Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/vft2JBQBkVTDag9j9_M4P-Fcw3g.roa
File: vft2JBQBkVTDag9j9_M4P-Fcw3g.roa (raw, json)
Hash identifier: AMXmsAdT9NymEMaDmBecmwNW9bgGXQhfsXH0M5Vxt5A=
Subject key identifier: BD:FB:76:24:14:01:91:54:C3:6A:0F:63:F7:F3:38:3F:E1:5C:C3:78
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019715CE0DF4EF0A520884F38D9326204654
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/vft2JBQBkVTDag9j9_M4P-Fcw3g.roa
Signing time: Wed 28 May 2025 07:31:54 +0000
ROA not before: Wed 28 May 2025 07:31:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.218.0/23 maxlen: 23
5.10.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:15:ce:0d:f4:ef:0a:52:08:84:f3:8d:93:26:20:46:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: May 28 07:31:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdfb762414019154c36a0f63f7f3383fe15cc378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f1:69:a8:79:fa:91:6c:14:d3:91:5c:48:fa:
0f:85:64:5b:d4:ad:3a:b6:7d:7a:5f:fd:c6:5d:0e:
85:dc:9f:d0:ee:06:23:41:ac:7e:a4:74:2b:90:d2:
8e:5f:f4:be:92:31:2b:8b:1e:84:a1:8d:cc:44:25:
90:cd:fa:90:88:47:08:89:8d:1d:02:36:46:f2:79:
eb:db:ed:23:3f:9d:4c:92:6d:c9:ac:ba:15:94:fb:
43:f2:00:a0:75:a3:6b:69:d2:6c:77:67:55:df:77:
61:7a:1f:d8:80:66:c9:60:59:6f:89:d3:22:1c:15:
b7:1e:18:14:9d:f8:4d:45:e3:77:26:7e:d1:f2:35:
b2:88:3d:ba:c4:f1:c0:78:78:6e:eb:54:d5:d7:48:
2c:15:ee:a5:39:bd:1b:a5:60:7f:31:25:09:de:14:
39:d0:58:5d:49:2d:ad:0b:e9:03:b2:cd:1e:ca:47:
e4:a9:fc:9a:fa:b2:6d:d0:75:d7:d1:7d:ce:e3:ce:
2a:27:d6:b2:a7:69:fc:7c:8c:5f:be:ef:cd:2f:73:
f5:2d:ca:a1:a4:af:01:9f:41:a4:b2:ab:2d:92:f9:
be:c4:c9:50:00:17:c7:77:bc:26:29:8e:19:ce:03:
b5:bb:3c:10:9e:9c:90:2e:93:81:6b:48:d8:25:c4:
e2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FB:76:24:14:01:91:54:C3:6A:0F:63:F7:F3:38:3F:E1:5C:C3:78
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/vft2JBQBkVTDag9j9_M4P-Fcw3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/24
5.10.218.0/23
5.10.223.0/24
Signature Algorithm: sha256WithRSAEncryption
41:98:98:43:15:f2:a4:6e:e0:e4:de:97:eb:a6:2d:2e:a7:6e:
41:46:85:7b:f5:ce:7e:89:b5:75:a3:25:a6:59:9c:80:b2:47:
0e:c4:67:56:59:69:0f:23:49:2f:58:92:02:d4:eb:96:c0:b7:
2a:60:58:27:41:72:1b:7d:30:57:84:14:0e:e7:a4:4d:e7:00:
41:c1:f8:6d:a3:7f:4e:9d:63:76:b3:a7:35:9c:67:ee:c1:b0:
0a:34:7f:e6:89:ee:6c:ef:71:c0:39:ee:5a:e8:2e:48:af:09:
28:9f:aa:7c:bf:1c:23:9b:b6:f8:1a:33:f9:f9:ab:ae:f4:48:
0f:9e:7f:3f:3f:c8:95:22:1f:bd:df:36:b7:ee:2e:73:cf:27:
1f:d1:e1:66:3b:26:1d:a2:67:c4:48:3d:9f:23:09:5a:15:dd:
c2:9d:b1:ac:44:45:ab:8e:bc:3c:e5:b9:a0:aa:e7:b1:be:09:
da:ac:9d:b4:42:6d:bb:28:6c:45:93:4b:fb:e2:fb:75:f0:84:
a2:12:55:f1:5b:52:0d:d1:f0:fc:b1:8b:cf:d7:d1:76:71:74:
08:d9:32:a2:43:32:e7:f7:3b:e7:a6:9f:71:a8:d4:b3:d3:fd:
c8:00:cd:ae:a8:51:ee:57:18:6b:af:e8:e5:7a:2b:73:41:a5:
12:4d:ed:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZcVzg307wpSCITzjZMmIEZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNTI4MDczMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZiNzYyNDE0MDE5MTU0YzM2YTBmNjNmN2YzMzgzZmUxNWNjMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fFpqHn6kWwU05FcSPoPhWRb1K06
tn16X/3GXQ6F3J/Q7gYjQax+pHQrkNKOX/S+kjErix6EoY3MRCWQzfqQiEcIiY0d
AjZG8nnr2+0jP51Mkm3JrLoVlPtD8gCgdaNradJsd2dV33dheh/YgGbJYFlvidMi
HBW3HhgUnfhNReN3Jn7R8jWyiD26xPHAeHhu61TV10gsFe6lOb0bpWB/MSUJ3hQ5
0FhdSS2tC+kDss0eykfkqfya+rJt0HXX0X3O484qJ9ayp2n8fIxfvu/NL3P1Lcqh
pK8Bn0Gksqstkvm+xMlQABfHd7wmKY4ZzgO1uzwQnpyQLpOBa0jYJcTiyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL37diQUAZFUw2oPY/fzOD/hXMN4MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvdmZ0MkpCUUJrVlREYWc5ajlfTTRQLUZjdzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQrUAwQB
BQraAwQABQrfMA0GCSqGSIb3DQEBCwUAA4IBAQBBmJhDFfKkbuDk3pfrpi0up25B
RoV79c5+ibV1oyWmWZyAskcOxGdWWWkPI0kvWJIC1OuWwLcqYFgnQXIbfTBXhBQO
56RN5wBBwfhto39OnWN2s6c1nGfuwbAKNH/mie5s73HAOe5a6C5Irwkon6p8vxwj
m7b4GjP5+auu9EgPnn8/P8iVIh+93za37i5zzycf0eFmOyYdomfESD2fIwlaFd3C
nbGsREWrjrw85bmgquexvgnarJ20Qm27KGxFk0v74vt18ISiElXxW1IN0fD8sYvP
19F2cXQI2TKiQzLn9zvnpp9xqNSz0/3IAM2uqFHuVxhrr+jleitzQaUSTe0q
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:25:19 2025 by rpki-client