Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VcO4qJxU40K9kxUnEeW--IFaX04.roa
File: VcO4qJxU40K9kxUnEeW--IFaX04.roa (raw, json)
Hash identifier: X/O0h17oYuRQs7Z/RvZag6iy4Bl2stwkspMMrvsPNYY=
Subject key identifier: 55:C3:B8:A8:9C:54:E3:42:BD:93:15:27:11:E5:BE:F8:81:5A:5F:4E
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019425217C1835DD8186C2304CAFA50437DA
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VcO4qJxU40K9kxUnEeW--IFaX04.roa
Signing time: Thu 02 Jan 2025 03:48:58 +0000
ROA not before: Thu 02 Jan 2025 03:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48749
IP address blocks: 86.107.59.0/24 maxlen: 24
2a05:8883:ffff::/48 maxlen: 48
2a0f:55c7:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7c:18:35:dd:81:86:c2:30:4c:af:a5:04:37:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55c3b8a89c54e342bd93152711e5bef8815a5f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e8:10:06:0d:b9:d2:bd:54:96:6b:64:f3:c0:
35:3d:43:79:2d:b2:a3:17:b2:02:dd:d8:0e:c0:76:
b1:3c:36:2b:e8:4a:54:2e:5c:93:20:62:a2:b1:68:
5e:38:74:d0:19:f0:e0:57:9f:46:4d:cd:d9:98:76:
18:9b:24:70:6b:1e:65:77:50:18:f0:4b:ad:85:6d:
7f:82:16:98:5d:32:17:c6:9d:4a:83:bf:36:ff:16:
28:6c:19:81:22:79:cf:28:48:d1:89:62:5e:53:71:
d1:24:3b:d0:91:c1:24:b0:80:ad:02:bf:57:53:15:
87:88:c5:9f:1f:bf:d3:97:0f:52:08:44:0d:e3:9f:
dd:5a:f8:b1:44:f1:d0:6a:7b:29:3d:60:24:f4:53:
61:e6:d7:11:81:38:7f:2e:e6:1b:62:e6:3b:11:41:
98:7e:7a:0e:3e:8d:39:64:d1:62:3f:49:6d:d2:f5:
61:c8:60:ec:75:6b:1c:c9:e2:ea:29:43:36:39:9b:
71:75:73:9d:00:db:99:d4:24:27:6a:91:b0:45:83:
9b:62:a2:c4:2c:24:f8:88:f7:4b:74:18:27:f3:73:
12:4c:7a:6d:47:44:73:22:c0:88:71:dc:ad:fb:c0:
5d:b0:4d:2f:9a:6a:7a:b8:ea:32:41:34:27:96:73:
dc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C3:B8:A8:9C:54:E3:42:BD:93:15:27:11:E5:BE:F8:81:5A:5F:4E
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VcO4qJxU40K9kxUnEeW--IFaX04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.59.0/24
IPv6:
2a05:8883:ffff::/48
2a0f:55c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
85:6f:ca:7e:d7:72:e8:38:a6:6d:0d:0b:a5:5c:05:36:98:cd:
67:93:f8:f6:c2:15:a0:c6:5f:16:fb:2d:0b:c8:43:46:3c:82:
5b:17:e0:26:c2:a2:46:3a:ae:c7:d6:4a:52:65:86:62:c3:08:
a9:a4:0d:8b:35:8a:fd:e8:57:92:f0:72:3f:4a:4e:8b:5a:98:
c3:92:24:a6:9d:49:cd:91:1a:18:19:c4:84:23:bf:d7:d5:06:
2e:fc:51:15:33:a8:99:bd:ff:24:c1:34:bc:c0:46:8a:17:e1:
80:75:46:9f:04:46:7f:15:ac:f0:03:e3:d8:28:3f:69:f6:97:
d7:46:29:5f:3f:09:e9:05:4c:8f:8d:6d:ef:a3:6a:21:ec:24:
cf:8d:83:b6:1e:5a:f3:15:9a:35:1b:3e:ab:b3:3f:31:43:f3:
a9:d4:81:31:e9:fa:60:9a:52:3e:7a:78:1c:06:1c:c4:4d:28:
c8:94:a5:a6:25:5e:14:b9:30:33:e1:f0:ea:40:00:b8:f1:c4:
07:37:9e:13:ca:d8:cd:26:e9:83:40:8e:40:a4:8a:3e:a9:e9:
4e:19:57:65:cd:5d:1d:b4:35:e1:1d:c9:b9:fe:ed:23:eb:11:
1c:5e:47:23:32:b0:16:6b:ee:5f:6b:86:fa:26:29:0e:79:eb:
4a:a3:25:63
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIXwYNd2BhsIwTK+lBDfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWMzYjhhODljNTRlMzQyYmQ5MzE1MjcxMWU1YmVmODgxNWE1ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnegQBg250r1Ulmtk88A1PUN5LbKj
F7IC3dgOwHaxPDYr6EpULlyTIGKisWheOHTQGfDgV59GTc3ZmHYYmyRwax5ld1AY
8EuthW1/ghaYXTIXxp1Kg782/xYobBmBInnPKEjRiWJeU3HRJDvQkcEksICtAr9X
UxWHiMWfH7/Tlw9SCEQN45/dWvixRPHQanspPWAk9FNh5tcRgTh/LuYbYuY7EUGY
fnoOPo05ZNFiP0lt0vVhyGDsdWscyeLqKUM2OZtxdXOdANuZ1CQnapGwRYObYqLE
LCT4iPdLdBgn83MSTHptR0RzIsCIcdyt+8BdsE0vmmp6uOoyQTQnlnPcTQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFXDuKicVONCvZMVJxHlvviBWl9OMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvVmNPNHFKeFU0MEs5a3hVbkVlVy0tSUZhWDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAVms7MBgE
AgACMBIDBwAqBYiD//8DBwAqD1XH//8wDQYJKoZIhvcNAQELBQADggEBAIVvyn7X
cug4pm0NC6VcBTaYzWeT+PbCFaDGXxb7LQvIQ0Y8glsX4CbCokY6rsfWSlJlhmLD
CKmkDYs1iv3oV5Lwcj9KTotamMOSJKadSc2RGhgZxIQjv9fVBi78URUzqJm9/yTB
NLzARooX4YB1Rp8ERn8VrPAD49goP2n2l9dGKV8/CekFTI+Nbe+jaiHsJM+Ng7Ye
WvMVmjUbPquzPzFD86nUgTHp+mCaUj56eBwGHMRNKMiUpaYlXhS5MDPh8OpAALjx
xAc3nhPK2M0m6YNAjkCkij6p6U4ZV2XNXR20NeEdybn+7SPrERxeRyMysBZr7l9r
hvomKQ5560qjJWM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:02:27 2025 by rpki-client