Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/vlDfC43FHcefunPJngYR1WAZ7rA.roa
File: vlDfC43FHcefunPJngYR1WAZ7rA.roa (raw, json)
Hash identifier: az+OZ3tRKu13gj7aBFAWboRwowS41+dYdps7euT4uWg=
Subject key identifier: BE:50:DF:0B:8D:C5:1D:C7:9F:BA:73:C9:9E:06:11:D5:60:19:EE:B0
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0194266BF66205AB2549ACFC1D9CE00AD86D
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/vlDfC43FHcefunPJngYR1WAZ7rA.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204390
IP address blocks: 85.206.17.0/24 maxlen: 24
85.206.56.0/22 maxlen: 22
85.206.120.0/22 maxlen: 22
85.206.124.0/24 maxlen: 24
85.206.125.0/24 maxlen: 24
85.206.126.0/24 maxlen: 24
88.119.212.0/22 maxlen: 22
212.59.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f6:62:05:ab:25:49:ac:fc:1d:9c:e0:0a:d8:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be50df0b8dc51dc79fba73c99e0611d56019eeb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:35:17:3d:64:47:1b:f0:06:54:62:fd:92:
f3:3f:8a:02:5d:7c:12:5d:81:1b:e2:66:80:54:0d:
ab:b7:3e:9b:63:3d:74:5b:68:8d:6d:4a:64:98:91:
26:f4:6f:ca:a7:47:9b:02:a5:7e:a9:bf:42:30:6d:
0e:1b:43:1f:fa:5a:1f:2b:55:84:89:25:42:30:6f:
56:63:6d:7c:64:53:c6:64:c6:86:42:c0:e3:97:41:
ab:38:bc:21:b2:a7:e3:2a:e7:41:3a:ff:06:51:b3:
12:a3:95:7f:97:45:6d:b3:67:23:a4:10:82:f7:ae:
fc:01:27:c6:58:81:97:5c:fc:e8:03:d8:a1:1e:4e:
66:15:99:b9:24:8a:33:43:44:5d:17:08:5e:2c:c4:
fd:d7:67:5d:45:10:cb:6e:c5:49:cd:c8:ff:34:1f:
b8:df:93:30:e1:1b:a3:82:2c:7e:0b:86:b9:fe:a8:
8b:d9:5e:f5:6e:4f:2c:a6:3d:5b:4e:60:e0:3e:49:
c2:6c:12:da:9c:21:15:bf:de:42:5c:80:e6:0e:80:
d8:63:40:fc:95:5d:f3:bb:6e:d3:b2:f0:a8:0f:1a:
11:5b:26:a8:60:c7:f6:8b:de:f8:d4:46:29:c2:fc:
06:96:5d:44:71:93:0b:76:a0:61:ff:02:dc:8b:b9:
c2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:50:DF:0B:8D:C5:1D:C7:9F:BA:73:C9:9E:06:11:D5:60:19:EE:B0
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/vlDfC43FHcefunPJngYR1WAZ7rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.17.0/24
85.206.56.0/22
85.206.120.0-85.206.126.255
88.119.212.0/22
212.59.26.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:35:66:c2:26:78:08:fb:e7:1c:d8:34:14:20:12:c4:5b:f7:
a8:be:f4:87:03:2c:69:d1:e9:3f:02:0f:40:95:70:f6:e0:12:
cd:45:79:26:47:70:27:0f:28:3c:d2:3e:19:9b:79:9f:14:d5:
f0:7a:cd:8f:49:a3:98:1b:19:16:9e:10:5f:5d:6f:bc:80:24:
cd:7e:ec:e6:b6:e6:3f:85:f9:7b:94:c1:22:0c:df:ce:c2:89:
67:a8:10:a7:44:89:5e:2f:5e:eb:a7:dc:f3:5c:6f:ab:3b:d0:
cd:1b:a3:dd:e1:2b:a7:1b:61:d6:61:b1:f0:55:da:c0:63:1e:
7a:38:da:81:05:7f:a6:6d:09:65:a6:92:09:8e:f3:3c:fc:ce:
b4:ca:1b:d9:e2:ae:33:70:da:32:ee:28:50:23:00:e4:0c:fb:
cc:1c:85:bb:a1:8e:32:b7:1a:a7:17:6a:cb:51:fe:a0:bb:f4:
83:ab:16:a5:8d:27:23:5f:34:a0:10:7c:7c:09:16:5e:52:a6:
36:f0:76:b5:d6:3f:8e:7b:5e:cf:b4:49:ec:d4:50:ae:5e:1c:
24:7d:ac:2a:dc:c8:70:6f:25:76:8f:55:c5:96:f4:e6:bb:1a:
4c:62:9c:8b:3e:f3:da:8e:b0:29:6b:eb:55:18:2a:b2:74:33:
fc:97:1e:17
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQma/ZiBaslSaz8HZzgCthtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUwZGYwYjhkYzUxZGM3OWZiYTczYzk5ZTA2MTFkNTYwMTllZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy01Fz1kRxvwBlRi/ZLzP4oCXXwS
XYEb4maAVA2rtz6bYz10W2iNbUpkmJEm9G/Kp0ebAqV+qb9CMG0OG0Mf+lofK1WE
iSVCMG9WY218ZFPGZMaGQsDjl0GrOLwhsqfjKudBOv8GUbMSo5V/l0Vts2cjpBCC
9678ASfGWIGXXPzoA9ihHk5mFZm5JIozQ0RdFwheLMT912ddRRDLbsVJzcj/NB+4
35Mw4Rujgix+C4a5/qiL2V71bk8spj1bTmDgPknCbBLanCEVv95CXIDmDoDYY0D8
lV3zu27TsvCoDxoRWyaoYMf2i9741EYpwvwGll1EcZMLdqBh/wLci7nCCwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL5Q3wuNxR3Hn7pzyZ4GEdVgGe6wMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL3ZsRGZDNDNGSGNlZnVuUEpuZ1lSMVdBWjdyQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBABVzhED
BAJVzjgwDAMEA1XOeAMEAFXOfgMEAlh31AMEANQ7GjANBgkqhkiG9w0BAQsFAAOC
AQEAKzVmwiZ4CPvnHNg0FCASxFv3qL70hwMsadHpPwIPQJVw9uASzUV5JkdwJw8o
PNI+GZt5nxTV8HrNj0mjmBsZFp4QX11vvIAkzX7s5rbmP4X5e5TBIgzfzsKJZ6gQ
p0SJXi9e66fc81xvqzvQzRuj3eErpxth1mGx8FXawGMeejjagQV/pm0JZaaSCY7z
PPzOtMob2eKuM3DaMu4oUCMA5Az7zByFu6GOMrcapxdqy1H+oLv0g6sWpY0nI180
oBB8fAkWXlKmNvB2tdY/jntez7RJ7NRQrl4cJH2sKtzIcG8ldo9VxZb05rsaTGKc
iz7z2o6wKWvrVRgqsnQz/JceFw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:26:05 2025 by rpki-client