Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VQ1nL909CrrAsbJLWObUtDio0vA.roa
File: VQ1nL909CrrAsbJLWObUtDio0vA.roa (raw, json)
Hash identifier: QggecWXv7PyjQuM3835G7WnaJ1U0Oe09hishL+0beUw=
Subject key identifier: 55:0D:67:2F:DD:3D:0A:BA:C0:B1:B2:4B:58:E6:D4:B4:38:A8:D2:F0
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019666AA2D82C47AC907E9F64472881D61D7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VQ1nL909CrrAsbJLWObUtDio0vA.roa
Signing time: Thu 24 Apr 2025 07:19:10 +0000
ROA not before: Thu 24 Apr 2025 07:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212512
IP address blocks: 45.82.76.0/22 maxlen: 24
45.131.155.0/24 maxlen: 24
88.218.193.0/24 maxlen: 24
185.207.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:aa:2d:82:c4:7a:c9:07:e9:f6:44:72:88:1d:61:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 24 07:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=550d672fdd3d0abac0b1b24b58e6d4b438a8d2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:44:f8:7a:8a:8e:9b:c7:d9:d7:c3:0a:79:9e:
54:59:f0:c4:09:8d:71:a9:93:4e:6a:66:dd:ae:cd:
d4:73:ec:2a:16:ca:13:d3:a5:d0:f4:ca:83:ad:c0:
ca:44:14:21:7f:1c:80:32:1e:e2:84:39:d6:56:83:
7a:ff:a6:a4:5e:4b:b7:db:de:f7:3f:de:e7:f2:de:
88:cf:a3:30:9e:8e:ee:38:85:60:74:81:88:94:1b:
f3:08:18:a3:00:76:97:21:09:35:8b:03:74:ac:8c:
fa:e0:e1:0c:28:5b:5c:25:39:52:75:dc:3e:0e:75:
82:3d:c4:82:d9:3c:65:72:17:65:37:1d:77:17:c0:
54:7f:79:f6:2b:d7:11:75:9d:b2:f4:78:ea:9c:f3:
b0:6d:f7:d9:e3:ee:4e:06:18:82:1d:21:40:6f:5e:
ed:0b:b5:67:af:6d:c3:5a:ce:97:4b:0c:be:28:8d:
a3:82:6e:e9:dd:24:f0:45:7a:87:7c:6d:9b:2d:fe:
61:42:d2:11:7b:cf:86:d4:49:65:11:7e:6b:6f:0b:
92:21:86:54:ff:ba:50:2b:15:79:04:38:b9:7b:8b:
a8:7c:c3:dd:82:90:20:19:23:ab:08:bc:a7:08:7e:
2e:0a:76:f2:2e:de:2e:8e:9c:77:88:c1:1d:3b:88:
fb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0D:67:2F:DD:3D:0A:BA:C0:B1:B2:4B:58:E6:D4:B4:38:A8:D2:F0
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VQ1nL909CrrAsbJLWObUtDio0vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.76.0/22
45.131.155.0/24
88.218.193.0/24
185.207.153.0/24
Signature Algorithm: sha256WithRSAEncryption
33:fe:30:10:6b:65:b8:aa:e7:8a:fb:14:ae:0e:83:90:fa:05:
d1:0f:6c:1a:35:36:70:fb:6f:42:0a:0f:d6:47:76:29:e0:43:
a9:62:41:24:fc:62:15:c8:cb:a5:66:ee:35:e7:9b:22:d5:12:
6e:77:29:17:8f:f9:9c:61:ec:b9:0c:bb:e6:a9:a2:dc:2a:81:
17:ee:5d:29:a7:93:80:ed:7b:ef:bc:70:d2:bd:50:f3:fc:7e:
72:41:27:63:26:4a:44:72:c4:d5:51:fb:33:e9:28:91:c4:af:
dd:d2:8c:b2:fc:71:29:fc:52:44:2b:71:72:35:8e:a2:bb:2b:
3a:92:56:96:47:36:d6:30:96:a8:ba:66:d9:6c:00:6f:83:97:
87:1b:0f:2d:fa:0f:9d:0f:8b:08:48:fa:b9:8b:e7:da:ea:46:
58:b1:e4:c4:d2:30:1c:9b:c2:27:d6:14:cf:b7:d4:6a:eb:e4:
78:16:ce:49:e8:c8:00:47:a8:65:24:dd:3c:a1:fd:53:0f:d0:
3d:eb:0b:d9:26:3b:57:dc:a8:af:e0:53:0b:43:ed:69:de:41:
65:58:6a:a6:74:9a:d8:b9:50:cf:f0:92:1e:d2:d4:a0:bb:13:
aa:9e:c3:af:eb:98:1b:75:39:45:3d:2f:9c:3a:43:17:54:ff:
49:99:70:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZmqi2CxHrJB+n2RHKIHWHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwNDI0MDcxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTBkNjcyZmRkM2QwYWJhYzBiMWIyNGI1OGU2ZDRiNDM4YThkMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kT4eoqOm8fZ18MKeZ5UWfDECY1x
qZNOambdrs3Uc+wqFsoT06XQ9MqDrcDKRBQhfxyAMh7ihDnWVoN6/6akXku32973
P97n8t6Iz6Mwno7uOIVgdIGIlBvzCBijAHaXIQk1iwN0rIz64OEMKFtcJTlSddw+
DnWCPcSC2TxlchdlNx13F8BUf3n2K9cRdZ2y9HjqnPOwbffZ4+5OBhiCHSFAb17t
C7Vnr23DWs6XSwy+KI2jgm7p3STwRXqHfG2bLf5hQtIRe8+G1EllEX5rbwuSIYZU
/7pQKxV5BDi5e4uofMPdgpAgGSOrCLynCH4uCnbyLt4ujpx3iMEdO4j7pQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFUNZy/dPQq6wLGyS1jm1LQ4qNLwMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVlExbkw5MDlDcnJBc2JKTFdPYlV0RGlvMHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVJMAwQA
LYObAwQAWNrBAwQAuc+ZMA0GCSqGSIb3DQEBCwUAA4IBAQAz/jAQa2W4queK+xSu
DoOQ+gXRD2waNTZw+29CCg/WR3Yp4EOpYkEk/GIVyMulZu4155si1RJudykXj/mc
Yey5DLvmqaLcKoEX7l0pp5OA7XvvvHDSvVDz/H5yQSdjJkpEcsTVUfsz6SiRxK/d
0oyy/HEp/FJEK3FyNY6iuys6klaWRzbWMJaoumbZbABvg5eHGw8t+g+dD4sISPq5
i+fa6kZYseTE0jAcm8In1hTPt9Rq6+R4Fs5J6MgAR6hlJN08of1TD9A96wvZJjtX
3Kiv4FMLQ+1p3kFlWGqmdJrYuVDP8JIe0tSguxOqnsOv65gbdTlFPS+cOkMXVP9J
mXBH
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:52:54 2025 by rpki-client