Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/vn3_sUEKIuyfwPbmP6Ghdkym3x8.roa
File: vn3_sUEKIuyfwPbmP6Ghdkym3x8.roa (raw, json)
Hash identifier: 2yCzjx3NZvv5+ZPTaYqAIW7pi/CmVDJQBAJTexRz+V8=
Subject key identifier: BE:7D:FF:B1:41:0A:22:EC:9F:C0:F6:E6:3F:A1:A1:76:4C:A6:DF:1F
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0196B390C2A0759AC14B0D29561CDBF1C1CC
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/vn3_sUEKIuyfwPbmP6Ghdkym3x8.roa
Signing time: Fri 09 May 2025 05:42:10 +0000
ROA not before: Fri 09 May 2025 05:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 84.55.1.0/24 maxlen: 24
84.55.3.0/24 maxlen: 24
84.55.9.0/24 maxlen: 24
84.55.10.0/24 maxlen: 24
84.55.18.0/24 maxlen: 24
88.223.16.0/24 maxlen: 24
88.223.17.0/24 maxlen: 24
88.223.18.0/24 maxlen: 24
88.223.19.0/24 maxlen: 24
88.223.20.0/24 maxlen: 24
88.223.21.0/24 maxlen: 24
88.223.22.0/24 maxlen: 24
88.223.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:90:c2:a0:75:9a:c1:4b:0d:29:56:1c:db:f1:c1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: May 9 05:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be7dffb1410a22ec9fc0f6e63fa1a1764ca6df1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:00:3a:7a:cf:df:c0:32:ae:ea:08:38:b2:ed:
39:c0:fb:4e:81:ef:99:9e:ac:03:01:64:c9:c2:70:
9b:f3:08:48:64:32:59:34:6f:fa:77:df:cb:b4:15:
01:f9:9c:07:7e:13:ab:0b:d6:6c:f6:0c:ca:f6:95:
57:c2:bc:0a:0f:3d:80:9a:7c:ab:00:a4:ca:be:92:
5a:3d:15:89:11:27:da:60:6e:3e:88:62:39:db:18:
d9:d9:03:07:2d:a3:14:28:e9:76:71:e9:18:9e:b8:
73:3e:0c:de:f2:cc:fe:c6:1d:1b:62:87:c2:7b:c7:
1b:82:3c:9d:df:2f:38:7d:fc:a7:64:1b:13:f6:97:
d8:29:43:8a:4f:08:89:08:59:05:21:96:24:b1:c1:
1e:34:f7:96:fb:0d:c8:c1:44:2b:93:12:8c:0a:68:
b7:b8:92:62:20:8e:81:d8:d5:44:23:74:c2:a3:b0:
d8:a4:49:08:07:ee:74:0a:ae:c1:28:5e:53:46:60:
20:bb:06:20:f8:e5:51:19:be:a2:3f:9e:bd:e3:16:
c1:a2:b4:cc:d5:4e:ea:1a:df:9e:a2:7d:8e:6a:6c:
9b:59:b7:47:ff:57:10:6e:bf:a7:26:19:29:7d:e4:
1b:df:cc:92:2f:b5:68:99:05:35:4b:1b:db:2b:43:
a6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7D:FF:B1:41:0A:22:EC:9F:C0:F6:E6:3F:A1:A1:76:4C:A6:DF:1F
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/vn3_sUEKIuyfwPbmP6Ghdkym3x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.1.0/24
84.55.3.0/24
84.55.9.0-84.55.10.255
84.55.18.0/24
88.223.16.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:f4:95:13:2e:0a:bd:2f:43:b3:e3:96:5b:02:5e:bd:18:9c:
65:3d:2a:96:75:c3:05:e5:8a:b9:19:1f:ea:42:36:7b:7a:72:
5c:73:75:7d:aa:f8:84:e6:a9:df:9d:63:6e:59:e2:54:82:93:
2b:40:19:55:56:46:f0:11:ae:fa:2f:ef:f7:73:ff:13:75:f2:
68:75:11:65:80:a3:44:8b:c5:11:e7:70:65:c4:03:8e:3d:0c:
2a:38:7e:37:38:d3:a6:14:8a:3d:16:ec:1b:94:61:26:07:8c:
2e:b4:f5:3f:6b:d3:b3:64:9b:70:77:d1:d8:7d:0d:46:72:21:
e1:32:f1:01:36:9d:fc:69:59:d8:53:46:6c:1b:fd:64:03:0a:
75:19:e9:32:71:c8:05:f2:f8:29:6a:4f:4c:58:98:4b:3d:9d:
93:11:e4:f7:0f:89:9e:68:aa:3b:ab:47:04:8c:8f:78:86:23:
4e:9c:3c:1c:d3:46:e0:19:11:3d:43:b7:67:df:38:b4:7a:7b:
6e:c4:69:5c:c9:dd:a1:69:0c:59:70:ba:10:ab:45:51:8b:54:
69:ff:3e:63:b1:43:b7:ce:53:14:37:99:04:0b:04:e2:b9:97:
f1:37:84:68:74:51:39:37:7f:f5:0f:30:18:35:9a:68:5b:02:
3c:09:33:33
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZazkMKgdZrBSw0pVhzb8cHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwNTA5MDU0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdkZmZiMTQxMGEyMmVjOWZjMGY2ZTYzZmExYTE3NjRjYTZkZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgA6es/fwDKu6gg4su05wPtOge+Z
nqwDAWTJwnCb8whIZDJZNG/6d9/LtBUB+ZwHfhOrC9Zs9gzK9pVXwrwKDz2Amnyr
AKTKvpJaPRWJESfaYG4+iGI52xjZ2QMHLaMUKOl2cekYnrhzPgze8sz+xh0bYofC
e8cbgjyd3y84ffynZBsT9pfYKUOKTwiJCFkFIZYkscEeNPeW+w3IwUQrkxKMCmi3
uJJiII6B2NVEI3TCo7DYpEkIB+50Cq7BKF5TRmAguwYg+OVRGb6iP5694xbBorTM
1U7qGt+eon2OamybWbdH/1cQbr+nJhkpfeQb38ySL7VomQU1SxvbK0Om+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL59/7FBCiLsn8D25j+hoXZMpt8fMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvdm4zX3NVRUtJdXlmd1BibVA2R2hka3ltM3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVDcBAwQA
VDcDMAwDBABUNwkDBABUNwoDBABUNxIDBANY3xAwDQYJKoZIhvcNAQELBQADggEB
AAv0lRMuCr0vQ7PjllsCXr0YnGU9KpZ1wwXlirkZH+pCNnt6clxzdX2q+ITmqd+d
Y25Z4lSCkytAGVVWRvARrvov7/dz/xN18mh1EWWAo0SLxRHncGXEA449DCo4fjc4
06YUij0W7BuUYSYHjC609T9r07Nkm3B30dh9DUZyIeEy8QE2nfxpWdhTRmwb/WQD
CnUZ6TJxyAXy+ClqT0xYmEs9nZMR5PcPiZ5oqjurRwSMj3iGI06cPBzTRuAZET1D
t2ffOLR6e27EaVzJ3aFpDFlwuhCrRVGLVGn/PmOxQ7fOUxQ3mQQLBOK5l/E3hGh0
UTk3f/UPMBg1mmhbAjwJMzM=
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:51:35 2025 by rpki-client