Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/vhpsA1QTyqlbOgTgwwiSOvjLosU.roa
File: vhpsA1QTyqlbOgTgwwiSOvjLosU.roa (raw, json)
Hash identifier: oOzCVm5vsYLrY+U1GpoNLtBM7Fbrqb31l0clRbwWzyA=
Subject key identifier: BE:1A:6C:03:54:13:CA:A9:5B:3A:04:E0:C3:08:92:3A:F8:CB:A2:C5
Certificate issuer: /CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Certificate serial: 01941F8C4023CB4720CB622F74577ADEA56D
Authority key identifier: D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/vhpsA1QTyqlbOgTgwwiSOvjLosU.roa
Signing time: Wed 01 Jan 2025 01:47:52 +0000
ROA not before: Wed 01 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57508
IP address blocks: 91.220.110.0/24 maxlen: 24
185.221.232.0/22 maxlen: 22
2001:67c:2aac::/48 maxlen: 48
2a0c:7000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/08DVsQa4GpKSTqK8UTn7te4Rht0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/08DVsQa4GpKSTqK8UTn7te4Rht0.mft
rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:40:23:cb:47:20:cb:62:2f:74:57:7a:de:a5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Validity
Not Before: Jan 1 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be1a6c035413caa95b3a04e0c308923af8cba2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:33:42:8a:dd:40:82:14:1f:1c:59:51:07:13:
de:e6:79:11:c5:2c:c5:78:9b:56:b0:a6:65:83:2d:
fa:62:05:91:f3:04:6d:12:b4:dd:87:f6:12:a5:91:
9e:8e:82:bc:bb:96:d4:23:7a:f4:ad:d5:82:bc:48:
5e:6a:85:40:6b:5d:75:21:0a:26:23:64:b7:e2:86:
f9:c0:e5:ac:ce:4a:1f:6c:d7:1e:57:da:fa:25:fa:
5f:4c:27:17:e0:ad:19:dd:b9:a9:9d:58:75:fd:1c:
6b:ff:6c:c4:2d:fc:97:5a:0d:d0:1a:c5:d3:41:05:
18:cf:d8:4c:ca:6b:0f:e6:db:2f:d5:b4:00:51:15:
03:5b:4f:6c:12:77:26:ec:9a:04:92:ee:d4:49:04:
db:e3:c6:2d:14:22:91:5e:47:d7:b5:4a:21:c4:36:
56:ca:d9:4f:03:a2:7f:12:8d:3c:d4:8c:22:02:05:
81:3e:b5:78:41:0b:b2:dc:4f:70:b0:7b:0b:c0:17:
fb:50:3d:a6:27:ea:29:ec:f3:8b:0f:59:82:5a:cb:
61:9d:69:2c:97:0c:ec:dd:a6:53:3f:d5:3b:ad:59:
59:50:a6:d6:10:5e:f3:b6:c5:bf:d8:34:48:9a:e7:
05:7b:bd:1e:50:5b:29:60:e8:48:38:88:aa:73:6f:
c8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1A:6C:03:54:13:CA:A9:5B:3A:04:E0:C3:08:92:3A:F8:CB:A2:C5
X509v3 Authority Key Identifier:
keyid:D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/vhpsA1QTyqlbOgTgwwiSOvjLosU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/08DVsQa4GpKSTqK8UTn7te4Rht0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.110.0/24
185.221.232.0/22
IPv6:
2001:67c:2aac::/48
2a0c:7000::/29
Signature Algorithm: sha256WithRSAEncryption
3d:8d:88:24:7b:c1:36:1a:a4:b4:d9:7f:98:b4:88:b9:24:93:
ad:27:8d:db:c6:31:2c:32:ce:fe:bf:a7:ef:88:4f:27:3f:5b:
eb:28:8e:4b:69:00:7b:0f:56:87:0e:ba:3d:6f:f4:a0:49:03:
27:e5:60:0e:72:62:99:e7:35:0a:11:9c:1f:bf:ad:b0:df:5d:
e4:51:24:f2:da:7d:5b:eb:ae:e6:2c:e6:eb:1e:dd:cf:a4:e8:
03:f9:d8:4c:3e:40:a8:53:49:3d:e0:00:a3:8a:63:aa:d1:fa:
26:92:f0:16:ae:23:e1:ba:24:c2:04:b4:0b:10:e2:d3:ee:f7:
bc:9b:25:6e:21:63:7d:f7:78:df:cf:e5:37:e5:0e:df:46:5d:
d4:54:3e:ed:8f:e7:f5:32:1e:e4:14:c0:48:cb:d8:37:92:72:
59:8c:d3:93:b8:1e:be:92:37:83:8f:7a:46:9e:6c:2b:94:e3:
72:ae:98:9d:0f:0b:7a:ec:38:39:1e:2a:cb:d6:7d:d8:3d:bc:
41:8d:32:4f:bd:0d:df:54:54:8b:31:d6:fd:4a:31:fb:e4:64:
ca:45:ae:7e:b5:08:fc:14:6b:08:c6:5c:aa:22:4a:72:92:63:
de:fd:68:c4:de:87:36:28:b4:09:c9:0d:8f:8f:33:cc:ff:57:
2f:86:b0:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfjEAjy0cgy2IvdFd63qVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzBkNWIxMDZiODFhOTI5MjRlYTJiYzUxMzlmYmI1ZWUx
MTg2ZGQwHhcNMjUwMTAxMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhNmMwMzU0MTNjYWE5NWIzYTA0ZTBjMzA4OTIzYWY4Y2JhMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDNCit1AghQfHFlRBxPe5nkRxSzF
eJtWsKZlgy36YgWR8wRtErTdh/YSpZGejoK8u5bUI3r0rdWCvEheaoVAa111IQom
I2S34ob5wOWszkofbNceV9r6JfpfTCcX4K0Z3bmpnVh1/Rxr/2zELfyXWg3QGsXT
QQUYz9hMymsP5tsv1bQAURUDW09sEncm7JoEku7USQTb48YtFCKRXkfXtUohxDZW
ytlPA6J/Eo081IwiAgWBPrV4QQuy3E9wsHsLwBf7UD2mJ+op7POLD1mCWsthnWks
lwzs3aZTP9U7rVlZUKbWEF7ztsW/2DRImucFe70eUFspYOhIOIiqc2/IcQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL4abANUE8qpWzoE4MMIkjr4y6LFMB8GA1UdIwQY
MBaAFNPA1bEGuBqSkk6ivFE5+7XuEYbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYt
YmM1MTA0YTM4NWUyLzEvdmhwc0ExUVR5cWxiT2dUZ3d3aVNPdmpMb3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYtYmM1MTA0YTM4NWUy
LzEvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9xuAwQC
ud3oMBYEAgACMBADBwAgAQZ8KqwDBQMqDHAAMA0GCSqGSIb3DQEBCwUAA4IBAQA9
jYgke8E2GqS02X+YtIi5JJOtJ43bxjEsMs7+v6fviE8nP1vrKI5LaQB7D1aHDro9
b/SgSQMn5WAOcmKZ5zUKEZwfv62w313kUSTy2n1b667mLObrHt3PpOgD+dhMPkCo
U0k94ACjimOq0fomkvAWriPhuiTCBLQLEOLT7ve8myVuIWN993jfz+U35Q7fRl3U
VD7tj+f1Mh7kFMBIy9g3knJZjNOTuB6+kjeDj3pGnmwrlONyrpidDwt67Dg5HirL
1n3YPbxBjTJPvQ3fVFSLMdb9SjH75GTKRa5+tQj8FGsIxlyqIkpykmPe/WjE3oc2
KLQJyQ2PjzPM/1cvhrBN
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:48 2025 by rpki-client