Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/EV_VJQ7znLLT_4jLuRQdPiIqgco.roa
File: EV_VJQ7znLLT_4jLuRQdPiIqgco.roa (raw, json)
Hash identifier: D3X5PT8yDu7pN/mU+PmRQS2ADQ706uf76HlBQmopR6o=
Subject key identifier: 11:5F:D5:25:0E:F3:9C:B2:D3:FF:88:CB:B9:14:1D:3E:22:2A:81:CA
Certificate issuer: /CN=1fa8ac37f9695169627f75e098963396de9638cc
Certificate serial: 0196172302B3BFD3CEC953D14F74911E9147
Authority key identifier: 1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/EV_VJQ7znLLT_4jLuRQdPiIqgco.roa
Signing time: Tue 08 Apr 2025 20:41:32 +0000
ROA not before: Tue 08 Apr 2025 20:41:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51728
IP address blocks: 80.66.160.0/20 maxlen: 20
91.190.192.0/21 maxlen: 21
146.66.24.0/22 maxlen: 22
185.40.88.0/22 maxlen: 22
185.40.88.0/24 maxlen: 24
185.40.89.0/24 maxlen: 24
185.40.90.0/24 maxlen: 24
185.40.91.0/24 maxlen: 24
2a00:ac00::/32 maxlen: 32
2a00:ac01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:17:23:02:b3:bf:d3:ce:c9:53:d1:4f:74:91:1e:91:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa8ac37f9695169627f75e098963396de9638cc
Validity
Not Before: Apr 8 20:41:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=115fd5250ef39cb2d3ff88cbb9141d3e222a81ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3d:2a:4b:7b:13:1b:2d:80:f8:d0:35:bf:c4:
f1:9b:9d:b5:80:ca:60:d0:71:58:c9:d3:d0:c0:54:
4f:ce:d3:9b:81:ef:5e:05:2e:d2:41:a1:6e:43:36:
20:55:03:23:56:5d:5c:f9:f8:5e:3f:9d:9d:af:88:
fd:6c:c6:51:3c:89:d1:fc:4d:14:70:5b:3d:25:90:
54:81:54:d7:d6:22:c3:de:bf:15:ce:a4:8b:69:a7:
1e:55:25:b9:df:76:dd:e3:b5:d3:fd:c9:f3:d3:87:
c5:f2:fe:14:16:37:71:fb:ef:5b:c6:6a:3c:92:e3:
f6:4a:fb:7b:39:03:b9:6e:a4:91:0d:7a:55:dc:d4:
65:8b:86:f5:07:90:4d:4e:a6:03:24:bc:18:fc:36:
3b:cc:76:42:8f:d5:41:e4:5c:89:54:3a:90:82:c9:
51:98:2f:6a:7d:49:c8:8b:3c:7b:e3:24:10:54:e9:
bd:29:45:90:a4:d7:18:84:bc:e2:7d:df:0f:6f:16:
5e:ae:a8:0d:71:8c:8a:51:ec:92:07:6b:1c:11:39:
ae:b4:55:dc:25:48:7a:73:4d:ce:7a:bf:26:17:8b:
59:b2:8b:88:2f:d8:d5:15:f0:d0:fd:82:a7:aa:ba:
0d:f2:02:a3:af:2f:da:77:90:74:0d:e9:b6:a3:7d:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:5F:D5:25:0E:F3:9C:B2:D3:FF:88:CB:B9:14:1D:3E:22:2A:81:CA
X509v3 Authority Key Identifier:
keyid:1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/EV_VJQ7znLLT_4jLuRQdPiIqgco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.160.0/20
91.190.192.0/21
146.66.24.0/22
185.40.88.0/22
IPv6:
2a00:ac00::/31
Signature Algorithm: sha256WithRSAEncryption
16:64:d8:dc:64:40:5d:48:4d:ee:bc:83:bd:a3:f6:e0:47:a9:
05:9a:55:4c:c2:06:c2:6e:92:ae:a1:4d:9d:4d:32:db:29:23:
d8:63:0b:24:5a:78:4e:9f:1e:3d:1b:e0:28:b7:80:c5:65:14:
2a:ab:0d:96:3c:1b:34:fe:8a:9b:ee:90:27:bb:b7:15:6f:a9:
10:3b:e8:64:87:25:c7:30:57:a1:ad:f0:1f:00:c6:b3:f1:b9:
16:bd:6d:a3:95:c3:cf:a6:bd:56:ef:3b:0b:f9:5e:73:58:71:
95:8d:1e:14:4a:bf:af:57:11:c0:9b:3d:3c:3d:43:a2:a0:82:
f9:e1:65:fb:1f:8c:7d:01:b4:01:d2:57:7e:e4:ba:49:5e:58:
fc:77:91:39:de:98:a6:c7:72:cf:53:8c:f7:80:3f:fa:5d:fa:
40:1c:a1:e8:11:12:7b:e1:af:7b:24:15:67:49:e6:b4:92:66:
31:86:ab:5c:67:d2:12:3a:e6:86:18:c6:76:86:13:0f:c6:f2:
ac:03:76:95:0a:f0:5c:71:c8:86:7b:6d:0f:3a:73:1f:6c:a7:
17:1d:ec:15:a6:4b:4c:00:b9:5b:b7:6d:51:eb:5d:31:37:f9:
d5:5b:04:7f:05:f0:74:17:07:87:92:29:ca:4f:34:d3:3b:92:
f8:48:41:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZYXIwKzv9POyVPRT3SRHpFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYThhYzM3Zjk2OTUxNjk2MjdmNzVlMDk4OTYzMzk2ZGU5
NjM4Y2MwHhcNMjUwNDA4MjA0MTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTVmZDUyNTBlZjM5Y2IyZDNmZjg4Y2JiOTE0MWQzZTIyMmE4MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT0qS3sTGy2A+NA1v8Txm521gMpg
0HFYydPQwFRPztObge9eBS7SQaFuQzYgVQMjVl1c+fheP52dr4j9bMZRPInR/E0U
cFs9JZBUgVTX1iLD3r8VzqSLaaceVSW533bd47XT/cnz04fF8v4UFjdx++9bxmo8
kuP2Svt7OQO5bqSRDXpV3NRli4b1B5BNTqYDJLwY/DY7zHZCj9VB5FyJVDqQgslR
mC9qfUnIizx74yQQVOm9KUWQpNcYhLzifd8PbxZerqgNcYyKUeySB2scETmutFXc
JUh6c03Oer8mF4tZsouIL9jVFfDQ/YKnqroN8gKjry/ad5B0Dem2o33aMQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBFf1SUO85yy0/+Iy7kUHT4iKoHKMB8GA1UdIwQY
MBaAFB+orDf5aVFpYn914JiWM5beljjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUt
MDIzYjZjMDc5M2YxLzEvRVZfVkpRN3puTExUXzRqTHVSUWRQaUlxZ2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUtMDIzYjZjMDc5M2Yx
LzEvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEKgAwQD
W77AAwQCkkIYAwQCuShYMA0EAgACMAcDBQEqAKwAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWZNjcZEBdSE3uvIO9o/bgR6kFmlVMwgbCbpKuoU2dTTLbKSPYYwskWnhOnx49
G+Aot4DFZRQqqw2WPBs0/oqb7pAnu7cVb6kQO+hkhyXHMFehrfAfAMaz8bkWvW2j
lcPPpr1W7zsL+V5zWHGVjR4USr+vVxHAmz08PUOioIL54WX7H4x9AbQB0ld+5LpJ
Xlj8d5E53pimx3LPU4z3gD/6XfpAHKHoERJ74a97JBVnSea0kmYxhqtcZ9ISOuaG
GMZ2hhMPxvKsA3aVCvBccciGe20POnMfbKcXHewVpktMALlbt21R610xN/nVWwR/
BfB0FweHkinKTzTTO5L4SEGQ
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:12:42 2025 by rpki-client