Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VgVq-6TLMiL7Sau_RtgQ3m_Vpv0.roa
File: VgVq-6TLMiL7Sau_RtgQ3m_Vpv0.roa (raw, json)
Hash identifier: 1YKBUCdRYV8CfVZcj+eVWU3GK5hSdpogHam93h2rJ6k=
Subject key identifier: 56:05:6A:FB:A4:CB:32:22:FB:49:AB:BF:46:D8:10:DE:6F:D5:A6:FD
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019614784AE25DFDC36F395E95F232A6BE77
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VgVq-6TLMiL7Sau_RtgQ3m_Vpv0.roa
Signing time: Tue 08 Apr 2025 08:15:49 +0000
ROA not before: Tue 08 Apr 2025 08:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:78:4a:e2:5d:fd:c3:6f:39:5e:95:f2:32:a6:be:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Apr 8 08:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56056afba4cb3222fb49abbf46d810de6fd5a6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:a6:44:eb:f1:8d:1b:9d:b6:ba:f6:a8:4d:
05:63:f4:8b:1c:dd:c9:c4:96:78:05:8f:97:06:97:
fa:f9:d1:9e:93:dc:c0:16:2e:cf:12:4e:51:46:3e:
df:02:aa:79:2a:b7:6f:08:a7:86:e3:04:56:8c:69:
e6:89:06:cc:33:57:ce:27:4c:97:5f:2c:89:b8:c2:
a0:79:41:ac:99:9a:7b:d7:d5:e5:c2:2e:d5:9c:72:
9f:82:f4:df:fe:1d:13:68:f5:f5:89:fd:00:a5:46:
01:da:ac:79:e0:fc:cc:7f:01:10:5d:29:dd:ad:14:
ab:d4:59:70:73:85:e0:34:66:9b:16:41:5b:12:91:
3a:22:33:8e:50:0a:86:ef:ad:7e:c8:f6:bc:11:1a:
78:a0:26:90:e9:36:26:56:66:5b:1c:d1:60:83:7d:
c1:06:eb:92:84:69:f6:5e:8a:0d:97:12:83:73:97:
fc:0e:cb:bf:a7:72:b6:2e:61:72:94:95:63:0e:b7:
0d:e5:29:d5:2f:21:38:c7:eb:13:63:66:e3:eb:48:
ec:e1:6e:52:d1:66:ad:5b:93:e9:0a:da:6b:80:d3:
5f:7d:e7:66:f4:2e:cd:58:65:b0:f0:d5:12:78:20:
b9:27:8a:62:ac:30:ab:a9:47:85:b1:97:d1:b0:ce:
f4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:05:6A:FB:A4:CB:32:22:FB:49:AB:BF:46:D8:10:DE:6F:D5:A6:FD
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VgVq-6TLMiL7Sau_RtgQ3m_Vpv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
91.92.40.0/24
91.92.42.0/23
Signature Algorithm: sha256WithRSAEncryption
51:db:8d:a7:70:e1:03:96:3f:36:18:f3:cd:a2:30:7f:e4:6a:
87:8d:73:b2:69:7e:f6:44:72:4c:8d:f7:56:e5:68:d4:77:3a:
b1:4b:9e:0d:eb:cf:8e:07:be:f7:a2:aa:0f:94:05:de:47:ec:
e6:81:f8:11:aa:0f:2e:2c:98:90:f9:b1:c8:b9:e0:d3:2c:f6:
84:74:29:8e:a1:af:68:86:cb:66:73:c1:39:ef:05:9c:db:e6:
8b:0c:4b:0e:ab:a4:85:0b:d4:07:5a:e5:85:ff:90:66:13:17:
c3:59:f2:24:4e:a6:2d:5d:a3:33:ca:5d:73:a7:a7:72:69:b7:
a9:ee:84:9b:eb:5f:9f:c3:72:43:3e:e4:42:96:8d:0f:34:19:
65:20:c8:fe:ed:52:0a:5d:59:d7:a5:80:92:1e:c6:56:7b:2e:
ff:5d:c6:cc:bd:b0:26:d3:6c:ea:da:1b:39:49:10:b6:62:a0:
83:6e:93:d2:5c:2b:37:7d:12:ec:9d:18:35:26:01:3a:23:a4:
3e:50:81:0c:fd:e2:9c:2a:31:32:72:20:98:68:1c:d9:1d:89:
3a:08:6d:9d:24:29:7b:05:31:ee:aa:83:25:6d:9a:81:90:2e:
f3:0d:ac:47:49:7a:8f:57:d9:18:cf:f7:63:7b:1f:04:89:b7:
63:18:82:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYUeEriXf3DbzlelfIypr53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNDA4MDgxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA1NmFmYmE0Y2IzMjIyZmI0OWFiYmY0NmQ4MTBkZTZmZDVhNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdymROvxjRudtrr2qE0FY/SLHN3J
xJZ4BY+XBpf6+dGek9zAFi7PEk5RRj7fAqp5KrdvCKeG4wRWjGnmiQbMM1fOJ0yX
XyyJuMKgeUGsmZp719Xlwi7VnHKfgvTf/h0TaPX1if0ApUYB2qx54PzMfwEQXSnd
rRSr1Flwc4XgNGabFkFbEpE6IjOOUAqG761+yPa8ERp4oCaQ6TYmVmZbHNFgg33B
BuuShGn2XooNlxKDc5f8Dsu/p3K2LmFylJVjDrcN5SnVLyE4x+sTY2bj60js4W5S
0WatW5PpCtprgNNffedm9C7NWGWw8NUSeCC5J4pirDCrqUeFsZfRsM70twIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFYFavukyzIi+0mrv0bYEN5v1ab9MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVmdWcS02VExNaUw3U2F1X1J0Z1EzbV9WcHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW1wjAwQA
W1woAwQBW1wqMA0GCSqGSIb3DQEBCwUAA4IBAQBR242ncOEDlj82GPPNojB/5GqH
jXOyaX72RHJMjfdW5WjUdzqxS54N68+OB773oqoPlAXeR+zmgfgRqg8uLJiQ+bHI
ueDTLPaEdCmOoa9ohstmc8E57wWc2+aLDEsOq6SFC9QHWuWF/5BmExfDWfIkTqYt
XaMzyl1zp6dyabep7oSb61+fw3JDPuRClo0PNBllIMj+7VIKXVnXpYCSHsZWey7/
XcbMvbAm02zq2hs5SRC2YqCDbpPSXCs3fRLsnRg1JgE6I6Q+UIEM/eKcKjEyciCY
aBzZHYk6CG2dJCl7BTHuqoMlbZqBkC7zDaxHSXqPV9kYz/djex8EibdjGIKk
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:58:11 2025 by rpki-client