Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vc89EuNUIpqtQtXoR1Yx4efR4v0.roa
File: vc89EuNUIpqtQtXoR1Yx4efR4v0.roa (raw, json)
Hash identifier: sT3QnAM4hXZKIY80G5wgEFUXa5OKbfEkHeYRmqEkFZQ=
Subject key identifier: BD:CF:3D:12:E3:54:22:9A:AD:42:D5:E8:47:56:31:E1:E7:D1:E2:FD
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0196A19BE49510F24B04991A95F737C5E69A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vc89EuNUIpqtQtXoR1Yx4efR4v0.roa
Signing time: Mon 05 May 2025 18:01:10 +0000
ROA not before: Mon 05 May 2025 18:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.8.205.0/24 maxlen: 24
45.9.5.0/24 maxlen: 24
85.208.105.0/24 maxlen: 24
85.208.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:9b:e4:95:10:f2:4b:04:99:1a:95:f7:37:c5:e6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 5 18:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdcf3d12e354229aad42d5e8475631e1e7d1e2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4f:7f:44:05:ad:e2:cc:70:34:3c:78:fd:f6:
50:3a:b6:11:34:9c:c6:e0:fe:27:d9:1d:2d:1f:21:
df:16:6a:76:ef:cf:5c:6f:9a:f8:97:8f:44:52:ba:
a2:b9:3f:12:ee:97:22:06:3e:68:e7:aa:cb:af:3d:
f7:0b:f3:10:be:f0:31:2d:60:9b:e1:f6:5a:a5:eb:
12:92:3a:b9:24:3e:04:8c:fb:f1:d1:d6:00:7e:3a:
12:1f:30:a5:91:1a:8d:22:06:ec:ee:27:9e:b0:a2:
a4:8c:77:9d:da:c7:a1:b1:7f:8c:77:35:b1:77:43:
3d:c0:53:d8:c4:ac:0c:a2:d5:0e:67:9e:8c:03:7e:
5a:bc:08:12:91:16:73:43:0f:07:cc:60:0a:6c:15:
d5:c4:cb:b2:50:4e:4f:cf:f1:b2:15:5b:21:67:84:
d9:2c:ca:00:95:bd:8b:d6:c9:7d:e8:7a:2f:2a:07:
a3:f4:04:a6:f0:8d:1c:a2:97:4a:65:f6:b4:3f:31:
22:99:8a:f5:5e:36:31:d3:27:f0:86:ff:2d:7d:a7:
db:49:f6:9a:92:46:1c:7a:8c:cc:87:88:44:5a:47:
d0:4a:09:2c:e0:e2:ed:a3:8c:7a:f8:1b:8e:ea:28:
c6:7b:80:20:5b:1e:76:b2:40:a3:b4:4a:0b:af:3e:
82:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CF:3D:12:E3:54:22:9A:AD:42:D5:E8:47:56:31:E1:E7:D1:E2:FD
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vc89EuNUIpqtQtXoR1Yx4efR4v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.205.0/24
45.9.5.0/24
85.208.105.0-85.208.106.255
Signature Algorithm: sha256WithRSAEncryption
72:03:97:85:89:d9:37:89:2a:84:bc:66:cc:d1:97:1f:fc:f9:
58:4b:62:6b:4d:83:17:92:de:b5:c5:df:82:70:1a:4f:a2:74:
ea:37:b2:93:cf:56:93:50:50:45:e8:4c:92:83:03:9c:95:39:
9f:a5:0f:6b:60:ed:1b:2f:23:4e:e8:cd:27:a5:18:5f:6f:5e:
8d:e9:6a:4e:da:8f:90:7c:38:fc:ae:5b:61:5f:82:82:47:fe:
20:b0:0b:e7:08:1b:a4:17:77:87:23:c3:97:b9:96:c7:cc:2c:
1c:f3:71:00:9e:44:bf:a1:b6:ea:0c:3b:86:7d:3f:c8:c7:2b:
8d:00:63:d8:a7:00:16:ee:2e:17:fb:01:e1:6c:7a:fe:06:a1:
ac:d7:0a:67:ac:ef:45:ea:ba:80:a8:d5:90:38:9b:ed:54:d1:
bb:67:ae:5c:89:e3:b8:66:f9:f3:fb:1f:43:b7:0b:9e:5d:01:
23:36:f2:b3:ad:cd:21:9a:56:a1:a2:ba:6a:67:b0:37:b5:da:
42:27:68:37:a4:e5:6d:13:68:ef:8d:85:0b:53:5d:3b:0d:dd:
20:c4:c8:d0:3d:78:0b:0a:6c:19:c0:af:fa:6f:d9:26:99:21:
f9:eb:3a:ad:c1:3c:19:9f:0b:81:da:0b:24:e8:bf:ef:e0:e1:
f1:f7:f2:0f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZahm+SVEPJLBJkalfc3xeaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNTA1MTgwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNmM2QxMmUzNTQyMjlhYWQ0MmQ1ZTg0NzU2MzFlMWU3ZDFlMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU9/RAWt4sxwNDx4/fZQOrYRNJzG
4P4n2R0tHyHfFmp2789cb5r4l49EUrqiuT8S7pciBj5o56rLrz33C/MQvvAxLWCb
4fZapesSkjq5JD4EjPvx0dYAfjoSHzClkRqNIgbs7ieesKKkjHed2sehsX+MdzWx
d0M9wFPYxKwMotUOZ56MA35avAgSkRZzQw8HzGAKbBXVxMuyUE5Pz/GyFVshZ4TZ
LMoAlb2L1sl96HovKgej9ASm8I0copdKZfa0PzEimYr1XjYx0yfwhv8tfafbSfaa
kkYceozMh4hEWkfQSgks4OLto4x6+BuO6ijGe4AgWx52skCjtEoLrz6C8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL3PPRLjVCKarULV6EdWMeHn0eL9MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdmM4OUV1TlVJcHF0UXRYb1IxWXg0ZWZSNHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALQjNAwQA
LQkFMAwDBABV0GkDBABV0GowDQYJKoZIhvcNAQELBQADggEBAHIDl4WJ2TeJKoS8
ZszRlx/8+VhLYmtNgxeS3rXF34JwGk+idOo3spPPVpNQUEXoTJKDA5yVOZ+lD2tg
7RsvI07ozSelGF9vXo3pak7aj5B8OPyuW2FfgoJH/iCwC+cIG6QXd4cjw5e5lsfM
LBzzcQCeRL+htuoMO4Z9P8jHK40AY9inABbuLhf7AeFsev4GoazXCmes70XquoCo
1ZA4m+1U0btnrlyJ47hm+fP7H0O3C55dASM28rOtzSGaVqGiumpnsDe12kInaDek
5W0TaO+NhQtTXTsN3SDEyNA9eAsKbBnAr/pv2SaZIfnrOq3BPBmfC4HaCyTov+/g
4fH38g8=
-----END CERTIFICATE-----
Generated at Sat May 10 17:53:25 2025 by rpki-client