Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/vnLI7k4bxMUqTt_BNXGL9AWKllg.roa
File: vnLI7k4bxMUqTt_BNXGL9AWKllg.roa (raw, json)
Hash identifier: xvHvA365LrFdV5I9RvHfYl/MGU4RcjLJnC1Y25FDuEo=
Subject key identifier: BE:72:C8:EE:4E:1B:C4:C5:2A:4E:DF:C1:35:71:8B:F4:05:8A:96:58
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01951D514E5B9FC70383E0B8C53A992C8283
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/vnLI7k4bxMUqTt_BNXGL9AWKllg.roa
Signing time: Wed 19 Feb 2025 08:27:02 +0000
ROA not before: Wed 19 Feb 2025 08:27:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48309
IP address blocks: 31.25.104.0/22 maxlen: 22
31.25.108.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
37.191.64.0/20 maxlen: 24
37.191.80.0/22 maxlen: 24
37.191.84.0/23 maxlen: 24
37.191.86.0/24 maxlen: 24
37.191.92.0/22 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.144.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:51:4e:5b:9f:c7:03:83:e0:b8:c5:3a:99:2c:82:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Feb 19 08:27:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be72c8ee4e1bc4c52a4edfc135718bf4058a9658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:63:20:a1:46:36:12:e0:56:4f:05:82:c3:86:
48:f2:04:d1:f5:cc:dd:48:31:4c:09:44:c7:f4:9e:
53:49:ad:cc:ca:06:1b:ed:31:95:75:d2:27:14:73:
23:7e:bf:b2:ab:fa:02:ed:82:0f:53:58:23:af:e8:
e5:2b:d9:6b:ef:b9:ae:45:83:db:5a:94:5c:97:b3:
a1:b7:e3:63:25:a2:61:2d:bd:54:6c:e4:77:87:13:
e4:ed:be:61:d6:10:8a:58:dc:74:72:83:99:22:77:
9f:a5:d1:84:67:67:99:4d:83:48:f5:63:31:31:fb:
4d:8f:c4:ef:5c:86:86:4b:f0:d8:13:c9:f3:80:6f:
e9:c3:58:f1:c8:b7:3e:1b:07:a8:1a:21:3e:bd:72:
39:cf:24:11:02:0a:d3:06:c3:da:8c:d8:00:ae:31:
a8:46:af:d7:d1:c5:1e:70:12:97:ff:aa:25:3b:97:
62:e0:2d:e0:c0:08:6b:4b:08:ac:ad:1e:d1:25:81:
4c:a4:e5:7c:ec:9f:b1:a9:d8:eb:76:02:ad:36:d5:
30:a7:29:fa:66:e7:2f:34:18:c8:5f:9e:7a:0a:64:
be:9b:bf:a3:64:b2:e9:84:d0:ca:a7:7e:9b:b2:88:
56:4a:a7:9a:ee:af:1c:d5:17:cd:c6:3c:26:eb:96:
0b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:72:C8:EE:4E:1B:C4:C5:2A:4E:DF:C1:35:71:8B:F4:05:8A:96:58
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/vnLI7k4bxMUqTt_BNXGL9AWKllg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0-37.191.86.255
37.191.92.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.157.255
188.136.159.0-188.136.173.255
188.136.187.0/24
188.136.189.0-188.136.191.255
188.136.196.0/24
188.136.210.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:7d:dd:d1:0d:f6:54:1e:94:03:4c:db:37:d7:3c:19:6f:e2:
35:94:8b:f1:35:94:a2:64:5a:2c:56:b7:ce:d1:0a:32:29:a5:
ba:a7:b7:73:79:b7:5c:58:49:9e:dd:a0:56:15:47:dc:01:b3:
43:4f:ad:64:b7:ea:88:3a:0a:93:53:2e:fd:62:59:0a:30:c3:
d1:6a:54:4a:b0:b6:00:52:08:a4:2e:cd:66:f7:d2:d1:bc:b3:
a4:28:8e:94:61:b6:9f:ac:f4:be:71:ec:76:af:90:8f:34:bb:
20:14:40:c9:99:e5:bc:62:cf:dc:03:44:b4:74:e0:d0:69:a5:
c6:dc:b7:b6:95:b3:73:9e:c4:09:df:91:c3:4b:4f:1b:8f:6b:
e6:12:b6:0d:fe:2a:8c:74:b7:4a:b2:27:0a:e0:6b:0d:87:af:
df:c1:fc:48:9c:fa:9e:3a:c0:70:e3:d3:09:02:6a:0f:76:20:
71:6e:64:a6:80:6d:98:63:41:47:32:24:a6:db:b2:29:ec:e1:
b3:6b:d3:2f:17:35:b8:bf:fd:af:9c:54:29:ac:29:96:0c:4d:
02:23:07:9b:c8:5c:07:1b:cf:55:5e:91:8c:12:0e:e3:2d:55:
82:38:66:b6:53:e9:f6:c1:5d:9e:a3:72:b8:93:4b:c1:9a:96:
51:45:73:fd
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZUdUU5bn8cDg+C4xTqZLIKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjUwMjE5MDgyNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcyYzhlZTRlMWJjNGM1MmE0ZWRmYzEzNTcxOGJmNDA1OGE5NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2MgoUY2EuBWTwWCw4ZI8gTR9czd
SDFMCUTH9J5TSa3MygYb7TGVddInFHMjfr+yq/oC7YIPU1gjr+jlK9lr77muRYPb
WpRcl7Oht+NjJaJhLb1UbOR3hxPk7b5h1hCKWNx0coOZInefpdGEZ2eZTYNI9WMx
MftNj8TvXIaGS/DYE8nzgG/pw1jxyLc+GweoGiE+vXI5zyQRAgrTBsPajNgArjGo
Rq/X0cUecBKX/6olO5di4C3gwAhrSwisrR7RJYFMpOV87J+xqdjrdgKtNtUwpyn6
ZucvNBjIX556CmS+m7+jZLLphNDKp36bsohWSqea7q8c1RfNxjwm65YL9QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFL5yyO5OG8TFKk7fwTVxi/QFipZYMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvdm5MSTdrNGJ4TVVxVHRfQk5YR0w5QVdLbGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAx8ZaDAM
AwQGJb9AAwQAJb9WAwQCJb9cAwQDvIiAMAwDBAK8iIwDBAK8iJAwDAMEALyIlQME
AbyInDAMAwQAvIifAwQBvIisAwQAvIi7MAwDBAC8iL0DBAa8iIADBAC8iMQDBAG8
iNIwDQYJKoZIhvcNAQELBQADggEBAFt93dEN9lQelANM2zfXPBlv4jWUi/E1lKJk
WixWt87RCjIppbqnt3N5t1xYSZ7doFYVR9wBs0NPrWS36og6CpNTLv1iWQoww9Fq
VEqwtgBSCKQuzWb30tG8s6QojpRhtp+s9L5x7HavkI80uyAUQMmZ5bxiz9wDRLR0
4NBppcbct7aVs3OexAnfkcNLTxuPa+YStg3+Kox0t0qyJwrgaw2Hr9/B/Eic+p46
wHDj0wkCag92IHFuZKaAbZhjQUcyJKbbsins4bNr0y8XNbi//a+cVCmsKZYMTQIj
B5vIXAcbz1VekYwSDuMtVYI4ZrZT6fbBXZ6jcriTS8GallFFc/0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:18 2025 by rpki-client