Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/VNOgNSigRRAb70bKyLVuHiqWqcg.roa
File: VNOgNSigRRAb70bKyLVuHiqWqcg.roa (raw, json)
Hash identifier: 0V+O6nfILt11f/kT8RnWqxjr5DCANmAANaaUT4hQ8EI=
Subject key identifier: 54:D3:A0:35:28:A0:45:10:1B:EF:46:CA:C8:B5:6E:1E:2A:96:A9:C8
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 0196CEF2F29BE51296E0793511396F5BB584
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/VNOgNSigRRAb70bKyLVuHiqWqcg.roa
Signing time: Wed 14 May 2025 13:19:10 +0000
ROA not before: Wed 14 May 2025 13:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 46.194.0.0/15 maxlen: 15
62.13.0.0/17 maxlen: 17
62.65.64.0/18 maxlen: 18
62.119.0.0/16 maxlen: 16
62.127.0.0/16 maxlen: 16
78.82.0.0/16 maxlen: 16
79.102.0.0/16 maxlen: 16
80.68.96.0/20 maxlen: 20
81.26.224.0/19 maxlen: 19
82.182.0.0/15 maxlen: 15
83.226.0.0/15 maxlen: 15
84.216.0.0/14 maxlen: 14
85.224.0.0/13 maxlen: 13
92.32.0.0/14 maxlen: 14
94.234.0.0/16 maxlen: 16
178.28.0.0/14 maxlen: 14
195.43.192.0/18 maxlen: 18
195.54.96.0/19 maxlen: 19
195.58.96.0/19 maxlen: 19
195.66.32.0/19 maxlen: 19
212.73.0.0/19 maxlen: 19
212.73.160.0/19 maxlen: 19
212.75.64.0/19 maxlen: 19
212.105.0.0/17 maxlen: 17
213.112.0.0/14 maxlen: 14
213.150.128.0/19 maxlen: 19
213.163.128.0/19 maxlen: 19
213.204.128.0/18 maxlen: 18
213.214.192.0/18 maxlen: 18
213.238.192.0/18 maxlen: 18
213.242.128.0/18 maxlen: 18
217.174.64.0/19 maxlen: 19
2a02:1400::/26 maxlen: 26
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:f2:f2:9b:e5:12:96:e0:79:35:11:39:6f:5b:b5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: May 14 13:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54d3a03528a045101bef46cac8b56e1e2a96a9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:59:f2:e7:64:81:7f:fd:a9:38:51:6b:26:93:
08:99:c0:cf:c3:d6:a1:ba:57:53:76:58:38:46:6c:
3c:51:9d:2d:1a:bd:97:54:c8:0e:17:ee:4e:c1:c9:
8c:3d:23:39:1b:33:0c:6f:ac:d8:b7:83:d7:9b:76:
20:a1:14:0f:78:e0:02:ae:bd:5b:7a:c2:1f:8b:77:
aa:d8:2e:3a:db:2c:49:6a:21:92:54:d4:d9:8a:4b:
dc:56:7a:61:30:1a:ec:21:a3:26:dd:b0:bb:68:6a:
48:1b:5e:05:83:0c:73:f0:c4:6e:53:14:9d:64:34:
91:df:d1:da:04:9c:45:b6:6c:e2:53:a4:d1:89:3e:
56:7a:e8:62:44:1a:ef:4b:c6:c0:e9:e3:93:7f:a1:
b5:fc:a7:05:cf:9f:82:5d:04:e5:c5:09:1e:9c:ea:
be:83:11:74:b1:6e:8b:0e:79:36:9d:89:f9:70:8d:
62:25:e7:38:31:d7:2e:de:96:57:5c:ac:3c:b5:01:
31:13:8e:02:3d:9a:12:94:ee:7b:2f:df:3a:2d:03:
33:7b:35:92:af:e2:eb:4c:1c:ce:ae:99:b8:3a:dc:
1f:48:0f:55:e6:73:44:98:6e:ba:21:ca:3f:d3:e2:
fc:a1:d9:78:79:a5:5f:2d:21:cf:8e:8e:42:f2:4a:
7b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D3:A0:35:28:A0:45:10:1B:EF:46:CA:C8:B5:6E:1E:2A:96:A9:C8
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/VNOgNSigRRAb70bKyLVuHiqWqcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.194.0.0/15
62.13.0.0/17
62.65.64.0/18
62.119.0.0/16
62.127.0.0/16
78.82.0.0/16
79.102.0.0/16
80.68.96.0/20
81.26.224.0/19
82.182.0.0/15
83.226.0.0/15
84.216.0.0/14
85.224.0.0/13
92.32.0.0/14
94.234.0.0/16
178.28.0.0/14
195.43.192.0/18
195.54.96.0/19
195.58.96.0/19
195.66.32.0/19
212.73.0.0/19
212.73.160.0/19
212.75.64.0/19
212.105.0.0/17
213.112.0.0/14
213.150.128.0/19
213.163.128.0/19
213.204.128.0/18
213.214.192.0/18
213.238.192.0/18
213.242.128.0/18
217.174.64.0/19
IPv6:
2a02:1400::/26
Signature Algorithm: sha256WithRSAEncryption
3e:be:ed:38:5b:cf:e9:b7:78:59:b4:a1:ea:7a:a2:90:79:f8:
61:0f:db:41:63:f7:0e:f5:b3:c1:5e:58:58:74:0d:fa:ca:4e:
5e:59:e2:94:e1:46:3e:97:6e:d7:dc:62:f8:fe:f1:56:d7:78:
7f:65:0e:15:f0:73:de:e6:ca:ab:49:3f:fd:e9:6d:d4:0f:40:
42:02:48:05:13:7f:1b:19:b4:e9:12:4d:50:23:a0:52:49:02:
1b:8b:07:d6:5c:13:03:2c:09:7b:32:d7:11:65:39:c0:f0:03:
40:2a:68:72:9f:5d:f9:ef:e2:66:b4:a9:74:bf:fe:9d:63:05:
c4:98:bc:53:3c:68:bd:62:fe:e6:ad:6b:7a:76:b9:b4:19:7f:
30:83:1e:ca:b5:36:cb:c0:4a:8b:c5:e4:fb:e0:49:c4:e8:57:
3e:f9:90:85:fe:ba:07:fb:c0:f0:3c:74:00:d5:85:6c:2d:2c:
ab:7e:4b:63:8d:17:04:29:52:5d:a6:97:ff:79:ba:d4:58:c3:
99:56:b3:c5:09:4d:4f:99:5a:06:d7:2c:cc:d7:0e:7d:65:3d:
42:67:a3:3e:47:64:71:d5:05:84:a1:bc:b5:27:71:e4:07:61:
d2:60:80:77:94:8d:0a:34:a9:1b:0f:52:09:c7:ed:e1:6b:df:
6a:42:87:e2
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZbO8vKb5RKW4Hk1ETlvW7WEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjUwNTE0MTMxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQzYTAzNTI4YTA0NTEwMWJlZjQ2Y2FjOGI1NmUxZTJhOTZhOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVny52SBf/2pOFFrJpMImcDPw9ah
uldTdlg4Rmw8UZ0tGr2XVMgOF+5OwcmMPSM5GzMMb6zYt4PXm3YgoRQPeOACrr1b
esIfi3eq2C462yxJaiGSVNTZikvcVnphMBrsIaMm3bC7aGpIG14Fgwxz8MRuUxSd
ZDSR39HaBJxFtmziU6TRiT5WeuhiRBrvS8bA6eOTf6G1/KcFz5+CXQTlxQkenOq+
gxF0sW6LDnk2nYn5cI1iJec4Mdcu3pZXXKw8tQExE44CPZoSlO57L986LQMzezWS
r+LrTBzOrpm4OtwfSA9V5nNEmG66Ico/0+L8odl4eaVfLSHPjo5C8kp7bwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFFTToDUooEUQG+9Gysi1bh4qlqnIMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvVk5PZ05TaWdSUkFiNzBiS3lMVnVIaXFXcWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBugQCAAEwgbMDAwEu
wgMEBz4NAAMEBj5BQAMDAD53AwMAPn8DAwBOUgMDAE9mAwQEUERgAwQFURrgAwMB
UrYDAwFT4gMDAlTYAwMDVeADAwJcIAMDAF7qAwMCshwDBAbDK8ADBAXDNmADBAXD
OmADBAXDQiADBAXUSQADBAXUSaADBAXUS0ADBAfUaQADAwLVcAMEBdWWgAMEBdWj
gAMEBtXMgAMEBtXWwAMEBtXuwAMEBtXygAMEBdmuQDANBAIAAjAHAwUGKgIUADAN
BgkqhkiG9w0BAQsFAAOCAQEAPr7tOFvP6bd4WbSh6nqikHn4YQ/bQWP3DvWzwV5Y
WHQN+spOXlnilOFGPpdu19xi+P7xVtd4f2UOFfBz3ubKq0k//elt1A9AQgJIBRN/
Gxm06RJNUCOgUkkCG4sH1lwTAywJezLXEWU5wPADQCpocp9d+e/iZrSpdL/+nWMF
xJi8UzxovWL+5q1rena5tBl/MIMeyrU2y8BKi8Xk++BJxOhXPvmQhf66B/vA8Dx0
ANWFbC0sq35LY40XBClSXaaX/3m61FjDmVazxQlNT5laBtcszNcOfWU9QmejPkdk
cdUFhKG8tSdx5Adh0mCAd5SNCjSpGw9SCcft4WvfakKH4g==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:07:13 2025 by rpki-client