Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/vlxJ4XdYq5UdfhgDoOHEcfnWd34.roa
File: vlxJ4XdYq5UdfhgDoOHEcfnWd34.roa (raw, json)
Hash identifier: Xvp5e1uF2VEz4Rg5NOcnJ+l8bML7uMIfXbYJzLVr5G4=
Subject key identifier: BE:5C:49:E1:77:58:AB:95:1D:7E:18:03:A0:E1:C4:71:F9:D6:77:7E
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1D05AD6227272BDBFE64A5CF4EAD5
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/vlxJ4XdYq5UdfhgDoOHEcfnWd34.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
195.56.199.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d0:5a:d6:22:72:72:bd:bf:e6:4a:5c:f4:ea:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be5c49e17758ab951d7e1803a0e1c471f9d6777e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:4e:9d:ca:35:4d:a5:5c:47:f5:99:41:28:
58:93:7a:cb:23:ec:b3:ee:7c:7a:ab:b9:47:58:45:
92:3b:c0:53:b4:d7:a8:ca:be:25:4e:62:cd:56:67:
32:3a:ca:8b:c3:2f:91:20:01:29:69:d2:b4:4a:29:
2e:99:51:08:d6:cd:1a:3a:c6:9f:09:58:d5:be:d5:
d3:e2:3e:ae:86:de:a8:15:a4:93:ba:3f:8d:f0:a1:
47:16:dc:5b:f6:1b:04:69:ed:0b:ad:0a:d3:6d:77:
36:0c:5e:8e:50:0d:d5:2a:37:4c:ef:2a:a0:ab:a0:
00:05:fd:48:e4:4c:ca:bb:9f:cc:26:1d:20:82:6c:
74:40:fd:7c:0f:e2:7a:06:42:cc:c6:1b:38:20:7f:
93:5d:c2:91:ea:31:67:99:e6:33:04:42:5f:0f:f4:
f0:a2:0e:60:82:39:48:7b:a2:8e:11:67:f5:5c:5c:
7d:6d:1f:58:6d:c8:fa:84:76:18:39:d4:23:be:92:
b0:2b:c1:d5:50:87:a3:79:05:38:83:cc:a8:ef:42:
2d:a3:07:84:f3:b6:01:b9:73:19:dd:97:f9:df:6b:
49:5d:93:f5:eb:38:58:bb:55:c3:9d:d2:38:d1:55:
94:b6:1d:5e:bf:49:f9:fd:1f:e6:65:01:75:4b:5e:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5C:49:E1:77:58:AB:95:1D:7E:18:03:A0:E1:C4:71:F9:D6:77:7E
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/vlxJ4XdYq5UdfhgDoOHEcfnWd34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.56.199.0/24
195.228.4.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
11:84:20:60:aa:41:55:35:f8:7e:1a:f3:f1:93:19:d1:5d:e9:
96:a2:d7:67:fb:97:be:4c:39:9b:cc:7f:77:7a:f1:b8:12:54:
79:11:12:61:ba:8d:e2:31:c2:48:0b:ef:85:98:3e:bd:61:ff:
30:38:01:08:99:c6:82:8d:97:bc:d0:67:e3:c0:9e:fd:b7:4d:
f5:41:a2:ea:7a:b5:27:16:b6:bc:de:e4:81:a8:a5:4a:c6:6c:
63:e8:3f:98:47:58:f3:f2:a5:45:bf:96:47:fd:ae:a8:93:16:
c7:87:76:61:66:f1:56:ff:fa:49:cd:0d:f1:93:17:9c:9c:26:
8a:07:fa:12:dc:3c:98:4c:2b:56:1c:ae:c7:6c:cc:5e:92:73:
c5:58:b8:08:aa:92:eb:8a:41:b1:e2:b8:81:98:8e:63:2b:66:
6d:07:e7:9d:f5:17:32:71:d0:0c:32:69:fa:f6:22:4d:a3:cf:
74:14:27:cc:f2:6c:7d:98:35:eb:79:9c:56:b9:cd:69:7f:09:
9c:ba:34:1b:7f:1e:63:93:b0:16:72:a8:38:e9:14:4a:a1:29:
25:93:b8:11:65:49:b5:ba:6d:c2:cc:75:1b:8c:45:95:9b:d9:
00:50:73:fb:44:3f:86:9b:69:69:a2:3e:5f:7f:ed:a2:22:2a:
f5:ff:cd:60
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsdBa1iJycr2/5kpc9OrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTVjNDllMTc3NThhYjk1MWQ3ZTE4MDNhMGUxYzQ3MWY5ZDY3NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmypOnco1TaVcR/WZQShYk3rLI+yz
7nx6q7lHWEWSO8BTtNeoyr4lTmLNVmcyOsqLwy+RIAEpadK0SikumVEI1s0aOsaf
CVjVvtXT4j6uht6oFaSTuj+N8KFHFtxb9hsEae0LrQrTbXc2DF6OUA3VKjdM7yqg
q6AABf1I5EzKu5/MJh0ggmx0QP18D+J6BkLMxhs4IH+TXcKR6jFnmeYzBEJfD/Tw
og5ggjlIe6KOEWf1XFx9bR9Ybcj6hHYYOdQjvpKwK8HVUIejeQU4g8yo70ItoweE
87YBuXMZ3Zf532tJXZP16zhYu1XDndI40VWUth1ev0n5/R/mZQF1S147jwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL5cSeF3WKuVHX4YA6DhxHH51nd+MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdmx4SjRYZFlxNVVkZmhnRG9PSEVjZm5XZDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVAHsAwQA
VAI2AwQAwzjHAwQAw+QEAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQARhCBgqkFV
Nfh+GvPxkxnRXemWotdn+5e+TDmbzH93evG4ElR5ERJhuo3iMcJIC++FmD69Yf8w
OAEImcaCjZe80GfjwJ79t031QaLqerUnFra83uSBqKVKxmxj6D+YR1jz8qVFv5ZH
/a6okxbHh3ZhZvFW//pJzQ3xkxecnCaKB/oS3DyYTCtWHK7HbMxeknPFWLgIqpLr
ikGx4riBmI5jK2ZtB+ed9RcycdAMMmn69iJNo890FCfM8mx9mDXreZxWuc1pfwmc
ujQbfx5jk7AWcqg46RRKoSklk7gRZUm1um3CzHUbjEWVm9kAUHP7RD+Gm2lpoj5f
f+2iIir1/81g
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:34:04 2025 by rpki-client