Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/VCAwWZ9rCpOgRbWaR-Mt_XNvoAs.roa
File: VCAwWZ9rCpOgRbWaR-Mt_XNvoAs.roa (raw, json)
Hash identifier: AOA1cevRwpbH9c1Y3qkh8PFtO7TKkCHa9V08cN+S9so=
Subject key identifier: 54:20:30:59:9F:6B:0A:93:A0:45:B5:9A:47:E3:2D:FD:73:6F:A0:0B
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01965984B1E9EBD96D557AD211BE469F2F18
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/VCAwWZ9rCpOgRbWaR-Mt_XNvoAs.roa
Signing time: Mon 21 Apr 2025 18:03:10 +0000
ROA not before: Mon 21 Apr 2025 18:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 80.90.179.0/24 maxlen: 24
95.140.146.0/23 maxlen: 24
95.140.152.0/21 maxlen: 24
185.125.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 21:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:84:b1:e9:eb:d9:6d:55:7a:d2:11:be:46:9f:2f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Apr 21 18:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=542030599f6b0a93a045b59a47e32dfd736fa00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a6:7b:d2:9e:78:0e:62:06:7d:5f:3f:ac:9f:
b5:e6:de:9a:f6:97:1f:fc:39:47:f8:39:6c:c5:b2:
5e:4c:f1:bd:77:56:47:08:35:4e:a9:d7:c4:5d:38:
b8:58:12:aa:17:ea:ab:35:00:43:d0:0a:5e:02:e7:
b2:50:c9:45:d3:81:83:b1:3a:78:a8:dc:7d:b6:66:
ef:41:6b:3c:cf:bd:5e:bc:bd:87:1a:9e:16:92:7b:
89:4e:39:46:e5:07:54:1f:db:89:fa:12:ca:78:1a:
3c:20:13:5d:76:b1:a5:f6:c1:54:3c:f1:15:46:1a:
f6:25:d1:5a:eb:7f:0e:34:fe:d4:85:a8:97:14:2b:
0a:f7:d0:67:69:77:3c:94:bf:02:e3:f9:cb:d7:3a:
19:10:a4:9f:14:b2:1f:58:71:63:75:7c:a7:25:22:
4d:67:24:c3:41:47:58:94:af:15:51:58:35:95:a3:
2b:d6:df:10:69:e9:e3:98:33:76:82:1e:8e:5d:4d:
0f:03:ee:3b:bd:1c:b3:b7:a3:da:e6:c5:02:68:4f:
66:54:4d:8d:f2:5c:db:aa:8c:06:9f:38:7d:23:44:
9a:ed:d0:e4:9d:a9:8d:25:6c:55:24:4b:a3:e0:1a:
16:09:73:b4:6f:08:05:16:64:0b:01:53:17:15:3a:
f2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:20:30:59:9F:6B:0A:93:A0:45:B5:9A:47:E3:2D:FD:73:6F:A0:0B
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/VCAwWZ9rCpOgRbWaR-Mt_XNvoAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.179.0/24
95.140.146.0/23
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
16:1a:24:8c:c8:19:2a:44:66:e3:8b:30:ee:7a:b9:bc:3b:51:
45:7b:6d:c8:13:61:12:2c:22:5a:84:a8:53:a9:7b:1d:85:50:
64:aa:76:04:d6:a5:49:1b:1a:05:1b:c7:e6:52:58:c2:fe:4f:
e0:cb:df:95:de:92:0a:87:2e:6f:8c:7a:ca:cd:12:a3:bb:18:
54:95:dc:80:4a:af:55:42:b6:f7:1c:d6:1f:2a:d1:9d:b6:22:
a9:49:4a:54:f6:4a:4a:d8:f6:0e:f6:2e:89:c3:30:67:27:40:
7a:75:14:3a:3d:c2:0a:02:02:cd:cc:2c:e9:68:5c:83:6d:f0:
70:6c:58:7c:f8:96:56:3d:9e:78:01:58:5d:59:ba:b1:21:d0:
02:d1:9c:ce:1f:96:d7:63:7c:0d:f2:5e:39:f2:b6:3d:ae:68:
1b:dc:68:c3:86:8b:65:f3:cb:a3:f7:92:1e:f0:52:9b:29:20:
46:eb:2d:0c:37:49:04:0d:1a:4d:60:81:61:4e:f2:68:08:2f:
83:77:f2:2f:f0:87:16:c6:08:72:bc:1d:d1:d9:c0:20:58:58:
e9:cf:5c:6e:31:0c:9a:18:66:a2:db:eb:4c:df:ec:d0:1e:56:
b5:18:40:f1:ba:44:05:a1:9d:1e:ac:3f:67:43:67:22:69:8e:
0c:93:0c:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZZhLHp69ltVXrSEb5Gny8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjUwNDIxMTgwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDIwMzA1OTlmNmIwYTkzYTA0NWI1OWE0N2UzMmRmZDczNmZhMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqZ70p54DmIGfV8/rJ+15t6a9pcf
/DlH+DlsxbJeTPG9d1ZHCDVOqdfEXTi4WBKqF+qrNQBD0ApeAueyUMlF04GDsTp4
qNx9tmbvQWs8z71evL2HGp4WknuJTjlG5QdUH9uJ+hLKeBo8IBNddrGl9sFUPPEV
Rhr2JdFa638ONP7UhaiXFCsK99BnaXc8lL8C4/nL1zoZEKSfFLIfWHFjdXynJSJN
ZyTDQUdYlK8VUVg1laMr1t8QaenjmDN2gh6OXU0PA+47vRyzt6Pa5sUCaE9mVE2N
8lzbqowGnzh9I0Sa7dDknamNJWxVJEuj4BoWCXO0bwgFFmQLAVMXFTryDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFQgMFmfawqToEW1mkfjLf1zb6ALMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvVkNBd1daOXJDcE9nUmJXYVItTXRfWE52b0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUFqzAwQB
X4ySAwQDX4yYAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQAWGiSMyBkqRGbjizDu
erm8O1FFe23IE2ESLCJahKhTqXsdhVBkqnYE1qVJGxoFG8fmUljC/k/gy9+V3pIK
hy5vjHrKzRKjuxhUldyASq9VQrb3HNYfKtGdtiKpSUpU9kpK2PYO9i6JwzBnJ0B6
dRQ6PcIKAgLNzCzpaFyDbfBwbFh8+JZWPZ54AVhdWbqxIdAC0ZzOH5bXY3wN8l45
8rY9rmgb3GjDhotl88uj95Ie8FKbKSBG6y0MN0kEDRpNYIFhTvJoCC+Dd/Iv8IcW
xghyvB3R2cAgWFjpz1xuMQyaGGai2+tM3+zQHla1GEDxukQFoZ0erD9nQ2ciaY4M
kwzh
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:53:15 2025 by rpki-client