Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VXTahQ-one-XIcxRCyO7zFaaHW4.roa
File: VXTahQ-one-XIcxRCyO7zFaaHW4.roa (raw, json)
Hash identifier: 9wmH2K29WomdroRCKpIbe9FiEEroezc5wL12LmLc3rY=
Subject key identifier: 55:74:DA:85:0F:A8:9D:EF:97:21:CC:51:0B:23:BB:CC:56:9A:1D:6E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685EE9556A6D1C748DC8B0D3100F53
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VXTahQ-one-XIcxRCyO7zFaaHW4.roa
Signing time: Wed 01 Jan 2025 05:48:18 +0000
ROA not before: Wed 01 Jan 2025 05:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400377
IP address blocks: 193.233.178.0/24 maxlen: 24
193.233.180.0/24 maxlen: 24
193.233.181.0/24 maxlen: 24
193.233.182.0/24 maxlen: 24
193.233.183.0/24 maxlen: 24
193.233.184.0/24 maxlen: 24
193.233.185.0/24 maxlen: 24
193.233.186.0/24 maxlen: 24
193.233.189.0/24 maxlen: 24
193.233.190.0/24 maxlen: 24
193.233.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5e:e9:55:6a:6d:1c:74:8d:c8:b0:d3:10:0f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5574da850fa89def9721cc510b23bbcc569a1d6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a9:35:9b:78:74:e4:2b:13:db:50:99:e6:9e:
28:11:4c:98:4b:03:3b:d7:7b:4b:c6:4a:2a:11:fc:
f9:b5:cb:4a:01:41:b3:31:d4:6a:3a:62:45:61:40:
fd:6e:a4:6e:b4:b2:5e:aa:96:1c:72:e0:76:cc:ec:
02:0a:8d:34:6c:d8:3b:a8:a3:0d:18:98:05:3f:89:
f1:6b:65:1e:37:27:58:b6:e7:2f:65:02:aa:eb:97:
b9:06:95:c8:18:23:8f:7f:29:b0:ca:f1:c6:24:a5:
32:58:b2:02:7f:83:a7:35:c7:49:5b:1e:90:2c:8e:
14:9a:b9:c7:c6:71:1e:12:62:cb:0f:d0:dc:ab:10:
f8:37:35:f0:ae:0a:a4:35:c5:32:f2:24:0d:d5:aa:
29:6c:0c:a8:0d:fd:60:47:26:9d:c6:09:3a:76:1d:
37:44:85:bd:02:54:95:b2:6a:27:f5:ec:dc:be:34:
55:9c:64:7a:d0:08:53:7e:15:06:6b:5d:cd:a1:4e:
f2:30:44:d8:37:cd:43:4a:64:29:e9:f3:44:21:a9:
aa:3a:1b:c8:c5:02:64:bc:fa:b3:8c:1c:d7:43:51:
14:01:fe:1b:5a:a2:e8:ce:6a:bd:82:5c:3f:2c:51:
e0:5d:b7:85:03:25:99:05:d3:ab:2d:7a:51:c1:34:
9f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:74:DA:85:0F:A8:9D:EF:97:21:CC:51:0B:23:BB:CC:56:9A:1D:6E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/VXTahQ-one-XIcxRCyO7zFaaHW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.178.0/24
193.233.180.0-193.233.186.255
193.233.189.0-193.233.191.255
Signature Algorithm: sha256WithRSAEncryption
08:ae:63:91:06:d5:ea:02:fb:6c:05:f7:56:d5:ea:0d:85:2f:
bd:90:1b:5f:0c:e4:21:98:f2:eb:0e:95:ec:48:9f:c1:8d:9b:
4b:eb:53:25:73:8e:2e:9f:01:48:87:d8:0f:17:d0:0d:e9:8a:
04:5b:d8:67:27:f0:a5:92:31:9d:25:21:9f:66:31:57:d7:9b:
c8:08:67:6f:11:03:1e:79:f8:d1:b1:56:e4:c4:f5:87:18:19:
91:9d:b9:ff:73:2f:3f:1e:1e:af:0c:67:89:02:6b:37:9b:7b:
27:a8:c4:82:bc:d9:e3:04:74:66:4a:1f:1a:65:8a:e9:ce:b2:
3b:dc:42:4c:39:aa:c8:e4:8e:01:d3:8d:59:d3:75:29:ce:23:
64:26:45:c7:9b:ad:cf:78:4d:01:ae:69:7c:cf:d3:e2:07:b4:
66:b5:fd:29:cb:dc:0c:45:25:89:af:7f:45:b8:46:31:24:f4:
d1:61:4b:8d:74:15:d8:ac:b9:3f:c3:7d:79:04:26:8d:73:ea:
06:86:e0:e0:07:4e:de:9d:10:fe:91:5e:78:e1:05:d3:f9:b5:
ac:c3:41:3b:f6:64:36:23:ed:7e:68:95:b9:8c:9f:cf:b6:70:
3c:c6:67:28:44:bd:20:ce:52:93:77:7c:ef:00:fe:8c:b4:06:
2b:d5:5e:7e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaF7pVWptHHSNyLDTEA9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc0ZGE4NTBmYTg5ZGVmOTcyMWNjNTEwYjIzYmJjYzU2OWExZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6k1m3h05CsT21CZ5p4oEUyYSwM7
13tLxkoqEfz5tctKAUGzMdRqOmJFYUD9bqRutLJeqpYccuB2zOwCCo00bNg7qKMN
GJgFP4nxa2UeNydYtucvZQKq65e5BpXIGCOPfymwyvHGJKUyWLICf4OnNcdJWx6Q
LI4UmrnHxnEeEmLLD9DcqxD4NzXwrgqkNcUy8iQN1aopbAyoDf1gRyadxgk6dh03
RIW9AlSVsmon9ezcvjRVnGR60AhTfhUGa13NoU7yMETYN81DSmQp6fNEIamqOhvI
xQJkvPqzjBzXQ1EUAf4bWqLozmq9glw/LFHgXbeFAyWZBdOrLXpRwTSfEwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFV02oUPqJ3vlyHMUQsju8xWmh1uMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVlhUYWhRLW9uZS1YSWN4UkN5Tzd6RmFhSFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAwemyMAwD
BALB6bQDBADB6bowDAMEAMHpvQMEBsHpgDANBgkqhkiG9w0BAQsFAAOCAQEACK5j
kQbV6gL7bAX3VtXqDYUvvZAbXwzkIZjy6w6V7EifwY2bS+tTJXOOLp8BSIfYDxfQ
DemKBFvYZyfwpZIxnSUhn2YxV9ebyAhnbxEDHnn40bFW5MT1hxgZkZ25/3MvPx4e
rwxniQJrN5t7J6jEgrzZ4wR0ZkofGmWK6c6yO9xCTDmqyOSOAdONWdN1Kc4jZCZF
x5utz3hNAa5pfM/T4ge0ZrX9KcvcDEUlia9/RbhGMST00WFLjXQV2Ky5P8N9eQQm
jXPqBobg4AdO3p0Q/pFeeOEF0/m1rMNBO/ZkNiPtfmiVuYyfz7ZwPMZnKES9IM5S
k3d87wD+jLQGK9Vefg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:57 2025 by rpki-client