Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/VuQJMzsFIREp6bcpzuh2KiinwdM.roa
File: VuQJMzsFIREp6bcpzuh2KiinwdM.roa (raw, json)
Hash identifier: h5bgZWq9bx9jHDxasYLYkys54j2HtJgByCCvySMD0lM=
Subject key identifier: 56:E4:09:33:3B:05:21:11:29:E9:B7:29:CE:E8:76:2A:28:A7:C1:D3
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 019424B26C6379906CFE71B110B7FBEFD8BC
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/VuQJMzsFIREp6bcpzuh2KiinwdM.roa
Signing time: Thu 02 Jan 2025 01:47:40 +0000
ROA not before: Thu 02 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12338
IP address blocks: 85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 14:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6c:63:79:90:6c:fe:71:b1:10:b7:fb:ef:d8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Jan 2 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56e409333b05211129e9b729cee8762a28a7c1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7b:d4:d3:81:c9:74:2e:8f:34:ad:3c:7a:79:
30:0d:d6:a4:70:34:d0:dd:35:cb:0f:50:19:6e:18:
f7:5a:d8:a9:8b:53:65:e2:6b:58:20:7e:77:13:a7:
a3:21:d4:d4:83:9a:83:48:27:15:79:f2:16:7f:9c:
97:41:bb:c0:d7:be:22:17:af:42:51:ee:77:7a:47:
75:07:74:2e:f2:a5:43:13:49:ce:58:ae:ef:ca:06:
3f:80:19:bf:52:05:ad:05:50:43:83:84:d4:14:9c:
d2:6b:39:8b:ac:a9:3e:3c:a1:a8:c4:f2:dd:00:af:
fb:f0:7a:7a:b1:30:d7:17:db:fa:0e:73:3c:c2:95:
32:2d:3e:ec:4b:76:df:91:44:23:29:41:4c:fb:e6:
75:a1:aa:5b:62:69:86:69:f0:0f:a5:88:cd:4b:87:
53:51:71:99:3b:05:37:e8:3d:f9:3e:4b:1f:93:9b:
45:3d:67:16:ba:c7:3e:16:cf:d6:88:5a:73:b6:3e:
0e:4b:f3:d5:25:ba:e6:a5:14:2c:74:8e:68:8a:d0:
d7:a9:25:30:8b:67:e3:ee:e5:22:72:2f:37:f2:e9:
3c:e2:a5:c9:bb:fd:47:3d:98:6b:bb:85:7f:ca:07:
64:0e:19:5a:0e:d5:92:79:b2:65:10:ee:64:9c:28:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E4:09:33:3B:05:21:11:29:E9:B7:29:CE:E8:76:2A:28:A7:C1:D3
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/VuQJMzsFIREp6bcpzuh2KiinwdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.152.104.0/22
85.152.124.0/22
188.171.234.0/24
188.171.240.0/20
Signature Algorithm: sha256WithRSAEncryption
34:ac:90:54:93:32:11:12:3f:de:17:08:7b:ea:57:2a:1c:b4:
c2:bf:62:61:c1:22:8b:b4:e3:22:02:94:8f:36:ec:75:2e:85:
44:1c:3f:57:77:db:63:d0:a8:af:ea:ca:dd:be:f8:1c:0e:cb:
f8:e3:9b:ea:cd:32:0d:df:05:e1:72:8f:68:ce:e5:2e:62:c3:
ca:23:d2:20:ab:bc:a0:aa:ac:d4:92:2e:7b:61:df:bf:20:8a:
8a:a8:17:a3:72:93:46:28:b4:ea:1c:df:ad:6e:12:f0:a6:5b:
c2:be:7d:46:d0:ef:ec:76:fb:8c:ee:c5:7d:4d:63:d5:40:ff:
e5:ec:c5:bf:7e:c3:1d:43:8c:14:1e:75:60:c3:71:c1:c5:5e:
bb:c5:bc:8d:ec:a3:3f:35:1c:e9:69:49:da:72:40:ff:71:ca:
b3:56:d1:a9:6b:8f:83:6c:28:c0:b1:e9:e9:ea:88:80:e1:66:
2f:cb:74:09:c9:6d:06:bb:06:96:f6:2d:bd:67:f2:0f:29:26:
75:c5:85:67:f3:bb:7a:d6:3b:54:99:83:80:ce:9e:f9:46:c9:
6d:2e:81:60:1c:47:b3:d5:65:41:1f:30:36:b5:ca:1a:16:06:
45:09:e9:94:7f:ca:43:e9:e2:39:c9:16:b6:f4:c7:77:e4:a8:
11:99:b7:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksmxjeZBs/nGxELf779i8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwMTAyMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmU0MDkzMzNiMDUyMTExMjllOWI3MjljZWU4NzYyYTI4YTdjMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHvU04HJdC6PNK08enkwDdakcDTQ
3TXLD1AZbhj3Wtipi1Nl4mtYIH53E6ejIdTUg5qDSCcVefIWf5yXQbvA174iF69C
Ue53ekd1B3Qu8qVDE0nOWK7vygY/gBm/UgWtBVBDg4TUFJzSazmLrKk+PKGoxPLd
AK/78Hp6sTDXF9v6DnM8wpUyLT7sS3bfkUQjKUFM++Z1oapbYmmGafAPpYjNS4dT
UXGZOwU36D35Pksfk5tFPWcWusc+Fs/WiFpztj4OS/PVJbrmpRQsdI5oitDXqSUw
i2fj7uUici838uk84qXJu/1HPZhru4V/ygdkDhlaDtWSebJlEO5knCh8OwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFbkCTM7BSERKem3Kc7odioop8HTMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvVnVRSk16c0ZJUkVwNmJjcHp1aDJLaWlud2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVZhoAwQC
VZh8AwQAvKvqAwQEvKvwMA0GCSqGSIb3DQEBCwUAA4IBAQA0rJBUkzIREj/eFwh7
6lcqHLTCv2JhwSKLtOMiApSPNux1LoVEHD9Xd9tj0Kiv6srdvvgcDsv445vqzTIN
3wXhco9ozuUuYsPKI9Igq7ygqqzUki57Yd+/IIqKqBejcpNGKLTqHN+tbhLwplvC
vn1G0O/sdvuM7sV9TWPVQP/l7MW/fsMdQ4wUHnVgw3HBxV67xbyN7KM/NRzpaUna
ckD/ccqzVtGpa4+DbCjAsenp6oiA4WYvy3QJyW0GuwaW9i29Z/IPKSZ1xYVn87t6
1jtUmYOAzp75RsltLoFgHEez1WVBHzA2tcoaFgZFCemUf8pD6eI5yRa29Md35KgR
mbdz
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:13:20 2025 by rpki-client