Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/vGVdVq8hdcgYOOwvQpQi11D_qiw.roa
File: vGVdVq8hdcgYOOwvQpQi11D_qiw.roa (raw, json)
Hash identifier: iQlK6cWHkzaqE5q+G2UFXVrwyzgfQi2PnU7FDy9+VZI=
Subject key identifier: BC:65:5D:56:AF:21:75:C8:18:38:EC:2F:42:94:22:D7:50:FF:AA:2C
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 01970B7F81F9514F1DBEAED6414008126B4D
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/vGVdVq8hdcgYOOwvQpQi11D_qiw.roa
Signing time: Mon 26 May 2025 07:29:55 +0000
ROA not before: Mon 26 May 2025 07:29:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 31.210.19.0/24 maxlen: 24
45.86.176.0/22 maxlen: 24
86.58.208.0/21 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
185.54.180.0/22 maxlen: 24
193.148.20.0/22 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:7f:81:f9:51:4f:1d:be:ae:d6:41:40:08:12:6b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: May 26 07:29:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc655d56af2175c81838ec2f429422d750ffaa2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8f:69:b5:b3:86:95:b2:7b:88:a1:50:d4:df:
53:19:bb:89:37:8f:2c:48:06:ab:4d:da:ea:89:f8:
6d:5f:38:eb:05:19:0c:04:1f:00:e4:77:8b:9a:20:
22:33:8b:08:78:03:af:cc:b9:c8:dc:e7:c0:95:4e:
b1:ee:4a:cc:a8:c6:a4:d5:6e:32:d9:a4:ce:52:f3:
8d:13:1c:fe:65:81:84:83:b0:92:9d:f7:d8:73:e9:
9e:dd:bc:ed:5b:0a:81:31:7b:30:09:7e:38:fd:57:
a2:b7:46:b9:f3:93:76:a5:3b:cc:31:f9:9f:53:ad:
17:dc:82:30:78:26:8b:9e:b6:25:d6:a1:10:17:16:
df:ca:f9:07:04:19:d6:30:3a:20:f0:2a:13:50:4c:
81:81:b2:83:ce:34:31:d9:91:a0:d3:09:39:76:fd:
78:19:b3:65:b4:e7:a3:97:c3:f8:3c:5d:af:f2:bf:
c2:3e:8d:0f:0c:e9:05:04:07:e3:7f:7b:ee:ff:14:
7d:ff:58:26:67:24:4e:58:1b:04:14:bc:7a:51:ee:
38:a0:4d:f0:6e:8c:7c:ba:59:09:7f:0e:95:96:63:
1d:68:75:8d:13:36:96:9b:28:8b:29:00:d2:41:0c:
df:7f:d8:6e:19:05:0c:76:ac:bd:7f:6a:2c:46:90:
ab:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:65:5D:56:AF:21:75:C8:18:38:EC:2F:42:94:22:D7:50:FF:AA:2C
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/vGVdVq8hdcgYOOwvQpQi11D_qiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.19.0/24
45.86.176.0/22
86.58.208.0/21
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
c7:0d:09:82:02:41:0a:62:61:76:22:c6:9f:ae:9c:b5:f1:78:
d2:51:df:75:27:93:64:f3:d9:f7:97:da:61:1a:78:55:30:de:
db:2a:cc:aa:81:a0:20:22:62:48:4f:8c:6e:a3:26:df:d2:17:
ec:c5:40:63:f2:89:20:a3:8c:38:1a:4f:6b:53:d8:42:dd:4d:
3d:3b:0b:47:38:57:78:b5:7e:c2:84:35:2e:54:38:5e:ab:12:
a0:6d:e1:36:4f:c2:fa:c2:9e:5c:40:05:e6:c8:80:42:9f:91:
3e:ef:aa:1e:f8:f1:eb:28:c6:1b:63:7d:42:66:9b:2b:96:fe:
7c:a7:c5:0e:50:91:04:22:fc:f2:9d:f6:0a:5a:79:9b:b0:13:
3d:6d:d8:32:e4:d7:5b:29:52:2c:4e:3b:ec:c9:56:9f:6c:47:
67:9e:cb:e8:ff:1f:2a:d1:82:f2:a4:5b:5d:9f:b1:73:cd:94:
59:dd:94:73:e4:04:11:c8:5d:a5:07:5d:69:5d:46:b4:65:59:
ec:cf:a6:b0:65:75:74:ad:10:16:4f:92:e9:4e:6c:65:7c:c4:
04:f7:4c:e7:1e:ac:ea:32:0c:a3:f1:88:a4:bd:cd:71:44:59:
8f:b3:bf:71:d9:ec:9d:66:58:70:de:97:65:ef:43:b9:c6:03:
c3:8b:a9:d0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcLf4H5UU8dvq7WQUAIEmtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjUwNTI2MDcyOTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzY1NWQ1NmFmMjE3NWM4MTgzOGVjMmY0Mjk0MjJkNzUwZmZhYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY9ptbOGlbJ7iKFQ1N9TGbuJN48s
SAarTdrqifhtXzjrBRkMBB8A5HeLmiAiM4sIeAOvzLnI3OfAlU6x7krMqMak1W4y
2aTOUvONExz+ZYGEg7CSnffYc+me3bztWwqBMXswCX44/Veit0a585N2pTvMMfmf
U60X3IIweCaLnrYl1qEQFxbfyvkHBBnWMDog8CoTUEyBgbKDzjQx2ZGg0wk5dv14
GbNltOejl8P4PF2v8r/CPo0PDOkFBAfjf3vu/xR9/1gmZyROWBsEFLx6Ue44oE3w
box8ulkJfw6VlmMdaHWNEzaWmyiLKQDSQQzff9huGQUMdqy9f2osRpCrAQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLxlXVavIXXIGDjsL0KUItdQ/6osMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvdkdWZFZxOGhkY2dZT093dlFwUWkxMURfcWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAH9ITAwQC
LVawAwQDVjrQAwQCXVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZg
MA0GCSqGSIb3DQEBCwUAA4IBAQDHDQmCAkEKYmF2Isafrpy18XjSUd91J5Nk89n3
l9phGnhVMN7bKsyqgaAgImJIT4xuoybf0hfsxUBj8okgo4w4Gk9rU9hC3U09OwtH
OFd4tX7ChDUuVDheqxKgbeE2T8L6wp5cQAXmyIBCn5E+76oe+PHrKMYbY31CZpsr
lv58p8UOUJEEIvzynfYKWnmbsBM9bdgy5NdbKVIsTjvsyVafbEdnnsvo/x8q0YLy
pFtdn7FzzZRZ3ZRz5AQRyF2lB11pXUa0ZVnsz6awZXV0rRAWT5LpTmxlfMQE90zn
HqzqMgyj8Yikvc1xRFmPs79x2eydZlhw3pdl70O5xgPDi6nQ
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:13:17 2025 by rpki-client