Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VZp7i2hvHYx34IvAR6wjA3kplDg.roa
File: VZp7i2hvHYx34IvAR6wjA3kplDg.roa (raw, json)
Hash identifier: C8+TppiDm6M1QxVbUmKk/j0jk5yBNl97gi2QqnB75O0=
Subject key identifier: 55:9A:7B:8B:68:6F:1D:8C:77:E0:8B:C0:47:AC:23:03:79:29:94:38
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01963EE6C93EDB566408E99C12FA4D668EEC
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VZp7i2hvHYx34IvAR6wjA3kplDg.roa
Signing time: Wed 16 Apr 2025 14:00:34 +0000
ROA not before: Wed 16 Apr 2025 14:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 22:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:e6:c9:3e:db:56:64:08:e9:9c:12:fa:4d:66:8e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Apr 16 14:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=559a7b8b686f1d8c77e08bc047ac230379299438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:09:23:1b:68:8f:e0:84:f9:5d:c1:87:08:fd:
05:e6:be:c4:08:3b:be:2c:5f:4a:a2:df:2a:26:c6:
17:d3:fe:30:bd:cc:08:10:0c:3a:55:08:b5:ec:b5:
aa:08:cc:3f:dc:4e:ef:e2:67:fb:70:0e:c8:a7:21:
f4:31:02:2b:d9:19:fe:2d:ee:87:7a:8f:4a:d2:8a:
b4:3d:9d:96:a0:07:b1:bd:8e:73:ab:4b:8e:9d:ee:
fc:9b:f1:63:76:75:91:e2:8b:ce:de:4c:c3:66:38:
1a:77:c1:d1:f4:8a:de:4a:b1:92:71:86:15:17:e9:
58:74:9b:f7:dc:41:e1:bb:e3:cc:e9:07:38:06:ac:
dc:ee:a1:35:29:8c:66:f2:de:1f:41:18:9a:cb:69:
37:16:3c:be:51:20:4c:ff:ea:49:cb:58:7c:1d:8c:
0d:82:a5:6e:99:9f:25:18:b3:e5:2f:08:b2:3d:9d:
32:ed:7f:eb:02:4f:45:6a:d7:a0:d1:2a:18:db:da:
2c:f8:b7:b3:0a:2c:ef:53:6c:f3:e7:c3:e9:7a:ff:
e3:f0:87:d1:ce:a1:b3:cf:97:30:22:33:92:9c:49:
2e:5c:4e:d2:12:78:d0:80:19:40:2c:f8:3e:86:6e:
65:25:85:57:0c:31:d8:28:de:d5:84:ae:44:42:8f:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9A:7B:8B:68:6F:1D:8C:77:E0:8B:C0:47:AC:23:03:79:29:94:38
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VZp7i2hvHYx34IvAR6wjA3kplDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
86.106.104.0/24
89.34.8.0/21
89.37.136.0/24
89.43.46.0/24
89.44.209.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
cd:b8:f3:35:dd:cf:88:98:ce:35:54:62:1f:74:a7:e4:98:6b:
38:10:cd:7c:4d:70:24:d7:7f:af:8e:1a:2c:35:2c:40:17:ab:
ef:27:cd:66:20:46:1a:e5:74:c5:72:5e:78:ba:1d:66:e7:3d:
09:34:38:e7:63:d0:44:a7:4d:31:b8:d7:d3:d5:55:e4:42:4f:
d9:2a:26:76:ed:f8:c6:14:dd:62:4e:fc:96:61:cd:f3:2b:a0:
56:92:66:69:c1:ae:aa:64:45:02:9c:e7:96:02:94:f0:d6:13:
85:3c:39:e8:4e:e3:b4:c5:e9:35:cf:29:cc:19:fd:7c:a0:1f:
0e:29:fd:da:c3:f1:b3:e6:fa:62:f5:92:85:b9:67:e4:a6:25:
e6:7a:68:62:c7:54:51:4b:af:b7:9f:a1:2c:0c:24:20:d6:93:
96:6b:7f:46:d3:32:c6:98:e2:1f:5c:5d:ad:ae:26:33:64:82:
f2:5b:2f:30:2f:04:fb:b8:46:8e:f5:e4:ab:07:1e:23:eb:73:
53:2e:cf:ec:fb:e1:09:c6:71:3f:a7:b8:1a:9a:0f:b6:27:07:
8c:6d:f5:71:1b:84:8b:89:c5:b3:57:a6:96:77:4b:94:ca:89:
81:f9:ed:d6:78:e2:8a:8e:96:42:d7:85:fd:03:22:0d:a6:52:
f1:ed:f0:de
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZY+5sk+21ZkCOmcEvpNZo7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwNDE2MTQwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTlhN2I4YjY4NmYxZDhjNzdlMDhiYzA0N2FjMjMwMzc5Mjk5NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQkjG2iP4IT5XcGHCP0F5r7ECDu+
LF9Kot8qJsYX0/4wvcwIEAw6VQi17LWqCMw/3E7v4mf7cA7IpyH0MQIr2Rn+Le6H
eo9K0oq0PZ2WoAexvY5zq0uOne78m/FjdnWR4ovO3kzDZjgad8HR9IreSrGScYYV
F+lYdJv33EHhu+PM6Qc4Bqzc7qE1KYxm8t4fQRiay2k3Fjy+USBM/+pJy1h8HYwN
gqVumZ8lGLPlLwiyPZ0y7X/rAk9Fateg0SoY29os+LezCizvU2zz58Ppev/j8IfR
zqGzz5cwIjOSnEkuXE7SEnjQgBlALPg+hm5lJYVXDDHYKN7VhK5EQo/HhQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFFWae4tobx2Md+CLwEesIwN5KZQ4MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvVlpwN2kyaHZIWXgzNEl2QVI2d2pBM2twbERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQAVcx9AwQA
VmpoAwQDWSIIAwQAWSWIAwQAWSsuAwQAWSzRAwQAXXGeAwQAXXI3AwQAXXJjAwQA
XXKrAwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBAM248zXdz4iYzjVUYh90p+SYazgQzXxNcCTXf6+OGiw1LEAXq+8n
zWYgRhrldMVyXni6HWbnPQk0OOdj0ESnTTG419PVVeRCT9kqJnbt+MYU3WJO/JZh
zfMroFaSZmnBrqpkRQKc55YClPDWE4U8OehO47TF6TXPKcwZ/XygHw4p/drD8bPm
+mL1koW5Z+SmJeZ6aGLHVFFLr7efoSwMJCDWk5Zrf0bTMsaY4h9cXa2uJjNkgvJb
LzAvBPu4Ro715KsHHiPrc1Muz+z74QnGcT+nuBqaD7YnB4xt9XEbhIuJxbNXppZ3
S5TKiYH57dZ44oqOlkLXhf0DIg2mUvHt8N4=
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:10:20 2025 by rpki-client