Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/vnS2dkqLHJApAGgrfb1yxQg5Jvg.roa
File: vnS2dkqLHJApAGgrfb1yxQg5Jvg.roa (raw, json)
Hash identifier: wDj9+aTT61+lEBUErhb+uIeUYdZ236kEqpOIZXINNpg=
Subject key identifier: BE:74:B6:76:4A:8B:1C:90:29:00:68:2B:7D:BD:72:C5:08:39:26:F8
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 01942748468ED9025E49818D3D2D8BFA5EB4
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/vnS2dkqLHJApAGgrfb1yxQg5Jvg.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 85.203.32.0/24 maxlen: 24
85.203.45.0/24 maxlen: 24
85.203.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:46:8e:d9:02:5e:49:81:8d:3d:2d:8b:fa:5e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be74b6764a8b1c902900682b7dbd72c5083926f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:40:e5:ac:73:56:aa:33:00:12:23:b8:04:
00:ee:74:a0:40:68:b1:f3:5a:4f:24:53:65:fb:d0:
b1:93:0d:b2:b9:83:a5:55:06:1f:40:0a:38:bd:a9:
c2:6d:cf:54:bd:b1:64:68:f6:2b:5a:06:cf:33:ac:
0a:17:cd:3f:4e:91:e5:52:06:bc:c0:f9:6f:ec:d7:
e5:e0:3d:dd:f4:71:7a:8e:a1:2d:77:10:86:4b:1c:
d5:5e:2a:ba:99:f0:f1:ff:dc:6f:65:b5:d0:b9:28:
75:88:8f:50:7a:04:3b:25:ac:10:2b:bb:7f:58:fc:
77:c5:43:78:96:48:a3:06:86:4c:12:92:ca:07:c2:
21:93:dd:51:8c:24:ff:36:37:d6:04:d4:20:ed:b4:
2f:12:b4:87:3b:5f:e5:06:ab:d8:0c:de:80:97:bb:
99:19:90:cc:66:ba:93:d7:a8:1b:3d:4e:22:b1:e2:
d7:46:3c:32:cc:e5:eb:3a:3e:a0:fe:54:33:8d:9d:
84:2b:42:7d:cd:23:84:1d:9e:4c:55:44:90:54:b5:
1a:40:aa:b7:ad:81:71:4b:73:20:2a:4a:62:74:6e:
a8:2d:4d:82:c6:f8:38:76:fc:c3:5d:d6:a6:21:49:
50:52:14:a6:fe:77:31:d1:64:41:78:0d:98:95:0f:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:74:B6:76:4A:8B:1C:90:29:00:68:2B:7D:BD:72:C5:08:39:26:F8
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/vnS2dkqLHJApAGgrfb1yxQg5Jvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.32.0/24
85.203.45.0/24
85.203.54.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:ae:ac:b6:65:e0:10:f0:99:a5:37:fa:27:f9:9c:ab:8d:3f:
21:d2:56:31:5b:84:20:83:69:da:86:16:c5:29:87:4e:80:be:
79:79:94:9b:44:14:13:74:82:ee:fa:d8:49:87:ce:a0:c8:8d:
eb:a6:ef:45:c1:38:91:37:23:29:cb:24:e0:95:10:91:50:a4:
b8:8f:ea:cc:55:1e:4d:57:32:c6:ca:68:35:50:00:58:45:d5:
04:8d:af:99:4d:63:5c:6b:1d:17:33:c5:fd:02:d6:b3:b9:a9:
fd:4d:5d:f8:fc:56:86:7c:d4:03:ec:66:4f:8a:fe:06:cd:49:
e6:ac:f8:27:0c:af:9a:6c:24:4e:8f:4d:07:08:8d:bd:8c:b3:
f3:ac:8f:44:95:46:89:a6:f3:34:19:2c:3c:e5:c4:ef:8b:f7:
16:87:98:9e:64:fa:f7:69:a7:10:60:52:c1:fe:e8:99:ab:27:
32:17:b7:d9:fc:f4:96:07:66:eb:25:a0:af:a5:cd:86:19:c1:
b3:ab:ac:1e:7f:d2:ce:e8:25:fd:05:7a:73:94:60:c9:5c:49:
7e:ab:cc:72:5d:c0:25:b9:77:6b:7f:2f:25:fe:8b:90:7e:0f:
5c:87:60:c9:8b:9e:a9:38:55:d1:80:3a:94:cc:a0:6b:72:31:
ca:82:7c:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSEaO2QJeSYGNPS2L+l60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc0YjY3NjRhOGIxYzkwMjkwMDY4MmI3ZGJkNzJjNTA4MzkyNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgpA5axzVqozABIjuAQA7nSgQGix
81pPJFNl+9Cxkw2yuYOlVQYfQAo4vanCbc9UvbFkaPYrWgbPM6wKF80/TpHlUga8
wPlv7Nfl4D3d9HF6jqEtdxCGSxzVXiq6mfDx/9xvZbXQuSh1iI9QegQ7JawQK7t/
WPx3xUN4lkijBoZMEpLKB8Ihk91RjCT/NjfWBNQg7bQvErSHO1/lBqvYDN6Al7uZ
GZDMZrqT16gbPU4iseLXRjwyzOXrOj6g/lQzjZ2EK0J9zSOEHZ5MVUSQVLUaQKq3
rYFxS3MgKkpidG6oLU2Cxvg4dvzDXdamIUlQUhSm/ncx0WRBeA2YlQ+i5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL50tnZKixyQKQBoK329csUIOSb4MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvdm5TMmRrcUxISkFwQUdncmZiMXl4UWc1SnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsgAwQA
VcstAwQAVcs2MA0GCSqGSIb3DQEBCwUAA4IBAQB+rqy2ZeAQ8JmlN/on+ZyrjT8h
0lYxW4Qgg2nahhbFKYdOgL55eZSbRBQTdILu+thJh86gyI3rpu9FwTiRNyMpyyTg
lRCRUKS4j+rMVR5NVzLGymg1UABYRdUEja+ZTWNcax0XM8X9Atazuan9TV34/FaG
fNQD7GZPiv4GzUnmrPgnDK+abCROj00HCI29jLPzrI9ElUaJpvM0GSw85cTvi/cW
h5ieZPr3aacQYFLB/uiZqycyF7fZ/PSWB2brJaCvpc2GGcGzq6wef9LO6CX9BXpz
lGDJXEl+q8xyXcAluXdrfy8l/ouQfg9ch2DJi56pOFXRgDqUzKBrcjHKgnzp
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:09:16 2025 by rpki-client