Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/Vwxuf9tXogbGBPbtetxGHltRAJA.roa
File: Vwxuf9tXogbGBPbtetxGHltRAJA.roa (raw, json)
Hash identifier: 56fbOe+uRKJW3PaHfR9HfAkpkYQK6n+PS05QT68yj88=
Subject key identifier: 57:0C:6E:7F:DB:57:A2:06:C6:04:F6:ED:7A:DC:46:1E:5B:51:00:90
Certificate issuer: /CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Certificate serial: 0195EB5410A05F415C7CA3EFFCC789F2CD03
Authority key identifier: CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/Vwxuf9tXogbGBPbtetxGHltRAJA.roa
Signing time: Mon 31 Mar 2025 08:31:49 +0000
ROA not before: Mon 31 Mar 2025 08:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 5.80.0.0/15 maxlen: 15
5.81.0.0/16 maxlen: 16
31.48.0.0/13 maxlen: 13
62.6.0.0/16 maxlen: 16
62.7.0.0/16 maxlen: 16
81.128.0.0/11 maxlen: 11
81.128.0.0/12 maxlen: 12
86.128.0.0/10 maxlen: 10
86.128.0.0/11 maxlen: 11
86.128.0.0/12 maxlen: 12
109.144.0.0/12 maxlen: 12
185.93.168.0/22 maxlen: 22
193.37.160.0/20 maxlen: 20
194.79.48.0/22 maxlen: 22
195.171.0.0/16 maxlen: 16
212.82.0.0/19 maxlen: 19
213.120.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:54:10:a0:5f:41:5c:7c:a3:ef:fc:c7:89:f2:cd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Validity
Not Before: Mar 31 08:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=570c6e7fdb57a206c604f6ed7adc461e5b510090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:43:66:d0:c1:e1:45:a6:72:2f:04:93:06:
ae:1b:f6:ba:a1:62:23:c9:4b:32:74:eb:41:08:d8:
80:70:2c:c3:75:e0:f8:60:0b:24:48:a1:36:f5:ba:
e2:bf:fa:04:fe:21:50:a1:70:4a:14:83:2b:31:ab:
c0:a8:31:ae:2d:d6:31:74:68:85:79:d6:6e:4e:10:
42:22:72:20:fb:9d:3e:ce:1c:34:27:2e:18:71:17:
e7:04:99:e1:b9:0c:17:6e:f6:16:53:10:b7:a8:3c:
30:55:00:de:c2:08:50:59:18:53:ab:39:de:b8:91:
c8:e8:d3:8b:3e:70:19:29:5c:83:c6:ca:d5:7f:69:
06:6d:cb:83:33:fb:a6:78:b1:ef:f0:1a:98:be:58:
da:83:18:52:04:29:f2:dc:5e:92:80:4b:99:f8:ea:
8e:4e:c9:a4:e6:9c:2f:ff:7f:3b:0c:f6:94:0c:3e:
2c:0c:3f:06:53:1b:1e:03:cb:5d:bd:e1:fb:83:0a:
11:04:e8:e6:3e:c7:fb:9a:ac:95:6a:c6:b7:14:ea:
1f:e2:f4:0b:37:2c:3d:bc:46:f1:37:af:ed:2f:67:
2f:07:d6:08:29:f4:7f:3c:86:9b:80:c3:f9:8b:00:
2e:bd:91:9e:c7:33:6e:04:af:76:9b:e7:82:5f:b5:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:0C:6E:7F:DB:57:A2:06:C6:04:F6:ED:7A:DC:46:1E:5B:51:00:90
X509v3 Authority Key Identifier:
keyid:CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/Vwxuf9tXogbGBPbtetxGHltRAJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.80.0.0/15
31.48.0.0/13
62.6.0.0/15
81.128.0.0/11
86.128.0.0/10
109.144.0.0/12
185.93.168.0/22
193.37.160.0/20
194.79.48.0/22
195.171.0.0/16
212.82.0.0/19
213.120.0.0/14
Signature Algorithm: sha256WithRSAEncryption
30:7f:15:ff:c1:61:34:44:01:b5:49:a1:8c:b2:00:8e:0a:82:
0f:bb:19:ce:a3:e5:5a:96:22:8f:87:e3:75:39:50:fb:57:82:
34:43:16:85:e6:95:0a:ec:92:f2:1f:3d:43:3c:39:2c:bb:8e:
42:0d:09:11:83:27:fe:97:b1:9a:c7:d4:f6:1b:96:23:44:ce:
cf:78:11:0b:f2:cf:02:1c:e7:ee:e8:f6:1e:82:e3:08:42:d3:
0f:de:91:d9:6d:44:0b:0c:54:30:87:21:35:88:90:ca:f4:c4:
ec:11:40:ee:92:98:fb:25:42:62:e9:b7:1b:4a:f3:ad:e9:00:
e1:cf:f4:9c:d0:1f:de:ad:1a:31:0c:5f:b6:cf:7d:c6:63:99:
33:55:8d:0f:ae:66:2a:01:6f:f0:5b:48:67:dc:d9:9c:e3:72:
b4:c2:87:70:b3:6a:64:6e:16:25:13:45:b2:a9:10:70:6e:99:
89:8d:65:26:fc:d0:b2:19:41:a0:4d:61:0d:80:2d:36:08:d2:
ba:d4:0b:c8:78:96:35:80:93:e6:a9:14:0a:1e:54:49:07:4e:
65:0a:c3:2a:c3:24:7d:77:ea:ec:5e:03:c4:63:ff:1a:1c:19:
0c:b4:92:ba:d0:82:e3:8d:02:22:f5:66:ca:b6:d4:38:47:9d:
cd:12:ec:bf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZXrVBCgX0FcfKPv/MeJ8s0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDZlMTYxZGNmYjdiNzI3NzUxNDlkNDM1Yjc5YmE5ZDU2
ZDE0MTcwHhcNMjUwMzMxMDgzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzBjNmU3ZmRiNTdhMjA2YzYwNGY2ZWQ3YWRjNDYxZTViNTEwMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBZDZtDB4UWmci8EkwauG/a6oWIj
yUsydOtBCNiAcCzDdeD4YAskSKE29briv/oE/iFQoXBKFIMrMavAqDGuLdYxdGiF
edZuThBCInIg+50+zhw0Jy4YcRfnBJnhuQwXbvYWUxC3qDwwVQDewghQWRhTqzne
uJHI6NOLPnAZKVyDxsrVf2kGbcuDM/umeLHv8BqYvljagxhSBCny3F6SgEuZ+OqO
Tsmk5pwv/387DPaUDD4sDD8GUxseA8tdveH7gwoRBOjmPsf7mqyVasa3FOof4vQL
Nyw9vEbxN6/tL2cvB9YIKfR/PIabgMP5iwAuvZGexzNuBK92m+eCX7UJ8wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFcMbn/bV6IGxgT27XrcRh5bUQCQMB8GA1UdIwQY
MBaAFM/W4WHc+3tyd1FJ1DW3m6nVbRQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYt
MjIzNzQyZWU0Mzc1LzEvVnd4dWY5dFhvZ2JHQlBidGV0eEdIbHRSQUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYtMjIzNzQyZWU0Mzc1
LzEvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwMBBVADAwMf
MAMDAT4GAwMFUYADAwZWgAMDBG2QAwQCuV2oAwQEwSWgAwQCwk8wAwMAw6sDBAXU
UgADAwLVeDANBgkqhkiG9w0BAQsFAAOCAQEAMH8V/8FhNEQBtUmhjLIAjgqCD7sZ
zqPlWpYij4fjdTlQ+1eCNEMWheaVCuyS8h89Qzw5LLuOQg0JEYMn/pexmsfU9huW
I0TOz3gRC/LPAhzn7uj2HoLjCELTD96R2W1ECwxUMIchNYiQyvTE7BFA7pKY+yVC
Yum3G0rzrekA4c/0nNAf3q0aMQxfts99xmOZM1WND65mKgFv8FtIZ9zZnONytMKH
cLNqZG4WJRNFsqkQcG6ZiY1lJvzQshlBoE1hDYAtNgjSutQLyHiWNYCT5qkUCh5U
SQdOZQrDKsMkfXfq7F4DxGP/GhwZDLSSutCC440CIvVmyrbUOEedzRLsvw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:55:15 2025 by rpki-client