Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vIpJkciSQ6QD142-Ek7RV5pbBt8.roa
File: vIpJkciSQ6QD142-Ek7RV5pbBt8.roa (raw, json)
Hash identifier: zp9pBQvKfbDFDILdrqbaFTvvsnihqE/61ZE1X8U6AC4=
Subject key identifier: BC:8A:49:91:C8:92:43:A4:03:D7:8D:BE:12:4E:D1:57:9A:5B:06:DF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01971ADC9CCB4FAB3B122CF0B602B3995E7B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vIpJkciSQ6QD142-Ek7RV5pbBt8.roa
Signing time: Thu 29 May 2025 07:05:55 +0000
ROA not before: Thu 29 May 2025 07:05:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 217.60.32.0/21 maxlen: 24
217.60.239.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 15:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:dc:9c:cb:4f:ab:3b:12:2c:f0:b6:02:b3:99:5e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 29 07:05:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc8a4991c89243a403d78dbe124ed1579a5b06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:11:1f:f5:8b:24:a6:df:6d:1c:b4:02:49:
6c:cf:21:11:1d:6b:de:54:a2:7b:20:9c:84:66:08:
fc:7d:bf:cd:bd:28:ba:35:5a:3b:cc:a8:10:fd:7c:
cd:8e:fd:ab:d5:0f:72:15:51:68:3d:8e:ff:2a:c3:
0b:51:0c:37:63:ed:80:ba:e0:d2:e1:94:12:9e:1a:
c9:0a:7f:fe:98:e7:49:ff:ab:37:b1:bb:79:9f:15:
14:f9:6e:3b:ca:41:cc:5d:29:92:e0:4d:a6:50:1b:
5a:f3:ca:c7:fe:2f:7d:a3:e0:cf:33:a8:85:f5:1c:
e5:02:47:9f:23:43:9a:44:ec:8d:46:74:0a:d4:1e:
6c:2b:fe:20:bc:37:9d:72:44:dd:71:4e:7c:71:ba:
8c:42:70:92:cd:27:1f:c8:8b:09:50:8d:c0:71:62:
d1:0a:60:8b:77:83:e5:b7:87:e4:f0:ae:66:92:d0:
ac:6f:a0:a1:4c:6e:4b:c2:85:14:5e:05:c7:19:32:
a6:37:70:75:77:d4:be:64:c7:75:9a:87:ca:1c:6a:
00:fa:d3:60:d1:57:25:8f:ee:96:5d:7a:5d:ed:03:
19:14:c2:9f:52:a2:4a:c0:94:15:eb:c6:ee:1f:f5:
45:e3:50:a8:72:79:8f:20:61:ae:f0:e2:08:4c:a8:
05:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8A:49:91:C8:92:43:A4:03:D7:8D:BE:12:4E:D1:57:9A:5B:06:DF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vIpJkciSQ6QD142-Ek7RV5pbBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.32.0/21
217.60.239.0/24
217.60.242.0/24
217.60.247.0-217.60.249.255
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4c:37:f1:da:ea:54:8d:63:2f:7d:b1:d0:7e:9e:0d:c5:b8:
f9:31:f1:4c:52:cd:cf:11:4c:2b:8c:47:4a:ac:dc:2f:b8:d2:
86:40:1d:6c:83:c5:07:42:d2:4f:b5:fb:92:94:46:6d:8c:f2:
b3:57:c2:4e:84:a4:25:15:02:75:17:d7:17:b2:b5:71:22:9a:
23:6c:00:93:26:12:04:75:2b:ca:1f:39:41:b0:b1:d4:04:1e:
59:b8:59:58:e9:5e:9d:cc:83:20:06:12:0a:3b:17:ba:d8:63:
d3:ee:aa:4f:4d:78:3f:09:de:f5:2f:41:5e:9a:a7:fb:46:95:
06:fa:05:44:bb:53:a5:62:26:57:17:eb:22:7c:7d:30:5c:e3:
a7:f3:4e:26:c3:d6:25:c3:cc:7a:1a:60:98:81:ea:2d:f9:64:
d0:02:82:51:05:16:82:71:71:06:8d:dd:4c:4c:40:0f:88:0f:
3a:a2:70:9f:e3:c4:9c:f1:48:01:7d:c2:9a:1f:51:6b:35:b5:
52:99:f3:4f:c5:72:4a:7e:ec:54:84:e4:ef:97:6c:c4:97:d3:
dc:0a:12:1a:1e:e9:25:64:24:0c:11:5e:b4:8d:d1:28:96:5b:
58:47:a2:ad:07:65:eb:43:e2:d8:fa:57:c4:fa:5f:b9:b7:8b:
93:82:cf:75
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZca3JzLT6s7EizwtgKzmV57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTI5MDcwNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhhNDk5MWM4OTI0M2E0MDNkNzhkYmUxMjRlZDE1NzlhNWIwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+0RH/WLJKbfbRy0AklszyERHWve
VKJ7IJyEZgj8fb/NvSi6NVo7zKgQ/XzNjv2r1Q9yFVFoPY7/KsMLUQw3Y+2AuuDS
4ZQSnhrJCn/+mOdJ/6s3sbt5nxUU+W47ykHMXSmS4E2mUBta88rH/i99o+DPM6iF
9RzlAkefI0OaROyNRnQK1B5sK/4gvDedckTdcU58cbqMQnCSzScfyIsJUI3AcWLR
CmCLd4Plt4fk8K5mktCsb6ChTG5LwoUUXgXHGTKmN3B1d9S+ZMd1mofKHGoA+tNg
0Vclj+6WXXpd7QMZFMKfUqJKwJQV68buH/VF41CocnmPIGGu8OIITKgFoQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLyKSZHIkkOkA9eNvhJO0VeaWwbfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdklwSmtjaVNRNlFEMTQyLUVrN1JWNXBiQnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQD2TwgAwQA
2TzvAwQA2TzyMAwDBADZPPcDBAHZPPgDBADZPPwwDQYJKoZIhvcNAQELBQADggEB
ADlMN/Ha6lSNYy99sdB+ng3FuPkx8UxSzc8RTCuMR0qs3C+40oZAHWyDxQdC0k+1
+5KURm2M8rNXwk6EpCUVAnUX1xeytXEimiNsAJMmEgR1K8ofOUGwsdQEHlm4WVjp
Xp3MgyAGEgo7F7rYY9Puqk9NeD8J3vUvQV6ap/tGlQb6BUS7U6ViJlcX6yJ8fTBc
46fzTibD1iXDzHoaYJiB6i35ZNACglEFFoJxcQaN3UxMQA+IDzqicJ/jxJzxSAF9
wpofUWs1tVKZ80/Fckp+7FSE5O+XbMSX09wKEhoe6SVkJAwRXrSN0SiWW1hHoq0H
ZetD4tj6V8T6X7m3i5OCz3U=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:45:10 2025 by rpki-client