Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vhpyomDh_Wyflq4VOGHfdU47J38.roa
File: vhpyomDh_Wyflq4VOGHfdU47J38.roa (raw, json)
Hash identifier: Q7tlMKNwh5igO6DILNszHrgDUNdx/HCxAsmZui8dfJw=
Subject key identifier: BE:1A:72:A2:60:E1:FD:6C:9F:96:AE:15:38:61:DF:75:4E:3B:27:7F
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0194F099868D8F3F7611D5AF727899A1BABC
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vhpyomDh_Wyflq4VOGHfdU47J38.roa
Signing time: Mon 10 Feb 2025 16:03:00 +0000
ROA not before: Mon 10 Feb 2025 16:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
139.28.222.0/24 maxlen: 24
139.28.223.0/24 maxlen: 24
147.78.64.0/24 maxlen: 24
147.78.65.0/24 maxlen: 24
147.78.66.0/24 maxlen: 24
147.78.67.0/24 maxlen: 24
185.17.3.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.104.249.0/24 maxlen: 24
185.139.68.0/24 maxlen: 24
185.139.69.0/24 maxlen: 24
185.139.70.0/24 maxlen: 24
185.139.71.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.180.231.0/24 maxlen: 24
185.188.182.0/24 maxlen: 24
185.188.183.0/24 maxlen: 24
185.195.24.0/24 maxlen: 24
185.195.25.0/24 maxlen: 24
185.195.26.0/24 maxlen: 24
185.195.27.0/24 maxlen: 24
185.204.0.0/24 maxlen: 24
185.204.2.0/24 maxlen: 24
185.204.3.0/24 maxlen: 24
185.212.148.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.255.132.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
195.66.114.0/24 maxlen: 24
2a04:5200:fb01::/48 maxlen: 48
2a04:5200:fb02::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:99:86:8d:8f:3f:76:11:d5:af:72:78:99:a1:ba:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 10 16:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be1a72a260e1fd6c9f96ae153861df754e3b277f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:30:5b:a8:5d:f6:d8:99:fa:ec:8f:d4:a7:08:
d4:c9:9e:66:0e:e2:c4:0a:37:28:94:bd:ba:ef:b6:
79:32:53:22:9c:22:8e:b7:23:ef:31:0d:de:cb:53:
6a:41:9f:97:56:01:0e:81:c6:54:41:cb:db:07:3c:
a6:36:2e:c9:3b:45:f9:eb:6e:dc:05:85:41:66:2b:
75:48:5a:2a:46:a7:c0:43:08:8c:9a:1f:da:c0:a7:
9e:92:c5:28:22:48:ef:5a:83:bd:75:ee:65:17:c1:
63:c6:9b:c9:80:20:47:4a:f6:1a:83:d2:9c:49:5e:
98:7c:9c:cc:b8:09:03:29:20:f5:32:25:1c:dc:f4:
23:a1:7a:d3:ba:e9:89:82:ba:cb:f7:10:5b:b8:0b:
61:b0:69:b7:47:7a:81:43:29:6a:0f:27:dd:18:92:
75:17:f1:68:1c:96:4f:08:6c:b2:82:e0:f7:01:8b:
4f:26:18:59:fc:f5:7f:ae:71:e9:47:a3:68:42:97:
87:d1:2c:27:e8:db:d5:54:9a:ad:5d:6b:52:f9:2e:
ca:80:41:a5:0e:09:b3:91:f8:3d:ee:93:37:34:0d:
22:5b:d1:65:f4:30:14:c6:47:4b:4a:e5:d2:79:bb:
a7:7f:6f:a9:72:5c:87:61:65:50:f2:82:26:07:18:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1A:72:A2:60:E1:FD:6C:9F:96:AE:15:38:61:DF:75:4E:3B:27:7F
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vhpyomDh_Wyflq4VOGHfdU47J38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
139.28.222.0/23
147.78.64.0/22
185.17.3.0/24
185.104.248.0/23
185.139.68.0/22
185.180.230.0/23
185.188.182.0/23
185.195.24.0/22
185.204.0.0/24
185.204.2.0/23
185.212.148.0/24
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
193.109.78.0/23
195.66.114.0/24
IPv6:
2a04:5200:fb01::-2a04:5200:fb02:ffff:ffff:ffff:ffff:ffff
2a04:5200:ff00::/48
2a04:5200:ff10::/48
2a04:5200:fff1::-2a04:5200:fff9:ffff:ffff:ffff:ffff:ffff
2a04:5200:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
bb:05:aa:41:69:18:d7:16:6b:17:06:8b:44:4e:eb:6f:43:9b:
2a:c7:db:c6:0a:88:4b:51:88:5c:ab:3e:41:35:31:c7:19:7a:
a5:ee:01:63:1e:05:15:aa:e0:25:2b:cc:63:2c:c4:ac:11:f2:
6d:aa:0e:90:14:48:f0:40:bc:e2:8e:3b:6d:68:49:e5:68:1f:
e1:06:53:93:75:f4:0f:c2:db:68:72:ab:c6:f1:c4:81:c3:92:
41:ad:7a:e8:fa:2f:49:c3:9c:f2:c0:5c:43:21:e6:f1:e7:29:
3e:63:6c:56:ac:5e:73:ba:94:78:ea:07:24:3d:05:ed:96:de:
31:46:58:0d:6b:db:bb:59:9f:26:0f:7e:1b:64:ac:52:0b:a3:
d9:8b:e8:f6:69:f0:aa:2c:24:f5:68:24:c5:20:64:3b:24:54:
1f:81:ae:e0:e7:59:9b:2c:7b:2c:85:60:e0:ec:88:8e:9b:46:
fc:22:80:55:0d:e5:69:39:07:3b:6a:f7:6b:3b:03:6d:30:b3:
50:d8:68:59:55:b2:dd:a6:c2:bd:3f:02:ad:5c:15:28:95:74:
5b:18:ae:d1:82:53:d6:b4:1c:37:fe:04:62:d4:a5:b5:95:0b:
76:2e:8f:7b:80:1e:7c:6a:b9:68:61:77:dd:9b:f7:72:31:3d:
b4:bb:e9:73
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZTwmYaNjz92EdWvcniZobq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMjEwMTYwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhNzJhMjYwZTFmZDZjOWY5NmFlMTUzODYxZGY3NTRlM2IyNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzBbqF322Jn67I/UpwjUyZ5mDuLE
CjcolL2677Z5MlMinCKOtyPvMQ3ey1NqQZ+XVgEOgcZUQcvbBzymNi7JO0X5627c
BYVBZit1SFoqRqfAQwiMmh/awKeeksUoIkjvWoO9de5lF8FjxpvJgCBHSvYag9Kc
SV6YfJzMuAkDKSD1MiUc3PQjoXrTuumJgrrL9xBbuAthsGm3R3qBQylqDyfdGJJ1
F/FoHJZPCGyyguD3AYtPJhhZ/PV/rnHpR6NoQpeH0Swn6NvVVJqtXWtS+S7KgEGl
Dgmzkfg97pM3NA0iW9Fl9DAUxkdLSuXSebunf2+pclyHYWVQ8oImBxil8QIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFL4acqJg4f1sn5auFThh33VOOyd/MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdmhweW9tRGhfV3lmbHE0Vk9HSGZkVTQ3SjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTB4BAIAATByAwQCLZBA
AwQALhFoAwQAW9lRAwQBixzeAwQCk05AAwQAuREDAwQBuWj4AwQCuYtEAwQBubTm
AwQBuby2AwQCucMYAwQAucwAAwQBucwCAwQAudSUAwQBufSsAwQBufySAwQCuf+E
AwQBwW1OAwQAw0JyMEkEAgACMEMwEgMHACoEUgD7AQMHACoEUgD7AgMHACoEUgD/
AAMHACoEUgD/EDASAwcAKgRSAP/xAwcBKgRSAP/4AwcAKgRSAP//MA0GCSqGSIb3
DQEBCwUAA4IBAQC7BapBaRjXFmsXBotETutvQ5sqx9vGCohLUYhcqz5BNTHHGXql
7gFjHgUVquAlK8xjLMSsEfJtqg6QFEjwQLzijjttaEnlaB/hBlOTdfQPwttocqvG
8cSBw5JBrXro+i9Jw5zywFxDIebx5yk+Y2xWrF5zupR46gckPQXtlt4xRlgNa9u7
WZ8mD34bZKxSC6PZi+j2afCqLCT1aCTFIGQ7JFQfga7g51mbLHsshWDg7IiOm0b8
IoBVDeVpOQc7avdrOwNtMLNQ2GhZVbLdpsK9PwKtXBUolXRbGK7RglPWtBw3/gRi
1KW1lQt2Lo97gB58arloYXfdm/dyMT20u+lz
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:19 2025 by rpki-client