Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/vhowbyAk5Rh70uoSE00L17bmBWw.roa
File: vhowbyAk5Rh70uoSE00L17bmBWw.roa (raw, json)
Hash identifier: BWCvKLZnXJi7kB8pBa3EtqBdHPmAZ8d1B0Q3jz/KOuk=
Subject key identifier: BE:1A:30:6F:20:24:E5:18:7B:D2:EA:12:13:4D:0B:D7:B6:E6:05:6C
Certificate issuer: /CN=374cc2ffd769c18e5e6f0dfc9a0ea74fb3f8c108
Certificate serial: 0195D7A11310CE82D0098DABDFF8A23910C5
Authority key identifier: 37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/vhowbyAk5Rh70uoSE00L17bmBWw.roa
Signing time: Thu 27 Mar 2025 12:43:32 +0000
ROA not before: Thu 27 Mar 2025 12:43:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53589
IP address blocks: 85.236.152.0/21 maxlen: 24
185.22.108.0/22 maxlen: 24
185.22.111.0/24 maxlen: 24
185.221.180.0/22 maxlen: 24
209.16.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:a1:13:10:ce:82:d0:09:8d:ab:df:f8:a2:39:10:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374cc2ffd769c18e5e6f0dfc9a0ea74fb3f8c108
Validity
Not Before: Mar 27 12:43:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be1a306f2024e5187bd2ea12134d0bd7b6e6056c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:5a:0e:ea:4c:3d:88:5a:e2:1f:d9:25:7e:
c9:77:72:3c:39:24:cf:7a:d7:95:51:a5:df:be:1f:
b5:6e:ed:0d:bf:02:bb:ce:22:bb:b5:af:d8:35:58:
57:95:32:3a:cb:76:b3:7e:9a:6f:44:31:f3:1a:fd:
62:6d:35:16:21:b7:38:22:44:28:f5:ca:a9:ac:a5:
eb:1e:6f:aa:36:86:14:f4:52:76:ae:46:a8:0b:6d:
f6:ec:7e:e7:4d:fb:58:e3:2b:c0:f5:9d:ae:19:ef:
78:72:94:99:11:db:00:ee:87:f2:50:9f:e1:9a:0b:
f9:98:7e:72:ef:a2:a9:84:06:fa:0c:5a:2d:6c:09:
4c:92:54:27:e2:47:d4:be:ce:b4:e8:86:13:62:fe:
56:62:3f:1a:1d:b2:b5:64:b8:2e:09:dc:56:1a:4f:
5a:fb:0e:9f:e1:f1:e0:b7:53:d2:66:be:26:14:eb:
d2:75:a7:fb:37:38:9c:83:7b:e2:de:64:e7:12:2c:
14:2e:d8:4e:cb:18:9f:61:4e:a6:86:c2:ec:ef:35:
e6:8d:ec:b4:68:e1:a5:4e:96:7a:e9:f8:14:c3:d7:
e8:81:f3:4c:8e:da:dd:00:bb:f0:61:82:83:05:24:
af:5b:25:4d:38:9b:29:a5:00:63:bd:b1:8f:29:c5:
56:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1A:30:6F:20:24:E5:18:7B:D2:EA:12:13:4D:0B:D7:B6:E6:05:6C
X509v3 Authority Key Identifier:
keyid:37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/vhowbyAk5Rh70uoSE00L17bmBWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.236.152.0/21
185.22.108.0/22
185.221.180.0/22
209.16.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:0b:36:a6:fa:06:c3:b3:6e:7f:78:de:8a:80:3a:46:f7:f9:
50:31:10:ff:96:a2:82:06:a8:f4:51:4a:99:10:45:e8:28:b6:
98:d2:f9:bf:30:82:9f:20:7f:89:ea:58:f6:a3:ef:e7:d7:e4:
a2:88:7a:ae:4c:5d:9f:ab:b2:b7:53:e5:23:f0:02:9a:a1:d9:
11:0c:2e:4a:7b:2d:22:8d:2a:ec:93:ec:64:c7:c1:a0:78:dd:
fa:dc:39:24:cf:86:ea:8a:b9:20:48:b5:6a:14:de:4f:ed:ff:
5b:7e:36:c3:44:89:0b:b4:4f:79:17:0c:a9:76:1f:8c:20:a3:
9a:c9:88:b8:b5:c2:85:df:7b:e7:c7:f7:25:89:1f:3e:90:d7:
47:96:1c:0e:19:64:bd:f1:52:6f:a6:c6:80:9b:a8:03:f7:89:
57:d0:48:b9:f2:99:b5:18:f5:d4:90:5c:a2:00:0d:50:6d:61:
8a:5b:e2:27:d0:5d:2d:03:56:c2:75:ed:fa:fa:46:10:fa:29:
19:36:f7:52:e0:46:a3:ec:65:7f:82:09:b3:f4:73:d4:9a:fb:
0c:5a:08:e9:81:5f:bb:34:63:81:d6:1e:a8:19:7d:ea:f6:73:
67:ea:0d:66:02:af:fa:0f:69:1e:75:09:41:5f:ad:90:69:21:
fc:f4:2d:af
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXXoRMQzoLQCY2r3/iiORDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGNjMmZmZDc2OWMxOGU1ZTZmMGRmYzlhMGVhNzRmYjNm
OGMxMDgwHhcNMjUwMzI3MTI0MzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhMzA2ZjIwMjRlNTE4N2JkMmVhMTIxMzRkMGJkN2I2ZTYwNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3RaDupMPYha4h/ZJX7Jd3I8OSTP
eteVUaXfvh+1bu0NvwK7ziK7ta/YNVhXlTI6y3azfppvRDHzGv1ibTUWIbc4IkQo
9cqprKXrHm+qNoYU9FJ2rkaoC2327H7nTftY4yvA9Z2uGe94cpSZEdsA7ofyUJ/h
mgv5mH5y76KphAb6DFotbAlMklQn4kfUvs606IYTYv5WYj8aHbK1ZLguCdxWGk9a
+w6f4fHgt1PSZr4mFOvSdaf7Nzicg3vi3mTnEiwULthOyxifYU6mhsLs7zXmjey0
aOGlTpZ66fgUw9fogfNMjtrdALvwYYKDBSSvWyVNOJsppQBjvbGPKcVW+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL4aMG8gJOUYe9LqEhNNC9e25gVsMB8GA1UdIwQY
MBaAFDdMwv/XacGOXm8N/JoOp0+z+MEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB6Q185ZHB3WTVlYnczOG1nNm5UN1A0d1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNGM1YTMtMmEzMS00Yjg1LTg0MGUt
MjY4MDZlYzM1YzIwLzEvdmhvd2J5QWs1Umg3MHVvU0UwMEwxN2JtQld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNGM1YTMtMmEzMS00Yjg1LTg0MGUtMjY4MDZlYzM1YzIw
LzEvTjB6Q185ZHB3WTVlYnczOG1nNm5UN1A0d1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDVeyYAwQC
uRZsAwQCud20AwQA0RCeMA0GCSqGSIb3DQEBCwUAA4IBAQA7Czam+gbDs25/eN6K
gDpG9/lQMRD/lqKCBqj0UUqZEEXoKLaY0vm/MIKfIH+J6lj2o+/n1+SiiHquTF2f
q7K3U+Uj8AKaodkRDC5Key0ijSrsk+xkx8GgeN363Dkkz4bqirkgSLVqFN5P7f9b
fjbDRIkLtE95Fwypdh+MIKOayYi4tcKF33vnx/cliR8+kNdHlhwOGWS98VJvpsaA
m6gD94lX0Ei58pm1GPXUkFyiAA1QbWGKW+In0F0tA1bCde36+kYQ+ikZNvdS4Eaj
7GV/ggmz9HPUmvsMWgjpgV+7NGOB1h6oGX3q9nNn6g1mAq/6D2kedQlBX62QaSH8
9C2v
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:14:59 2025 by rpki-client