:6b:e4:2f:ba:78:78:3e:0c:05:26:5f:ec:
c9:78:95:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSYKYmx6mYTe7RB0rnLJLlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Y2M0NGQ3ZjFkMGRjMGE1YWJmMjc3NjQ5NWI2MWRlNDgx
OTkyNWYwHhcNMjUwMTI0MTE1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU3ZDg1NDQyODI3MWNkOGZjOTNlOGQ4NWE2NDc0ZWFiMDJjOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVSU2pzqqsnXNQ5/YiKN/yNYkkLZ
AoPZPqU09bdMnQag1nadKO7bVQB+x+FXDtShQ4z5NLCWEDvTWNvZ4LNmfJ/crYdf
o1z7ORBr8gzGotF/NU/RVBJFCozfHxZOUrxf4LMWjJg+SfYvFrybWTnKb09fNqI/
HjDzEbbsfo4UU+h54pAMubziTAZBtVOS7/fK9hSDtzuyLM2Q+jLmG6laAB5aP/Ho
LuMG7p+Ze56S5qaLQVgUdkjaGQse+vcxXf/5hsCV9zWNTYu+r7ytSlP4rU5C3B9N
y+9w+S4ifmSUbfMrMHvFMTwjeB6SCXkN5ZULcmIVr+4o0KN9hurEAktgXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLxX2FRCgnHNj8k+jYWmR06rAskXMB8GA1UdIwQY
MBaAFKnMRNfx0NwKWr8ndklbYd5IGZJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWN4RTFfSFEzQXBhdnlkMlNWdGgza2daa2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kYWI4NjctYTU3OS00YTk1LWFlZjct
MTYxN2YzOGE2ZGZjLzEvdkZmWVZFS0NjYzJQeVQ2TmhhWkhUcXNDeVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kYWI4NjctYTU3OS00YTk1LWFlZjctMTYxN2YzOGE2ZGZj
LzEvcWN4RTFfSFEzQXBhdnlkMlNWdGgza2daa2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXNnAwQA
uf0JMA0GCSqGSIb3DQEBCwUAA4IBAQCXB+OdXrHWf1+gKMXoFALLcp23BtpOxY/q
76qAPsGZq6w71dMXKI0qbCovR6rO6pn1v+yxY+PIc7vdaYyR7fVTIPdKQwgobtsS
A5HmIkPmUvNB/W+vqepU2dQHUjdTZ8sMp/5k0AefCms8OvPWbGmRb1PzmztDcG4m
HSdekQvdsmoQe4tCrVr+ImboWP9FsqocOGeLdWmomXLFwIQNaKAAqKK/SLY47HXB
1aXgvYSHwA5iIbbridhYG1mqrb39tgdPNacpp5w0EAJrQXINbOrNheEm1aVPJvv0
F8dPTRsdmqAdFVcV26mId6v7UE/Y6U1r5C+6eHg+DAUmX+zJeJXe
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:10 2025 by rpki-client