Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vQvAhs3X9SIrwTiZLcGRbLHAse8.roa
File: vQvAhs3X9SIrwTiZLcGRbLHAse8.roa (raw, json)
Hash identifier: NgpNHRkuHeYtV5T9QGV0qWm2Ew38Qqs1VxG+Tb300CI=
Subject key identifier: BD:0B:C0:86:CD:D7:F5:22:2B:C1:38:99:2D:C1:91:6C:B1:C0:B1:EF
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823CE3E97C07BF7638872663A45F18D
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vQvAhs3X9SIrwTiZLcGRbLHAse8.roa
Signing time: Thu 02 Jan 2025 17:50:22 +0000
ROA not before: Thu 02 Jan 2025 17:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34383
IP address blocks: 85.117.128.0/19 maxlen: 19
85.192.192.0/18 maxlen: 18
89.170.0.0/16 maxlen: 16
95.136.128.0/17 maxlen: 17
2a00:5e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:ce:3e:97:c0:7b:f7:63:88:72:66:3a:45:f1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd0bc086cdd7f5222bc138992dc1916cb1c0b1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9a:33:4f:c2:0f:97:eb:7c:47:2a:2b:ae:af:
41:2e:6e:5e:88:08:93:64:03:04:b0:bb:d6:05:31:
b6:c8:03:c3:f3:4e:5e:29:92:b7:97:7c:fb:54:d1:
9c:60:52:10:d0:74:af:c3:e0:c3:4f:92:96:cc:cf:
be:9c:39:9d:ac:72:9e:c7:3d:79:28:8d:2e:02:c4:
de:00:a0:78:33:cb:46:66:c9:62:4f:1c:c1:60:31:
43:21:e7:e0:40:fb:ab:91:d2:f9:10:0a:60:29:e5:
93:33:fe:e7:ee:4f:77:7c:40:d4:59:b4:5b:44:0e:
33:49:75:9f:bb:96:67:ea:bd:b5:6d:b1:5a:4a:bd:
91:b6:db:66:24:2d:34:27:76:b3:8e:5f:54:91:7e:
40:eb:ec:c1:de:59:41:af:de:8e:73:7c:3a:e2:dc:
1b:70:b7:5c:75:ca:e9:f7:21:c3:da:98:a8:49:6a:
3d:d7:b3:a6:e4:0b:bc:30:16:3a:5c:91:aa:00:45:
01:b9:86:35:32:38:7f:80:47:b0:c9:97:72:6f:f3:
35:93:04:3c:d7:71:57:22:c1:dc:34:07:f3:cb:87:
69:e7:8f:6e:fc:50:56:57:a1:bb:b3:5e:ec:31:7f:
36:2b:5f:50:48:8a:f8:09:a2:3e:31:87:4f:3d:77:
be:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0B:C0:86:CD:D7:F5:22:2B:C1:38:99:2D:C1:91:6C:B1:C0:B1:EF
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vQvAhs3X9SIrwTiZLcGRbLHAse8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.128.0/19
85.192.192.0/18
89.170.0.0/16
95.136.128.0/17
IPv6:
2a00:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
1b:9a:a5:50:73:e6:e6:eb:aa:e5:a0:7a:4c:f7:d2:50:85:69:
2d:92:74:96:e9:1b:37:32:95:b5:b7:c8:58:6b:e9:0a:8d:3d:
6f:93:64:35:b3:24:b4:b9:63:57:14:bd:ba:1f:d7:a6:56:bd:
59:cd:39:9b:63:74:02:9e:3d:9e:2b:01:a9:92:6b:26:26:96:
1d:da:25:02:0e:5d:89:da:41:fc:cb:41:59:c9:bd:ee:a9:13:
b4:79:16:99:90:bb:de:1d:9a:41:e4:39:41:39:e5:e6:eb:41:
e7:a4:1c:6f:33:98:c9:08:e1:d6:03:83:47:7f:1e:de:2e:6f:
53:88:a5:d8:2e:33:ae:e0:e1:4b:d9:ca:a8:9b:f0:51:95:57:
4f:65:61:0d:ba:2f:bd:1b:84:4d:d1:14:e5:8b:f7:35:3e:47:
2c:54:ab:74:8e:38:d5:08:29:a9:81:4c:38:0c:3a:7b:99:6b:
f0:d5:0a:82:c5:7f:13:0d:fe:77:43:82:d1:38:da:7c:03:b0:
42:6f:db:38:21:e7:fb:b7:c9:13:16:f7:07:8e:ca:ec:23:8b:
24:a5:e5:fc:38:7c:6a:55:cf:3f:f2:c8:a5:e7:fc:da:05:98:
53:8a:d1:04:11:48:de:77:bf:80:fd:98:e2:1d:a0:b4:87:c8:
68:03:19:39
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQoI84+l8B792OIcmY6RfGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBiYzA4NmNkZDdmNTIyMmJjMTM4OTkyZGMxOTE2Y2IxYzBiMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJozT8IPl+t8Ryorrq9BLm5eiAiT
ZAMEsLvWBTG2yAPD805eKZK3l3z7VNGcYFIQ0HSvw+DDT5KWzM++nDmdrHKexz15
KI0uAsTeAKB4M8tGZsliTxzBYDFDIefgQPurkdL5EApgKeWTM/7n7k93fEDUWbRb
RA4zSXWfu5Zn6r21bbFaSr2RtttmJC00J3azjl9UkX5A6+zB3llBr96Oc3w64twb
cLdcdcrp9yHD2pioSWo917Om5Au8MBY6XJGqAEUBuYY1Mjh/gEewyZdyb/M1kwQ8
13FXIsHcNAfzy4dp549u/FBWV6G7s17sMX82K19QSIr4CaI+MYdPPXe+pwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL0LwIbN1/UiK8E4mS3BkWyxwLHvMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvdlF2QWhzM1g5U0lyd1RpWkxjR1JiTEhBc2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFVXWAAwQG
VcDAAwMAWaoDBAdfiIAwDQQCAAIwBwMFACoAXoAwDQYJKoZIhvcNAQELBQADggEB
ABuapVBz5ubrquWgekz30lCFaS2SdJbpGzcylbW3yFhr6QqNPW+TZDWzJLS5Y1cU
vbof16ZWvVnNOZtjdAKePZ4rAamSayYmlh3aJQIOXYnaQfzLQVnJve6pE7R5FpmQ
u94dmkHkOUE55ebrQeekHG8zmMkI4dYDg0d/Ht4ub1OIpdguM67g4UvZyqib8FGV
V09lYQ26L70bhE3RFOWL9zU+RyxUq3SOONUIKamBTDgMOnuZa/DVCoLFfxMN/ndD
gtE42nwDsEJv2zgh5/u3yRMW9weOyuwjiySl5fw4fGpVzz/yyKXn/NoFmFOK0QQR
SN53v4D9mOIdoLSHyGgDGTk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:27:37 2025 by rpki-client