Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/VF4oENC3ROv0PkRYyOKz5znS7Lw.roa
File: VF4oENC3ROv0PkRYyOKz5znS7Lw.roa (raw, json)
Hash identifier: VANb10DSIL8eOlHbsJ6So28/QiKbnVdpu6HtPHf6lTg=
Subject key identifier: 54:5E:28:10:D0:B7:44:EB:F4:3E:44:58:C8:E2:B3:E7:39:D2:EC:BC
Certificate issuer: /CN=4044fd1980ba01788a353a26fef8954ed7c11f96
Certificate serial: 0196435B661BC8DC4023A74768AFEBBC81C6
Authority key identifier: 40:44:FD:19:80:BA:01:78:8A:35:3A:26:FE:F8:95:4E:D7:C1:1F:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QET9GYC6AXiKNTom_viVTtfBH5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/VF4oENC3ROv0PkRYyOKz5znS7Lw.roa
Signing time: Thu 17 Apr 2025 10:46:25 +0000
ROA not before: Thu 17 Apr 2025 10:46:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62365
IP address blocks: 80.249.116.0/22 maxlen: 22
139.28.0.0/22 maxlen: 22
141.98.144.0/22 maxlen: 22
155.133.200.0/21 maxlen: 21
155.133.208.0/20 maxlen: 20
185.38.48.0/22 maxlen: 22
185.202.180.0/22 maxlen: 22
185.206.240.0/22 maxlen: 22
2a00:fda0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/QET9GYC6AXiKNTom_viVTtfBH5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/QET9GYC6AXiKNTom_viVTtfBH5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/QET9GYC6AXiKNTom_viVTtfBH5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:5b:66:1b:c8:dc:40:23:a7:47:68:af:eb:bc:81:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4044fd1980ba01788a353a26fef8954ed7c11f96
Validity
Not Before: Apr 17 10:46:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=545e2810d0b744ebf43e4458c8e2b3e739d2ecbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:76:ad:7d:c2:84:a7:27:fc:37:59:3c:e9:39:
8d:f7:54:8a:84:ed:ac:df:1f:99:00:7b:00:b1:10:
72:c5:72:5e:5e:50:df:0b:0c:cc:65:02:78:39:6b:
20:d4:86:47:e9:38:b5:6c:82:ac:3c:1c:d3:e7:ea:
17:fe:3c:42:c0:5d:10:54:2b:24:ba:e7:e4:a1:01:
98:02:35:97:fc:a6:02:76:ef:76:2d:3d:62:9b:25:
35:b2:91:9c:8b:7f:36:79:f0:ac:91:7d:50:1c:f1:
38:91:4d:1e:3e:a5:b9:9f:77:92:e0:c5:c8:93:e4:
0e:3c:17:4a:2d:b5:42:f4:c5:20:4c:82:cf:07:78:
4f:f4:51:7b:5b:4f:89:a8:0d:d7:45:d9:fa:d9:3c:
9a:31:b7:92:95:74:9f:50:dc:d3:35:8a:a5:dd:ca:
f7:53:51:46:ad:7f:b9:3a:b1:d9:7d:8d:19:f7:60:
00:46:65:49:3f:fe:6d:41:2a:dd:08:e3:cb:b7:bf:
dc:8a:fb:ca:f4:b8:9d:a3:ea:5c:19:7f:81:ce:6e:
30:e4:9d:ac:a6:c0:74:32:3e:7b:93:2e:36:a7:e1:
0b:7a:ed:3e:f5:35:32:44:f7:71:e9:29:a3:b5:bf:
5c:b0:a5:82:a6:da:64:66:8b:b0:18:76:b7:cd:3f:
8a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5E:28:10:D0:B7:44:EB:F4:3E:44:58:C8:E2:B3:E7:39:D2:EC:BC
X509v3 Authority Key Identifier:
keyid:40:44:FD:19:80:BA:01:78:8A:35:3A:26:FE:F8:95:4E:D7:C1:1F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QET9GYC6AXiKNTom_viVTtfBH5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/VF4oENC3ROv0PkRYyOKz5znS7Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/15b16a-f76b-41a4-88bc-91cf616d2c52/1/QET9GYC6AXiKNTom_viVTtfBH5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.116.0/22
139.28.0.0/22
141.98.144.0/22
155.133.200.0-155.133.223.255
185.38.48.0/22
185.202.180.0/22
185.206.240.0/22
IPv6:
2a00:fda0::/32
Signature Algorithm: sha256WithRSAEncryption
c5:cf:2d:96:d5:98:68:33:01:70:82:0e:0f:a7:9f:82:94:39:
20:cb:3b:d6:5e:f6:5c:b8:1e:1f:6e:67:51:03:ae:d0:03:94:
db:1f:90:29:25:d7:7c:e1:3b:59:63:03:29:53:1f:2d:d4:50:
84:72:75:57:ad:cb:c4:88:e0:07:8f:c5:d4:14:a2:bb:3f:cc:
3e:70:94:99:49:0f:35:75:cf:9c:c3:4b:81:64:1b:f2:d5:13:
b1:24:cf:18:60:bf:14:27:cb:43:1b:4a:bb:8d:ef:73:b7:16:
39:b3:81:94:5e:ca:57:aa:58:55:26:4f:7d:5c:0f:12:d4:4c:
12:4d:cf:9b:12:f3:72:38:f3:e8:59:5d:ae:92:25:f5:08:4b:
80:46:95:63:d0:2e:d0:1f:83:47:20:73:cc:ae:db:c4:87:aa:
b3:24:5c:4b:cf:d9:7c:63:aa:12:e2:61:77:9e:ee:51:4c:8b:
87:11:b3:7b:03:b6:f5:00:40:7e:3d:e7:71:0f:77:5d:65:01:
60:b4:a0:be:80:36:16:42:55:49:6b:d4:5f:15:be:75:d5:bf:
01:af:82:c6:c2:75:00:5b:05:2c:ba:35:a3:40:33:61:b5:1f:
d0:39:c8:96:95:21:b0:7b:66:9b:2e:cb:22:84:74:01:2e:a7:
41:5f:85:b1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZZDW2YbyNxAI6dHaK/rvIHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDRmZDE5ODBiYTAxNzg4YTM1M2EyNmZlZjg5NTRlZDdj
MTFmOTYwHhcNMjUwNDE3MTA0NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVlMjgxMGQwYjc0NGViZjQzZTQ0NThjOGUyYjNlNzM5ZDJlY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6natfcKEpyf8N1k86TmN91SKhO2s
3x+ZAHsAsRByxXJeXlDfCwzMZQJ4OWsg1IZH6Ti1bIKsPBzT5+oX/jxCwF0QVCsk
uufkoQGYAjWX/KYCdu92LT1imyU1spGci382efCskX1QHPE4kU0ePqW5n3eS4MXI
k+QOPBdKLbVC9MUgTILPB3hP9FF7W0+JqA3XRdn62TyaMbeSlXSfUNzTNYql3cr3
U1FGrX+5OrHZfY0Z92AARmVJP/5tQSrdCOPLt7/civvK9Lido+pcGX+Bzm4w5J2s
psB0Mj57ky42p+ELeu0+9TUyRPdx6Smjtb9csKWCptpkZouwGHa3zT+KWwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFFReKBDQt0Tr9D5EWMjis+c50uy8MB8GA1UdIwQY
MBaAFEBE/RmAugF4ijU6Jv74lU7XwR+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVUOUdZQzZBWGlLTlRvbV92aVZUdGZCSDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNWIxNmEtZjc2Yi00MWE0LTg4YmMt
OTFjZjYxNmQyYzUyLzEvVkY0b0VOQzNST3YwUGtSWXlPS3o1em5TN0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNWIxNmEtZjc2Yi00MWE0LTg4YmMtOTFjZjYxNmQyYzUy
LzEvUUVUOUdZQzZBWGlLTlRvbV92aVZUdGZCSDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCUPl0AwQC
ixwAAwQCjWKQMAwDBAObhcgDBAWbhcADBAK5JjADBAK5yrQDBAK5zvAwDQQCAAIw
BwMFACoA/aAwDQYJKoZIhvcNAQELBQADggEBAMXPLZbVmGgzAXCCDg+nn4KUOSDL
O9Ze9ly4Hh9uZ1EDrtADlNsfkCkl13zhO1ljAylTHy3UUIRydVety8SI4AePxdQU
ors/zD5wlJlJDzV1z5zDS4FkG/LVE7EkzxhgvxQny0MbSruN73O3FjmzgZReyleq
WFUmT31cDxLUTBJNz5sS83I48+hZXa6SJfUIS4BGlWPQLtAfg0cgc8yu28SHqrMk
XEvP2XxjqhLiYXee7lFMi4cRs3sDtvUAQH4953EPd11lAWC0oL6ANhZCVUlr1F8V
vnXVvwGvgsbCdQBbBSy6NaNAM2G1H9A5yJaVIbB7ZpsuyyKEdAEup0FfhbE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:19 2025 by rpki-client