Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/VJDhHlJdPvak4BafWvKSjqu0x5Y.roa
File: VJDhHlJdPvak4BafWvKSjqu0x5Y.roa (raw, json)
Hash identifier: nlNMfRoUX8wlINCzPXW0U0t4hUPC9fTC82MR6ooVarI=
Subject key identifier: 54:90:E1:1E:52:5D:3E:F6:A4:E0:16:9F:5A:F2:92:8E:AB:B4:C7:96
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 019498D77CDC9C536840235F8A58E8AEE8B3
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/VJDhHlJdPvak4BafWvKSjqu0x5Y.roa
Signing time: Fri 24 Jan 2025 15:04:06 +0000
ROA not before: Fri 24 Jan 2025 15:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8849
IP address blocks: 5.42.206.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
109.122.200.0/23 maxlen: 23
109.122.207.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
2a06:f903:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:d7:7c:dc:9c:53:68:40:23:5f:8a:58:e8:ae:e8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 24 15:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5490e11e525d3ef6a4e0169f5af2928eabb4c796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:74:c2:cf:6a:5a:b2:27:bb:52:af:f0:c5:13:
5a:34:57:7d:fe:9e:33:c5:3d:43:94:c6:ee:38:d9:
05:a6:42:29:ae:73:e2:81:0c:38:2b:66:a0:23:f8:
84:04:54:69:62:a7:60:15:c6:3b:da:1f:9d:e1:18:
26:4b:5b:65:a8:c2:8c:ac:4d:49:dc:a2:c1:f3:29:
6d:b8:51:09:9b:0c:1c:93:77:27:9d:3c:a0:c0:3c:
c1:ee:4e:25:98:ad:5a:1c:88:f1:bc:d5:f5:c8:cb:
3a:69:42:80:d7:28:aa:fc:75:26:08:49:fe:cb:0f:
a3:b2:50:27:e7:01:75:3d:d7:1a:c7:ec:c8:bc:ac:
bd:05:8f:95:75:84:01:54:1a:6d:52:c6:82:b2:c3:
db:23:cd:52:26:e6:07:c0:7f:40:b5:12:7b:53:f1:
db:12:ec:de:4d:c7:17:bd:10:31:0e:7e:b0:d3:7b:
6e:d9:c8:1d:f4:a9:96:89:af:9d:90:01:2a:35:5a:
e4:62:ec:4b:94:d4:07:58:f0:82:0a:55:f9:f0:28:
5e:61:49:a9:f0:b9:bd:fa:dd:ec:48:e5:24:f4:65:
11:61:a9:ab:f1:b6:b0:9d:7e:d0:15:b6:8b:a4:d6:
f5:5e:fb:dd:2d:ae:a8:ed:6b:92:d3:3c:85:1e:5c:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:90:E1:1E:52:5D:3E:F6:A4:E0:16:9F:5A:F2:92:8E:AB:B4:C7:96
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/VJDhHlJdPvak4BafWvKSjqu0x5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.206.0/24
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
109.122.200.0/23
109.122.207.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
2a06:f903:4000::/36
Signature Algorithm: sha256WithRSAEncryption
53:6a:a4:26:85:19:e0:4a:9a:52:75:0b:2e:0f:ef:3e:32:cb:
ae:61:fc:73:53:dd:8c:be:c1:b5:17:9a:36:45:7d:af:11:61:
5a:45:80:27:ce:3e:21:8b:65:8a:c7:6c:49:3f:f8:52:73:eb:
d8:79:be:ed:72:c4:42:3d:0e:64:bc:e1:f9:f0:6e:db:97:64:
9c:04:3d:3b:e8:6e:b5:92:d4:d3:fe:5f:f7:7d:92:83:06:3d:
e5:1b:16:41:91:4d:19:a5:12:d8:9d:31:53:b9:a1:81:d0:ce:
44:7d:88:80:6b:46:07:9c:dd:e4:42:f8:f5:c5:ca:f1:05:98:
0d:ff:34:0a:ec:e0:96:0f:9c:6c:6d:d8:6f:9d:4d:3f:56:86:
c4:e8:34:b7:7a:d1:58:7f:10:44:0f:22:77:09:76:10:c6:69:
ef:65:f8:75:2d:7a:8f:58:0f:f2:38:0f:25:5f:f8:7d:99:9d:
cd:c0:a4:92:13:11:06:44:06:4c:58:6a:39:c9:ea:d6:82:ff:
11:a9:90:5c:95:53:b6:21:b5:cb:08:7b:8c:d5:0d:a3:e3:66:
73:fc:3b:28:c9:ed:13:4a:9c:6c:2e:09:8c:d0:f0:aa:6c:6d:
d1:4f:5e:e7:cf:70:fc:fd:c8:15:5d:b6:ca:50:6b:d7:4b:a2:
7e:1e:b7:72
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZSY13zcnFNoQCNfiljoruizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwMTI0MTUwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDkwZTExZTUyNWQzZWY2YTRlMDE2OWY1YWYyOTI4ZWFiYjRjNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnTCz2pasie7Uq/wxRNaNFd9/p4z
xT1DlMbuONkFpkIprnPigQw4K2agI/iEBFRpYqdgFcY72h+d4RgmS1tlqMKMrE1J
3KLB8yltuFEJmwwck3cnnTygwDzB7k4lmK1aHIjxvNX1yMs6aUKA1yiq/HUmCEn+
yw+jslAn5wF1Pdcax+zIvKy9BY+VdYQBVBptUsaCssPbI81SJuYHwH9AtRJ7U/Hb
EuzeTccXvRAxDn6w03tu2cgd9KmWia+dkAEqNVrkYuxLlNQHWPCCClX58CheYUmp
8Lm9+t3sSOUk9GURYamr8bawnX7QFbaLpNb1XvvdLa6o7WuS0zyFHlzmLwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFFSQ4R5SXT72pOAWn1ryko6rtMeWMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvVkpEaEhsSmRQdmFrNEJhZld2S1NqcXUweDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBiwQCAAEwgYQDBAAF
Ks4DBAAFLPkDBAAf3uIDBAA+ersDBAFY0iQDBAFZJKIDBABZKOIDBABbwFEDBAJf
rkQDBABnYVsDBAJnb3ADBABn/SQDBAFtesgDBABtes8DBACSE8QDBACe/0wDBACw
YcADBAG5jNIDBAC5kzUDBAC54PkDBAC55vUDBADBI+AwNgQCAAIwMAMGBCoG+QFA
AwYEKgb5AYADBgQqBvkBwAMGBCoG+QJAAwYEKgb5AoADBgQqBvkDQDANBgkqhkiG
9w0BAQsFAAOCAQEAU2qkJoUZ4EqaUnULLg/vPjLLrmH8c1PdjL7BtReaNkV9rxFh
WkWAJ84+IYtlisdsST/4UnPr2Hm+7XLEQj0OZLzh+fBu25dknAQ9O+hutZLU0/5f
932SgwY95RsWQZFNGaUS2J0xU7mhgdDORH2IgGtGB5zd5EL49cXK8QWYDf80Cuzg
lg+cbG3Yb51NP1aGxOg0t3rRWH8QRA8idwl2EMZp72X4dS16j1gP8jgPJV/4fZmd
zcCkkhMRBkQGTFhqOcnq1oL/EamQXJVTtiG1ywh7jNUNo+Nmc/w7KMntE0qcbC4J
jNDwqmxt0U9e589w/P3IFV22ylBr10uifh63cg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:14:55 2025 by rpki-client