Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Vy0p_7q_2IKZLeQeXUv3D9Ji_FI.roa
File: Vy0p_7q_2IKZLeQeXUv3D9Ji_FI.roa (raw, json)
Hash identifier: 58NXTiFCUTLOV9lRmoeZtNZ4f20ASafZhKdz/HRCOK8=
Subject key identifier: 57:2D:29:FF:BA:BF:D8:82:99:2D:E4:1E:5D:4B:F7:0F:D2:62:FC:52
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01973AC461BA5298B809073754831D813AD8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Vy0p_7q_2IKZLeQeXUv3D9Ji_FI.roa
Signing time: Wed 04 Jun 2025 11:47:17 +0000
ROA not before: Wed 04 Jun 2025 11:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205125
IP address blocks: 45.95.201.0/24 maxlen: 24
2a03:e2c0::/32 maxlen: 32
2a0d:8340::/32 maxlen: 32
2a0d:8343::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:c4:61:ba:52:98:b8:09:07:37:54:83:1d:81:3a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 4 11:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=572d29ffbabfd882992de41e5d4bf70fd262fc52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:be:a5:6b:36:de:32:b8:de:8f:1d:ba:18:
5b:50:a2:da:d0:0c:49:2f:44:09:ef:00:1c:fc:6d:
ce:fd:5e:cc:51:c3:e8:63:d3:47:49:07:67:c2:f5:
5c:c7:80:e1:3f:71:0e:b6:86:6c:db:7b:c0:e1:5f:
22:00:62:33:f4:f7:85:73:cb:60:c3:20:77:25:ec:
ed:58:19:99:26:f3:f3:19:5c:2a:76:a9:60:82:9b:
5e:e9:91:20:fd:cc:e4:85:ac:11:be:da:e7:a1:05:
08:e1:f0:42:5a:81:c6:e3:81:00:48:7a:d2:66:1c:
dc:62:81:d4:ab:4c:92:4e:be:07:43:58:ad:84:d9:
10:e8:2b:38:f2:ba:21:81:35:c0:11:9c:ed:41:0d:
5b:30:4e:b3:90:ba:60:02:a9:6c:41:0d:02:e6:55:
74:09:62:a0:97:9d:2d:32:5a:83:5d:c0:8a:4f:c5:
dc:ed:39:7f:13:a1:61:d5:54:e2:e4:94:05:95:75:
1b:84:86:ce:75:d1:64:91:cc:0a:c4:89:21:b6:14:
64:70:31:a3:60:a6:ef:01:a1:03:54:f4:6c:bd:5a:
bd:40:1b:04:3b:cc:86:33:7f:16:28:bd:a2:de:41:
ad:cb:9c:8a:5f:c9:13:62:86:e0:db:ac:ae:7e:62:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2D:29:FF:BA:BF:D8:82:99:2D:E4:1E:5D:4B:F7:0F:D2:62:FC:52
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Vy0p_7q_2IKZLeQeXUv3D9Ji_FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.201.0/24
IPv6:
2a03:e2c0::/32
2a0d:8340::/32
2a0d:8343::/32
Signature Algorithm: sha256WithRSAEncryption
8b:e3:66:e1:fc:88:e6:9e:9e:0f:eb:2d:60:6c:8d:8c:b5:40:
b3:7c:67:42:8a:2f:6d:82:96:62:ca:3e:90:c4:10:ed:ef:f3:
8c:37:80:7c:72:03:ed:6f:5b:00:84:8e:63:2d:35:14:4e:5c:
c8:04:49:71:75:1b:6c:b2:ff:47:73:6f:41:46:78:64:c1:2d:
bb:e0:a0:67:0e:90:0d:98:a3:d5:a9:98:40:b1:de:55:0c:4a:
72:d6:ce:8c:7b:dc:86:b2:b3:e3:b6:97:3b:ce:71:49:5b:99:
ba:62:74:ea:1d:e6:b2:5a:d8:9f:66:1d:71:fb:d6:9c:d5:c6:
77:d1:9c:0a:5a:ab:fb:ee:88:ff:6c:b1:0f:39:6d:18:90:c8:
47:00:97:e4:8a:30:2d:e4:80:9d:99:1e:71:17:fe:fa:7b:85:
86:53:86:06:3a:ba:8a:ae:a5:07:d7:1c:80:61:60:0a:17:f4:
0d:08:64:91:9d:dd:54:d6:7c:71:6f:6d:c5:f8:b2:12:29:ee:
14:5b:9b:80:a0:9d:d4:5e:4f:47:87:0c:bc:4e:2e:31:5b:f5:
1d:42:c8:58:c6:ac:c2:b2:c0:80:1e:e2:57:4a:e4:f1:c2:35:
f2:85:e1:74:fe:0b:82:f0:bb:e0:b1:ac:0d:63:a2:28:63:38:
f7:02:3d:c1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZc6xGG6Upi4CQc3VIMdgTrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjA0MTE0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzJkMjlmZmJhYmZkODgyOTkyZGU0MWU1ZDRiZjcwZmQyNjJmYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7q+pWs23jK43o8duhhbUKLa0AxJ
L0QJ7wAc/G3O/V7MUcPoY9NHSQdnwvVcx4DhP3EOtoZs23vA4V8iAGIz9PeFc8tg
wyB3JeztWBmZJvPzGVwqdqlggpte6ZEg/czkhawRvtrnoQUI4fBCWoHG44EASHrS
ZhzcYoHUq0ySTr4HQ1ithNkQ6Cs48rohgTXAEZztQQ1bME6zkLpgAqlsQQ0C5lV0
CWKgl50tMlqDXcCKT8Xc7Tl/E6Fh1VTi5JQFlXUbhIbOddFkkcwKxIkhthRkcDGj
YKbvAaEDVPRsvVq9QBsEO8yGM38WKL2i3kGty5yKX8kTYobg26yufmKlkQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFctKf+6v9iCmS3kHl1L9w/SYvxSMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVnkwcF83cV8ySUtaTGVRZVhVdjNEOUppX0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQALV/JMBsE
AgACMBUDBQAqA+LAAwUAKg2DQAMFACoNg0MwDQYJKoZIhvcNAQELBQADggEBAIvj
ZuH8iOaeng/rLWBsjYy1QLN8Z0KKL22ClmLKPpDEEO3v84w3gHxyA+1vWwCEjmMt
NRROXMgESXF1G2yy/0dzb0FGeGTBLbvgoGcOkA2Yo9WpmECx3lUMSnLWzox73Iay
s+O2lzvOcUlbmbpidOod5rJa2J9mHXH71pzVxnfRnApaq/vuiP9ssQ85bRiQyEcA
l+SKMC3kgJ2ZHnEX/vp7hYZThgY6uoqupQfXHIBhYAoX9A0IZJGd3VTWfHFvbcX4
shIp7hRbm4CgndReT0eHDLxOLjFb9R1CyFjGrMKywIAe4ldK5PHCNfKF4XT+C4Lw
u+CxrA1joihjOPcCPcE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:57:23 2025 by rpki-client