Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VSGIwYQehl_3MWsxwYGqc263KzU.roa
File: VSGIwYQehl_3MWsxwYGqc263KzU.roa (raw, json)
Hash identifier: IZb9r3DDViYZBnWLB2VXoRpiD21o90cBNaSxPzLHo44=
Subject key identifier: 55:21:88:C1:84:1E:86:5F:F7:31:6B:31:C1:81:AA:73:6E:B7:2B:35
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197A7FB196199EB13AA6CE89D233A6A4A75
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VSGIwYQehl_3MWsxwYGqc263KzU.roa
Signing time: Wed 25 Jun 2025 16:45:40 +0000
ROA not before: Wed 25 Jun 2025 16:45:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.86.14.0/24 maxlen: 24
45.133.220.0/24 maxlen: 24
45.133.221.0/24 maxlen: 24
45.133.222.0/24 maxlen: 24
45.133.223.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
185.99.98.0/24 maxlen: 24
185.99.99.0/24 maxlen: 24
185.126.67.0/24 maxlen: 24
193.5.250.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 20:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:fb:19:61:99:eb:13:aa:6c:e8:9d:23:3a:6a:4a:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 25 16:45:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=552188c1841e865ff7316b31c181aa736eb72b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:fb:39:f9:03:d2:86:ce:71:99:7a:e5:76:
d4:8e:83:c8:74:a0:4c:93:fe:95:dd:20:e2:ec:8f:
d4:05:cd:7d:0a:94:4e:3d:e3:f5:33:5f:7a:f4:41:
ad:43:d8:ac:18:cd:47:ed:66:56:2d:4f:cd:da:b2:
53:62:7d:a4:33:78:26:ea:77:98:ef:22:91:67:1e:
60:15:d1:84:66:4b:90:7a:99:97:3c:3c:47:c3:bc:
6a:75:50:be:3f:0b:0c:0a:15:9c:ca:a0:3b:56:d0:
01:9d:d9:df:68:9a:9f:2d:29:e8:08:c8:ff:94:6e:
d9:cc:da:17:63:ac:cd:fb:5f:6f:f0:3a:a3:5d:ab:
8f:71:7f:51:b3:8a:eb:81:6e:1d:ea:17:24:22:60:
57:15:43:72:26:93:c7:df:87:a0:47:77:ba:30:f1:
10:63:4b:a1:44:8e:b8:a5:b1:38:13:54:27:d5:06:
d2:56:f8:9e:71:b9:9c:d7:bb:ec:d7:74:95:08:92:
9e:52:a9:b7:d3:47:d9:f3:7e:11:c5:aa:7e:c0:2c:
a7:db:85:1f:40:52:5c:47:b4:5b:7d:bb:e0:ce:03:
8f:90:4b:52:97:e0:5f:60:b2:fa:76:1b:bf:7d:76:
e0:2f:80:0d:31:8a:8e:6a:d7:a1:9a:77:ea:4c:9c:
d4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:21:88:C1:84:1E:86:5F:F7:31:6B:31:C1:81:AA:73:6E:B7:2B:35
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VSGIwYQehl_3MWsxwYGqc263KzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.86.14.0/24
45.133.220.0/22
45.152.203.0/24
185.99.98.0/23
185.126.67.0/24
193.5.250.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
50:24:42:5f:01:e0:ba:3d:6c:9b:7e:5b:18:9e:ba:f6:cf:dc:
87:57:13:a4:be:30:83:62:b4:67:46:50:6e:2a:0e:3e:e3:4c:
bb:6a:d9:7f:d3:10:ca:06:4f:17:90:b8:48:91:36:98:e0:09:
93:67:82:49:37:d6:dd:eb:7c:17:ad:0f:c1:57:58:bf:7d:be:
de:df:b5:e7:2a:aa:a1:f5:df:f0:88:39:7b:89:05:de:ec:72:
c5:a4:4a:aa:5b:7c:5d:a2:24:dd:87:7e:19:88:0b:fb:31:a4:
0c:7b:d5:93:d3:39:62:5e:2a:4f:df:5a:a8:ca:3f:4c:e9:43:
05:ba:ff:b3:99:c6:72:de:9e:de:bc:2b:a8:2d:7b:79:c8:4b:
3b:99:14:ca:b7:74:39:42:83:8f:23:e9:b7:77:6f:e0:51:40:
ad:c3:5f:57:0c:64:4f:06:84:9f:cd:82:55:a2:53:d3:e0:e6:
e6:e1:f2:2e:45:dd:5d:5b:e3:b0:bb:37:00:38:10:3e:a5:d9:
6c:d1:ab:20:85:9e:eb:b5:60:78:4c:a7:ce:78:c8:fa:84:bc:
12:9c:94:6f:8e:20:21:b3:e5:c6:79:f4:b7:f1:c6:94:45:e7:
77:38:47:fa:fa:cf:46:b9:53:ba:e9:70:bc:85:53:3d:22:ef:
71:f3:d1:b1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZen+xlhmesTqmzonSM6akp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjI1MTY0NTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIxODhjMTg0MWU4NjVmZjczMTZiMzFjMTgxYWE3MzZlYjcyYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6T7OfkD0obOcZl65XbUjoPIdKBM
k/6V3SDi7I/UBc19CpROPeP1M1969EGtQ9isGM1H7WZWLU/N2rJTYn2kM3gm6neY
7yKRZx5gFdGEZkuQepmXPDxHw7xqdVC+PwsMChWcyqA7VtABndnfaJqfLSnoCMj/
lG7ZzNoXY6zN+19v8DqjXauPcX9Rs4rrgW4d6hckImBXFUNyJpPH34egR3e6MPEQ
Y0uhRI64pbE4E1Qn1QbSVviecbmc17vs13SVCJKeUqm300fZ834Rxap+wCyn24Uf
QFJcR7RbfbvgzgOPkEtSl+BfYLL6dhu/fXbgL4ANMYqOatehmnfqTJzUXQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFUhiMGEHoZf9zFrMcGBqnNutys1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVlNHSXdZUWVobF8zTVdzeHdZR3FjMjYzS3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAAjhmAwQA
AjsXAwQALVYOAwQCLYXcAwQALZjLAwQBuWNiAwQAuX5DAwQAwQX6AwQAwSf0MA0E
AgACMAcDBQMqD0oAMA0GCSqGSIb3DQEBCwUAA4IBAQBQJEJfAeC6PWybflsYnrr2
z9yHVxOkvjCDYrRnRlBuKg4+40y7atl/0xDKBk8XkLhIkTaY4AmTZ4JJN9bd63wX
rQ/BV1i/fb7e37XnKqqh9d/wiDl7iQXe7HLFpEqqW3xdoiTdh34ZiAv7MaQMe9WT
0zliXipP31qoyj9M6UMFuv+zmcZy3p7evCuoLXt5yEs7mRTKt3Q5QoOPI+m3d2/g
UUCtw19XDGRPBoSfzYJVolPT4Obm4fIuRd1dW+OwuzcAOBA+pdls0asghZ7rtWB4
TKfOeMj6hLwSnJRvjiAhs+XGefS38caURed3OEf6+s9GuVO66XC8hVM9Iu9x89Gx
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:12:49 2025 by rpki-client