Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VH8QK20zoazrn9p_89zomLcULQg.roa
File: VH8QK20zoazrn9p_89zomLcULQg.roa (raw, json)
Hash identifier: pptS2UyRLo0076Ca5F8RsGdYwbB788fcM68VL9PGOQs=
Subject key identifier: 54:7F:10:2B:6D:33:A1:AC:EB:9F:DA:7F:F3:DC:E8:98:B7:14:2D:08
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0194222030E64ADD641A44BC6B16BCC7532C
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VH8QK20zoazrn9p_89zomLcULQg.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:30:e6:4a:dd:64:1a:44:bc:6b:16:bc:c7:53:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=547f102b6d33a1aceb9fda7ff3dce898b7142d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4a:f8:e2:06:cf:8b:56:ce:04:e8:72:ac:4f:
e2:a2:42:74:75:f1:ce:7f:7d:d3:ad:03:24:09:74:
d5:3e:2a:d9:3e:55:0b:2a:cd:6a:3c:0b:fd:40:4a:
a7:cb:20:df:34:28:e0:8c:e0:b5:17:f5:1d:4c:81:
02:5f:63:ea:17:67:bf:05:ef:91:30:f2:0f:88:e1:
44:12:25:b7:05:07:d4:95:8d:61:9d:5e:e3:ad:e4:
5b:ff:ec:65:9c:3e:89:02:c8:b4:63:92:f3:54:3a:
bc:fb:ad:aa:a3:c1:56:30:43:bb:4a:cc:8e:85:05:
77:b1:fe:da:4c:14:dc:ff:8f:eb:93:05:3d:81:88:
28:64:c0:c0:cc:e4:49:72:04:d8:a1:d4:ca:b4:fe:
1c:97:a2:42:37:c3:74:0d:31:f3:7e:16:18:1e:79:
78:f7:28:0e:e9:60:43:79:93:3f:92:00:fc:b7:72:
76:ce:df:74:42:e5:18:dc:2a:5d:36:92:f4:eb:ea:
0c:cb:2d:0e:c2:b1:67:75:6f:93:bd:03:0c:04:65:
bb:82:6c:40:13:0e:42:f3:37:7c:60:d9:9b:37:f1:
bb:29:71:df:de:a7:9b:73:52:92:b5:97:9c:a3:ba:
ac:95:65:24:0e:59:79:9c:e2:f7:3a:27:3b:f6:08:
3b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7F:10:2B:6D:33:A1:AC:EB:9F:DA:7F:F3:DC:E8:98:B7:14:2D:08
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VH8QK20zoazrn9p_89zomLcULQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.9.0/24
45.148.244.0/24
78.40.116.0/23
93.185.167.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:eb:a2:d2:52:f1:e2:a8:68:e4:69:51:75:e8:ed:34:db:bd:
8d:8a:5a:55:6b:8b:da:18:e2:31:a9:cd:aa:ad:53:15:25:e0:
63:6a:c7:31:1b:78:79:07:d7:dc:e9:5d:94:22:f7:bd:a4:04:
85:4e:a3:94:9c:8c:62:fc:85:a0:d9:90:47:a0:ae:52:7c:29:
fb:87:d2:a5:ac:8d:23:cd:ac:9e:61:20:cb:f5:73:43:6d:30:
80:5c:ec:c3:7f:e1:38:43:7c:4a:ed:5a:5d:a1:64:7f:82:45:
91:4b:a3:7e:90:51:1d:ec:39:82:ee:3e:13:40:08:8a:82:d1:
48:8e:54:39:c6:89:2a:4e:ea:6b:ea:7f:0a:51:a5:f8:95:58:
55:a4:ff:0a:88:5d:1c:f2:cc:6a:33:c5:c4:ba:3e:c9:97:e1:
d7:68:5f:d8:ce:23:3a:cd:3e:93:cc:3e:e8:bf:65:54:f9:b1:
6e:99:dc:0f:2a:e5:76:3d:4c:c8:35:1c:9b:4e:66:f3:3f:76:
25:b2:0c:26:c8:9f:6a:57:8e:28:8d:db:5b:e7:67:35:b7:81:
81:22:b9:56:61:cb:72:34:70:aa:7e:76:55:ae:c5:7f:9e:41:
8f:7e:22:77:74:65:9d:56:b0:df:e0:94:5b:dc:2e:09:09:74:
21:b6:c6:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIDDmSt1kGkS8axa8x1MsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDdmMTAyYjZkMzNhMWFjZWI5ZmRhN2ZmM2RjZTg5OGI3MTQyZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0r44gbPi1bOBOhyrE/iokJ0dfHO
f33TrQMkCXTVPirZPlULKs1qPAv9QEqnyyDfNCjgjOC1F/UdTIECX2PqF2e/Be+R
MPIPiOFEEiW3BQfUlY1hnV7jreRb/+xlnD6JAsi0Y5LzVDq8+62qo8FWMEO7SsyO
hQV3sf7aTBTc/4/rkwU9gYgoZMDAzORJcgTYodTKtP4cl6JCN8N0DTHzfhYYHnl4
9ygO6WBDeZM/kgD8t3J2zt90QuUY3CpdNpL06+oMyy0OwrFndW+TvQMMBGW7gmxA
Ew5C8zd8YNmbN/G7KXHf3qebc1KStZeco7qslWUkDll5nOL3Oic79gg7WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFR/ECttM6Gs65/af/Pc6Ji3FC0IMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvVkg4UUsyMHpvYXpybjlwXzg5em9tTGNVTFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV0JAwQA
LZT0AwQBTih0AwQAXbmnMA0GCSqGSIb3DQEBCwUAA4IBAQDZ66LSUvHiqGjkaVF1
6O00272NilpVa4vaGOIxqc2qrVMVJeBjascxG3h5B9fc6V2UIve9pASFTqOUnIxi
/IWg2ZBHoK5SfCn7h9KlrI0jzayeYSDL9XNDbTCAXOzDf+E4Q3xK7VpdoWR/gkWR
S6N+kFEd7DmC7j4TQAiKgtFIjlQ5xokqTupr6n8KUaX4lVhVpP8KiF0c8sxqM8XE
uj7Jl+HXaF/YziM6zT6TzD7ov2VU+bFumdwPKuV2PUzINRybTmbzP3YlsgwmyJ9q
V44ojdtb52c1t4GBIrlWYctyNHCqfnZVrsV/nkGPfiJ3dGWdVrDf4JRb3C4JCXQh
tsbx
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:32 2025 by rpki-client