Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/VDV2mgvPqpRmmoenb9SaX1u1440.roa
File: VDV2mgvPqpRmmoenb9SaX1u1440.roa (raw, json)
Hash identifier: ivvVUYPgums0E545lnqR4Wp+TXCXyBK6qgVWasD11m0=
Subject key identifier: 54:35:76:9A:0B:CF:AA:94:66:9A:87:A7:6F:D4:9A:5F:5B:B5:E3:8D
Certificate issuer: /CN=0bcbf748e9f4998685d0c965d2dfdf0f362a5052
Certificate serial: 019420D5C62B7D6EECC344664EBEF3C73DA4
Authority key identifier: 0B:CB:F7:48:E9:F4:99:86:85:D0:C9:65:D2:DF:DF:0F:36:2A:50:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/VDV2mgvPqpRmmoenb9SaX1u1440.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48781
IP address blocks: 91.107.0.0/18 maxlen: 19
95.128.240.0/21 maxlen: 23
185.33.244.0/24 maxlen: 24
185.33.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:2b:7d:6e:ec:c3:44:66:4e:be:f3:c7:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bcbf748e9f4998685d0c965d2dfdf0f362a5052
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5435769a0bcfaa94669a87a76fd49a5f5bb5e38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2f:00:9a:ce:a8:19:72:62:0b:f8:9b:ed:66:
e3:97:6f:06:0b:e6:fd:d9:01:68:38:fd:a1:6c:9c:
99:e9:1d:0f:ed:34:8f:e5:f6:16:bc:fe:f0:03:c4:
ab:57:7d:21:f1:a0:62:72:f1:0c:e2:1d:12:25:b5:
b0:00:69:ff:47:b5:6a:82:26:9d:50:b4:f2:46:c1:
dd:e6:e6:ee:a3:fc:14:f9:93:30:d5:12:f9:ae:97:
e9:3d:89:6a:21:6f:ba:94:b3:4b:2d:65:5a:83:a5:
73:92:66:ba:71:3f:3c:ec:98:81:ce:84:63:ee:07:
27:7f:a0:5a:f1:2a:9d:8e:35:8b:05:0f:90:3e:95:
09:09:6b:95:97:59:80:dd:e1:ce:5b:86:23:f1:4e:
6f:c8:18:65:bb:35:7b:8e:c8:03:75:2d:29:71:98:
56:c9:48:46:3f:cd:fa:1f:d7:cb:c3:76:e4:da:53:
ee:65:9f:39:da:75:a0:23:40:8f:58:d1:59:a9:1c:
52:05:f3:bd:c9:63:e2:59:85:88:de:48:ff:87:f2:
10:22:00:53:73:12:9c:31:56:21:72:e4:b4:68:f6:
c0:33:91:55:b4:04:76:9a:a7:8d:7c:f6:cc:04:b5:
dc:3c:cc:08:3e:7d:34:9f:c5:cb:77:ce:d5:bc:d9:
8b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:35:76:9A:0B:CF:AA:94:66:9A:87:A7:6F:D4:9A:5F:5B:B5:E3:8D
X509v3 Authority Key Identifier:
keyid:0B:CB:F7:48:E9:F4:99:86:85:D0:C9:65:D2:DF:DF:0F:36:2A:50:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/VDV2mgvPqpRmmoenb9SaX1u1440.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.0.0/18
95.128.240.0/21
185.33.244.0/24
185.33.246.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c9:e7:1d:ea:76:58:a5:83:30:7c:bd:5f:cb:cc:33:c1:9c:
ac:34:e1:fb:42:6b:bc:c7:ab:36:23:d3:96:a0:26:f8:19:fd:
8c:8a:1d:fb:c1:13:b9:1a:1e:45:20:0d:ba:23:8e:a9:d4:6c:
9f:ee:1c:c4:86:3b:47:7b:52:11:d9:b7:4f:82:3f:a0:a7:f6:
7f:5b:bf:31:ad:51:0f:61:ce:df:de:fc:4b:5f:42:9c:39:4a:
25:f4:91:a6:b6:a7:81:e5:4a:86:c5:e0:2b:d4:1d:b6:13:d4:
a4:4b:77:ae:07:81:41:5e:b3:7e:52:f7:28:44:4b:c8:df:ef:
5a:cb:14:09:2c:64:82:ab:74:ed:fe:5f:86:43:16:46:a5:38:
f7:86:2a:8f:32:c8:93:ea:57:23:cd:5a:9f:1d:4b:a1:e1:5b:
1a:53:3d:d0:22:ac:29:83:7f:e6:4b:3a:4d:53:48:14:35:3e:
23:a4:1f:0e:ea:b7:a3:99:4a:38:07:62:c8:51:4b:4b:74:be:
b0:6d:3a:8e:88:52:58:16:2a:ed:74:f4:f5:f9:2d:49:3e:ba:
67:d5:35:49:d1:8d:f8:1c:18:62:9f:fd:57:fb:6f:d5:c3:6d:
14:85:cf:85:19:74:c3:2b:24:80:66:56:02:ad:a8:51:fe:13:
e2:43:47:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1cYrfW7sw0RmTr7zxz2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiY2JmNzQ4ZTlmNDk5ODY4NWQwYzk2NWQyZGZkZjBmMzYy
YTUwNTIwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM1NzY5YTBiY2ZhYTk0NjY5YTg3YTc2ZmQ0OWE1ZjViYjVlMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy8Ams6oGXJiC/ib7Wbjl28GC+b9
2QFoOP2hbJyZ6R0P7TSP5fYWvP7wA8SrV30h8aBicvEM4h0SJbWwAGn/R7Vqgiad
ULTyRsHd5ubuo/wU+ZMw1RL5rpfpPYlqIW+6lLNLLWVag6Vzkma6cT887JiBzoRj
7gcnf6Ba8SqdjjWLBQ+QPpUJCWuVl1mA3eHOW4Yj8U5vyBhluzV7jsgDdS0pcZhW
yUhGP836H9fLw3bk2lPuZZ852nWgI0CPWNFZqRxSBfO9yWPiWYWI3kj/h/IQIgBT
cxKcMVYhcuS0aPbAM5FVtAR2mqeNfPbMBLXcPMwIPn00n8XLd87VvNmLjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFQ1dpoLz6qUZpqHp2/Uml9bteONMB8GA1UdIwQY
MBaAFAvL90jp9JmGhdDJZdLf3w82KlBSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzh2M1NPbjBtWWFGME1sbDB0X2ZEellxVUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lMjIxOTItYmUwMC00OGMwLWE3MTEt
N2Y5NmM5ZjA1ZjU0LzEvVkRWMm1ndlBxcFJtbW9lbmI5U2FYMXUxNDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lMjIxOTItYmUwMC00OGMwLWE3MTEtN2Y5NmM5ZjA1ZjU0
LzEvQzh2M1NPbjBtWWFGME1sbDB0X2ZEellxVUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGW2sAAwQD
X4DwAwQAuSH0AwQAuSH2MA0GCSqGSIb3DQEBCwUAA4IBAQCGyecd6nZYpYMwfL1f
y8wzwZysNOH7Qmu8x6s2I9OWoCb4Gf2Mih37wRO5Gh5FIA26I46p1Gyf7hzEhjtH
e1IR2bdPgj+gp/Z/W78xrVEPYc7f3vxLX0KcOUol9JGmtqeB5UqGxeAr1B22E9Sk
S3euB4FBXrN+UvcoREvI3+9ayxQJLGSCq3Tt/l+GQxZGpTj3hiqPMsiT6lcjzVqf
HUuh4VsaUz3QIqwpg3/mSzpNU0gUNT4jpB8O6rejmUo4B2LIUUtLdL6wbTqOiFJY
FirtdPT1+S1JPrpn1TVJ0Y34HBhin/1X+2/Vw20Uhc+FGXTDKySAZlYCrahR/hPi
Q0eP
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:08:40 2025 by rpki-client