Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/vx0LBPGo6U2A4w4ADzD_udSk_bE.roa
File: vx0LBPGo6U2A4w4ADzD_udSk_bE.roa (raw, json)
Hash identifier: 1BQsFPNT0rTtzolZzu4KuR7RQiaLrcqqi5uIXl00aQQ=
Subject key identifier: BF:1D:0B:04:F1:A8:E9:4D:80:E3:0E:00:0F:30:FF:B9:D4:A4:FD:B1
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D753FFC1234C50DD1146BDE7ACD36B
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/vx0LBPGo6U2A4w4ADzD_udSk_bE.roa
Signing time: Wed 01 Jan 2025 21:48:21 +0000
ROA not before: Wed 01 Jan 2025 21:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 5.40.32.0/23 maxlen: 24
5.40.32.0/24 maxlen: 24
5.40.33.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
5.40.191.0/24 maxlen: 24
5.40.252.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
62.82.238.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
89.140.112.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:53:ff:c1:23:4c:50:dd:11:46:bd:e7:ac:d3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf1d0b04f1a8e94d80e30e000f30ffb9d4a4fdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dd:7f:de:bf:cb:94:0c:94:89:e0:07:c3:68:
46:75:bc:1f:f0:d8:57:5f:c9:22:aa:a6:8c:d4:22:
8c:b8:e7:03:24:0e:56:90:c1:12:9e:63:16:b5:62:
7c:3e:0d:18:3b:ef:2a:c3:df:5c:be:b5:b6:4d:58:
51:cf:8a:e1:88:4f:09:e3:20:c4:92:39:b8:f0:fd:
2d:7b:7d:7a:74:8f:4b:13:0b:75:e3:05:91:6a:e2:
0d:de:65:f5:dc:86:10:99:7f:4e:5d:d7:0a:1d:c9:
0f:18:eb:d0:f3:df:6e:be:59:fe:1e:65:3d:6b:7b:
1d:cf:00:5f:52:a0:14:5f:4c:02:e7:31:44:d0:fb:
eb:14:b8:9f:01:4f:85:4a:6b:00:d3:dd:d8:58:a7:
85:fd:41:89:f7:c2:3d:9c:09:b9:27:21:9c:45:34:
99:fd:9d:cf:b9:0c:a8:e8:6a:4f:8f:65:15:ee:6e:
c4:4b:68:db:78:41:9c:ee:de:4e:8e:0f:7f:e4:36:
e2:81:54:fe:c4:bf:f5:9e:12:62:40:29:f6:b2:38:
e5:93:b6:d1:ee:e1:23:43:b6:a3:54:16:f5:e2:5a:
05:ee:bc:01:9f:5d:39:eb:8e:c1:9c:50:d1:5f:6f:
1f:7b:4e:49:bc:6f:be:5c:87:10:2a:fc:cd:ed:d2:
b1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1D:0B:04:F1:A8:E9:4D:80:E3:0E:00:0F:30:FF:B9:D4:A4:FD:B1
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/vx0LBPGo6U2A4w4ADzD_udSk_bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:be:38:c7:15:14:8a:be:fc:e7:b5:9c:fd:f8:50:46:c0:1f:
ea:ac:9b:ab:99:72:db:f7:85:dc:af:45:7e:66:36:57:13:b1:
b4:ff:18:0d:1a:ee:12:7c:0f:f0:1a:44:34:d9:90:86:f0:15:
9c:fa:1e:bc:07:e3:e0:b7:3c:c3:3e:78:a4:df:34:ab:fd:f0:
b5:09:7f:d6:5e:3a:fc:6e:54:04:7c:24:7c:b8:f6:24:88:92:
9c:4e:f6:f7:e6:31:03:d7:75:b5:85:3a:e1:cb:43:04:81:8d:
6f:f0:52:ed:fd:f4:1a:80:f4:a8:96:d3:7d:37:37:a1:b5:73:
14:2f:82:7c:2b:38:ac:e6:d3:31:1f:1a:71:8c:99:ab:2d:44:
55:0a:4c:f2:cf:69:8a:eb:f5:08:0d:0c:1c:b0:fa:94:2d:15:
64:44:69:dd:2d:0a:87:9a:01:a2:d7:6a:46:b8:fc:e4:cc:52:
6a:88:6e:48:59:64:49:0c:3f:3e:bb:b8:89:ff:e4:13:ed:64:
23:35:ce:dc:f7:a8:2b:9e:9d:df:44:db:88:f2:37:4f:c7:d4:
d0:6c:a8:1d:75:99:18:9a:2e:46:d3:90:7f:9e:90:6c:36:3d:
4d:d1:ea:8f:81:aa:53:4d:46:14:3a:e2:b4:f0:6d:1c:b0:ac:
a8:c9:37:ca
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQj11P/wSNMUN0RRr3nrNNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFkMGIwNGYxYThlOTRkODBlMzBlMDAwZjMwZmZiOWQ0YTRmZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd1/3r/LlAyUieAHw2hGdbwf8NhX
X8kiqqaM1CKMuOcDJA5WkMESnmMWtWJ8Pg0YO+8qw99cvrW2TVhRz4rhiE8J4yDE
kjm48P0te316dI9LEwt14wWRauIN3mX13IYQmX9OXdcKHckPGOvQ899uvln+HmU9
a3sdzwBfUqAUX0wC5zFE0PvrFLifAU+FSmsA093YWKeF/UGJ98I9nAm5JyGcRTSZ
/Z3PuQyo6GpPj2UV7m7ES2jbeEGc7t5Ojg9/5DbigVT+xL/1nhJiQCn2sjjlk7bR
7uEjQ7ajVBb14loF7rwBn105647BnFDRX28fe05JvG++XIcQKvzN7dKxXwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL8dCwTxqOlNgOMOAA8w/7nUpP2xMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvdngwTEJQR282VTJBNHc0QUR6RF91ZFNrX2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQBM
vjjHFRSKvvzntZz9+FBGwB/qrJurmXLb94Xcr0V+ZjZXE7G0/xgNGu4SfA/wGkQ0
2ZCG8BWc+h68B+PgtzzDPnik3zSr/fC1CX/WXjr8blQEfCR8uPYkiJKcTvb35jED
13W1hTrhy0MEgY1v8FLt/fQagPSoltN9NzehtXMUL4J8Kzis5tMxHxpxjJmrLURV
Ckzyz2mK6/UIDQwcsPqULRVkRGndLQqHmgGi12pGuPzkzFJqiG5IWWRJDD8+u7iJ
/+QT7WQjNc7c96grnp3fRNuI8jdPx9TQbKgddZkYmi5G05B/npBsNj1N0eqPgapT
TUYUOuK08G0csKyoyTfK
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:32:57 2025 by rpki-client