Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/vCf8yvFQk2s2r3n1HJDp_jQFJXM.roa
File: vCf8yvFQk2s2r3n1HJDp_jQFJXM.roa (raw, json)
Hash identifier: jBJIOl65ecVZp1wJaLRHWAhQzp/SzkHduM8VaB76Diw=
Subject key identifier: BC:27:FC:CA:F1:50:93:6B:36:AF:79:F5:1C:90:E9:FE:34:05:25:73
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 0196AF653F9AE41F41C89C928DCA982E7B9C
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/vCf8yvFQk2s2r3n1HJDp_jQFJXM.roa
Signing time: Thu 08 May 2025 10:16:10 +0000
ROA not before: Thu 08 May 2025 10:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214717
IP address blocks: 176.65.134.0/24 maxlen: 24
176.65.139.0/24 maxlen: 24
176.65.140.0/24 maxlen: 24
176.65.141.0/24 maxlen: 24
176.65.142.0/24 maxlen: 24
176.65.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 04:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:65:3f:9a:e4:1f:41:c8:9c:92:8d:ca:98:2e:7b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: May 8 10:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc27fccaf150936b36af79f51c90e9fe34052573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ba:7b:56:50:e8:f5:86:46:e0:c3:ae:20:b7:
8c:2e:ff:af:be:fe:0e:bf:a9:1e:94:01:86:fe:3b:
78:13:ee:e3:f4:7f:f9:3b:0f:d7:8e:2f:c8:ec:71:
97:ff:e9:67:5d:79:a4:a0:23:af:74:bd:2d:54:18:
78:d3:2d:5c:4c:91:bf:b4:44:d8:94:40:59:b2:31:
eb:f4:de:dd:d3:da:45:1f:21:ff:b0:ea:c2:c9:47:
c0:ed:de:82:49:9f:e1:91:0c:7f:ea:47:1f:42:5b:
d9:f9:c0:b3:4e:53:a1:24:84:e7:1b:14:67:a0:86:
f2:ed:5a:31:eb:db:06:20:6e:c0:61:d6:ce:85:b6:
58:8a:08:71:fb:49:ae:db:70:0f:01:e2:24:9a:a4:
68:28:d4:85:a8:d7:0c:01:de:24:e1:40:69:2b:24:
06:18:68:2f:64:5c:8e:bf:ee:bf:b8:63:82:9f:a8:
4a:dc:6e:ad:b4:cc:51:27:97:56:cb:90:17:b4:0e:
4c:3b:14:8e:1c:77:c7:62:46:46:96:21:1d:d1:eb:
71:7e:66:05:d3:57:97:72:03:e1:a5:4c:b7:d3:eb:
06:71:5a:77:c5:a5:47:4f:80:0c:67:ac:1d:ed:61:
26:ed:57:90:85:19:cf:21:87:2a:5e:f9:fe:f6:fd:
41:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:27:FC:CA:F1:50:93:6B:36:AF:79:F5:1C:90:E9:FE:34:05:25:73
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/vCf8yvFQk2s2r3n1HJDp_jQFJXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.134.0/24
176.65.139.0-176.65.142.255
176.65.144.0/24
Signature Algorithm: sha256WithRSAEncryption
26:26:db:bd:76:ee:8f:80:6c:dd:8a:09:d2:c4:68:b2:71:e9:
a4:92:b2:23:bf:2a:f0:63:7c:da:ef:6d:58:8b:bb:d8:43:7b:
52:70:98:c3:9b:b5:85:c0:cb:cb:fd:ef:a6:99:51:e1:5b:c0:
22:f2:d1:99:c4:ae:7d:80:ce:8e:45:5f:2f:f0:1e:d8:f4:78:
15:27:60:b0:96:ab:f5:d8:91:82:a3:d8:67:3d:73:65:98:c5:
cc:40:00:5b:15:b4:23:2e:a5:9f:a1:b0:c8:9f:84:17:1e:1e:
bf:f3:1f:6b:b4:33:22:b3:52:60:86:e7:78:8c:3f:72:ad:69:
02:a7:fd:ea:c7:c7:67:ed:82:4f:9b:31:cd:12:31:bf:62:d4:
54:ad:7a:36:cc:1c:e7:a9:a7:8b:bd:be:f3:9d:6b:9d:d3:75:
4e:ac:eb:44:64:59:43:19:c7:53:6b:03:85:95:28:ab:aa:f0:
20:47:65:d0:fb:16:5f:5d:05:91:22:3e:a0:d6:fe:06:c7:58:
a4:0a:da:ae:a1:ea:9c:70:99:06:25:bf:f6:ad:7c:20:05:f2:
c2:5a:fb:4c:4c:42:96:2a:45:93:56:6f:11:70:50:d5:6d:7f:
1e:6c:9b:b6:f0:0e:85:66:f9:06:75:82:35:a3:d1:5d:8c:db:
7e:6e:63:3e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZavZT+a5B9ByJySjcqYLnucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwNTA4MTAxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzI3ZmNjYWYxNTA5MzZiMzZhZjc5ZjUxYzkwZTlmZTM0MDUyNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybp7VlDo9YZG4MOuILeMLv+vvv4O
v6kelAGG/jt4E+7j9H/5Ow/Xji/I7HGX/+lnXXmkoCOvdL0tVBh40y1cTJG/tETY
lEBZsjHr9N7d09pFHyH/sOrCyUfA7d6CSZ/hkQx/6kcfQlvZ+cCzTlOhJITnGxRn
oIby7Vox69sGIG7AYdbOhbZYighx+0mu23APAeIkmqRoKNSFqNcMAd4k4UBpKyQG
GGgvZFyOv+6/uGOCn6hK3G6ttMxRJ5dWy5AXtA5MOxSOHHfHYkZGliEd0etxfmYF
01eXcgPhpUy30+sGcVp3xaVHT4AMZ6wd7WEm7VeQhRnPIYcqXvn+9v1BPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLwn/MrxUJNrNq959RyQ6f40BSVzMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvdkNmOHl2RlFrMnMycjNuMUhKRHBfalFGSlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsEGGMAwD
BACwQYsDBACwQY4DBACwQZAwDQYJKoZIhvcNAQELBQADggEBACYm27127o+AbN2K
CdLEaLJx6aSSsiO/KvBjfNrvbViLu9hDe1JwmMObtYXAy8v976aZUeFbwCLy0ZnE
rn2Azo5FXy/wHtj0eBUnYLCWq/XYkYKj2Gc9c2WYxcxAAFsVtCMupZ+hsMifhBce
Hr/zH2u0MyKzUmCG53iMP3KtaQKn/erHx2ftgk+bMc0SMb9i1FStejbMHOepp4u9
vvOda53TdU6s60RkWUMZx1NrA4WVKKuq8CBHZdD7Fl9dBZEiPqDW/gbHWKQK2q6h
6pxwmQYlv/atfCAF8sJa+0xMQpYqRZNWbxFwUNVtfx5sm7bwDoVm+QZ1gjWj0V2M
235uYz4=
-----END CERTIFICATE-----
Generated at Fri May 9 14:17:31 2025 by rpki-client