Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VGurPfZCJh4Ot-RkzdcvT72DKFk.roa
File: VGurPfZCJh4Ot-RkzdcvT72DKFk.roa (raw, json)
Hash identifier: temQQa5zOMU5QeSl6T48Juzkww2/UheolOo0w0utG/I=
Subject key identifier: 54:6B:AB:3D:F6:42:26:1E:0E:B7:E4:64:CD:D7:2F:4F:BD:83:28:59
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 019638FC2396547D4C4B5A0D06A84C68ECCA
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VGurPfZCJh4Ot-RkzdcvT72DKFk.roa
Signing time: Tue 15 Apr 2025 10:26:10 +0000
ROA not before: Tue 15 Apr 2025 10:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.80.0/24 maxlen: 24
31.169.83.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:fc:23:96:54:7d:4c:4b:5a:0d:06:a8:4c:68:ec:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Apr 15 10:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=546bab3df642261e0eb7e464cdd72f4fbd832859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:df:07:df:55:a6:e8:25:23:43:9e:59:d7:88:
72:cc:db:c0:03:23:06:f3:05:37:92:77:c3:a8:1f:
78:c1:39:91:7a:75:ee:f4:5c:e5:62:3e:11:61:7a:
f9:b3:b4:3b:6d:67:8d:d7:0d:df:05:b2:53:63:2a:
51:38:d1:6a:0f:35:8d:b8:14:6c:29:30:50:26:61:
40:f4:c9:f8:b3:96:b6:c3:f7:77:c1:4a:22:2e:5a:
b8:e3:12:1c:34:1e:8c:41:ab:2b:1c:e4:ce:d9:43:
e2:3c:0f:fd:b1:f6:9b:b4:07:1f:fa:15:b4:01:cf:
c1:8c:42:ec:b7:e9:2b:69:3a:e5:f8:45:da:68:17:
01:cf:cd:c2:ee:e0:b7:16:79:d2:ca:50:2a:73:6e:
4b:32:96:7d:85:45:ba:b2:dd:9b:8f:c5:ba:2a:71:
86:51:71:26:20:45:27:da:54:d3:42:32:92:27:61:
47:a8:f2:ea:80:6f:1b:9a:1a:f1:8d:60:a3:5c:99:
85:43:bd:7e:2a:35:39:c9:ed:83:96:ca:4c:70:47:
d7:04:b2:52:af:4b:21:07:ce:3f:81:aa:18:83:4e:
17:ed:f4:b4:51:e3:ed:bf:d6:a7:43:70:8f:71:fb:
4f:b0:58:d5:90:5a:70:6e:ae:5d:c2:47:c7:ce:de:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6B:AB:3D:F6:42:26:1E:0E:B7:E4:64:CD:D7:2F:4F:BD:83:28:59
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VGurPfZCJh4Ot-RkzdcvT72DKFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.83.0/24
31.169.86.0/24
31.169.90.0/24
31.169.95.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f2:e5:1e:b8:88:4b:35:7f:57:15:eb:64:db:c1:18:0f:15:
de:e7:54:dd:89:47:0a:9e:ae:b2:28:ff:a7:67:f2:43:fb:44:
44:29:72:a7:41:f1:8b:4e:c7:bf:58:9e:d9:93:b1:d1:e9:fa:
19:84:dc:3f:5f:7b:2a:ea:30:80:74:03:2a:c4:03:e7:46:54:
17:5b:06:b8:f5:ad:17:bd:4e:9e:a8:46:3f:e2:39:f7:d0:c5:
69:90:12:f8:c1:53:ab:5f:ac:10:05:be:1a:f8:7e:cc:98:c2:
cd:5e:51:2d:d9:60:c9:4a:ec:47:eb:5d:fa:06:6c:b4:47:81:
3b:a4:79:50:24:a3:21:83:68:c5:59:be:2d:46:90:a9:09:09:
44:bf:c1:1b:44:cd:82:78:ec:0a:63:ae:bd:09:98:66:c3:e3:
2e:f9:8b:de:24:06:89:cc:97:d5:97:80:93:8b:8d:81:6b:d7:
be:54:73:23:4c:b0:97:34:0d:3f:83:be:68:98:29:95:d6:9e:
c6:f8:f4:0e:d5:4e:44:5f:96:bb:fb:24:6b:74:46:31:b5:1a:
37:74:8c:b6:87:fd:6e:a5:38:8f:44:34:3b:18:a5:67:7a:97:
1a:37:17:ea:b2:f1:0e:80:74:11:fc:8c:61:bc:7d:6a:4a:67:
95:58:74:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZY4/COWVH1MS1oNBqhMaOzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNDE1MTAyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZiYWIzZGY2NDIyNjFlMGViN2U0NjRjZGQ3MmY0ZmJkODMyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj98H31Wm6CUjQ55Z14hyzNvAAyMG
8wU3knfDqB94wTmRenXu9FzlYj4RYXr5s7Q7bWeN1w3fBbJTYypRONFqDzWNuBRs
KTBQJmFA9Mn4s5a2w/d3wUoiLlq44xIcNB6MQasrHOTO2UPiPA/9sfabtAcf+hW0
Ac/BjELst+kraTrl+EXaaBcBz83C7uC3FnnSylAqc25LMpZ9hUW6st2bj8W6KnGG
UXEmIEUn2lTTQjKSJ2FHqPLqgG8bmhrxjWCjXJmFQ71+KjU5ye2DlspMcEfXBLJS
r0shB84/gaoYg04X7fS0UePtv9anQ3CPcftPsFjVkFpwbq5dwkfHzt69IwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFRrqz32QiYeDrfkZM3XL0+9gyhZMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvVkd1clBmWkNKaDRPdC1Sa3pkY3ZUNzJES0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH6lQAwQA
H6lTAwQAH6lWAwQAH6laAwQAH6lfMA0GCSqGSIb3DQEBCwUAA4IBAQBJ8uUeuIhL
NX9XFetk28EYDxXe51TdiUcKnq6yKP+nZ/JD+0REKXKnQfGLTse/WJ7Zk7HR6foZ
hNw/X3sq6jCAdAMqxAPnRlQXWwa49a0XvU6eqEY/4jn30MVpkBL4wVOrX6wQBb4a
+H7MmMLNXlEt2WDJSuxH6136Bmy0R4E7pHlQJKMhg2jFWb4tRpCpCQlEv8EbRM2C
eOwKY669CZhmw+Mu+YveJAaJzJfVl4CTi42Ba9e+VHMjTLCXNA0/g75omCmV1p7G
+PQO1U5EX5a7+yRrdEYxtRo3dIy2h/1upTiPRDQ7GKVnepcaNxfqsvEOgHQR/Ixh
vH1qSmeVWHQK
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:28:01 2025 by rpki-client