Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/Vkn5Fjc1blCjW36pRVzcI2dLeRM.roa
File: Vkn5Fjc1blCjW36pRVzcI2dLeRM.roa (raw, json)
Hash identifier: b4zxuu0+PWf6Y2gL35zDWaLiEcfMZ+LL8pUvtmTR45E=
Subject key identifier: 56:49:F9:16:37:35:6E:50:A3:5B:7E:A9:45:5C:DC:23:67:4B:79:13
Certificate issuer: /CN=9d989b3998e19fc00f8670cf6c9d7401715cf34f
Certificate serial: 01967CC42101D5900023330F3D7F002028E1
Authority key identifier: 9D:98:9B:39:98:E1:9F:C0:0F:86:70:CF:6C:9D:74:01:71:5C:F3:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nZibOZjhn8APhnDPbJ10AXFc808.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/Vkn5Fjc1blCjW36pRVzcI2dLeRM.roa
Signing time: Mon 28 Apr 2025 14:19:10 +0000
ROA not before: Mon 28 Apr 2025 14:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33817
IP address blocks: 91.195.74.0/23 maxlen: 23
91.235.68.0/22 maxlen: 22
193.28.184.0/24 maxlen: 24
194.50.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/nZibOZjhn8APhnDPbJ10AXFc808.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/nZibOZjhn8APhnDPbJ10AXFc808.mft
rsync://rpki.ripe.net/repository/DEFAULT/nZibOZjhn8APhnDPbJ10AXFc808.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:c4:21:01:d5:90:00:23:33:0f:3d:7f:00:20:28:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d989b3998e19fc00f8670cf6c9d7401715cf34f
Validity
Not Before: Apr 28 14:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5649f91637356e50a35b7ea9455cdc23674b7913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:42:f5:c4:af:39:52:57:28:10:f5:eb:9c:e9:
1b:e6:7d:e9:87:b1:71:c1:43:e1:21:b5:89:70:8f:
5b:77:80:33:95:78:41:b0:a9:e2:44:12:e1:18:88:
32:bd:81:79:ea:b6:1d:4e:63:52:b4:7b:f4:00:8d:
2f:14:50:4f:de:09:74:a3:fa:e4:4c:a4:74:55:ce:
9b:e4:06:cd:b2:d8:e8:e5:44:52:f4:b8:9e:45:b5:
77:30:3b:ce:74:1f:7f:2a:d1:c0:31:69:7e:10:fd:
1c:3f:e8:4c:e9:2e:26:a3:36:40:02:40:6e:f0:df:
f0:04:17:e3:23:db:1c:ad:aa:87:bb:7b:45:65:93:
bd:8f:45:89:4d:24:5f:2b:bf:22:18:01:2d:a2:85:
ad:4d:59:a1:fc:5d:0a:d5:49:05:87:80:57:95:a9:
7d:4f:1e:1e:2f:95:4c:8f:98:26:86:b8:e6:8d:55:
09:07:39:49:18:64:38:05:8c:fd:a2:65:89:ee:ad:
3c:d7:40:a9:2c:b2:93:d4:13:c8:9b:45:6f:a0:dc:
4b:d8:de:e1:b0:f1:86:da:89:6d:df:ea:f0:58:e3:
83:34:2f:f3:36:90:a0:38:fa:28:16:50:20:78:7a:
bf:b9:2f:ae:c2:b4:fe:89:10:d3:4b:68:9a:ae:7a:
04:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:49:F9:16:37:35:6E:50:A3:5B:7E:A9:45:5C:DC:23:67:4B:79:13
X509v3 Authority Key Identifier:
keyid:9D:98:9B:39:98:E1:9F:C0:0F:86:70:CF:6C:9D:74:01:71:5C:F3:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nZibOZjhn8APhnDPbJ10AXFc808.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/Vkn5Fjc1blCjW36pRVzcI2dLeRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/8c5f5a-804b-4df6-827b-c7ccd7943106/1/nZibOZjhn8APhnDPbJ10AXFc808.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.74.0/23
91.235.68.0/22
193.28.184.0/24
194.50.81.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:b6:6c:ba:80:e9:33:ff:3d:c3:aa:c3:e9:51:be:4c:f9:7c:
4b:ca:b8:ed:e9:46:ac:d2:ce:a9:2e:ae:df:bf:8f:b6:28:2f:
c9:0b:e6:2a:1f:0e:1e:e3:09:10:69:c8:18:d1:d4:41:a2:e8:
e4:9e:2c:a6:b5:27:2c:3b:4e:ce:64:49:22:bd:bf:ff:c2:6e:
f0:d5:76:6f:53:e7:01:99:7c:28:12:57:44:7d:d2:05:fe:c1:
72:84:a5:09:91:da:8d:4a:ac:8f:ca:4d:6f:89:c1:c2:ed:70:
85:93:aa:a9:71:c3:cc:aa:fe:83:c8:3e:1d:db:9e:bd:ee:ac:
22:6f:42:db:4f:8b:70:ae:b1:ab:42:ef:98:03:66:91:88:e3:
c7:dd:6a:89:b2:3f:f8:1f:3c:d7:04:9c:d6:7c:fc:3c:0d:6a:
0e:f1:3e:9b:89:3d:64:a6:b5:3c:d5:7f:01:e3:c3:0e:68:71:
cd:c5:a3:65:76:a8:1d:12:1d:d3:01:d8:8f:55:5f:b9:a2:5f:
bb:f8:cc:15:48:9a:32:cb:4f:b7:9c:4d:a6:e5:24:36:b1:30:
9f:72:c3:c4:da:a5:fd:21:bd:de:92:03:b2:3e:b7:51:c8:c0:
a4:e4:15:72:0e:52:33:dc:44:c0:8c:d1:b7:b4:d9:51:77:c7:
72:f0:1a:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZ8xCEB1ZAAIzMPPX8AICjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOTg5YjM5OThlMTlmYzAwZjg2NzBjZjZjOWQ3NDAxNzE1
Y2YzNGYwHhcNMjUwNDI4MTQxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjQ5ZjkxNjM3MzU2ZTUwYTM1YjdlYTk0NTVjZGMyMzY3NGI3OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0L1xK85UlcoEPXrnOkb5n3ph7Fx
wUPhIbWJcI9bd4AzlXhBsKniRBLhGIgyvYF56rYdTmNStHv0AI0vFFBP3gl0o/rk
TKR0Vc6b5AbNstjo5URS9LieRbV3MDvOdB9/KtHAMWl+EP0cP+hM6S4mozZAAkBu
8N/wBBfjI9scraqHu3tFZZO9j0WJTSRfK78iGAEtooWtTVmh/F0K1UkFh4BXlal9
Tx4eL5VMj5gmhrjmjVUJBzlJGGQ4BYz9omWJ7q0810CpLLKT1BPIm0VvoNxL2N7h
sPGG2olt3+rwWOODNC/zNpCgOPooFlAgeHq/uS+uwrT+iRDTS2iarnoE6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFZJ+RY3NW5Qo1t+qUVc3CNnS3kTMB8GA1UdIwQY
MBaAFJ2YmzmY4Z/AD4Zwz2yddAFxXPNPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblppYk9aamhuOEFQaG5EUGJKMTBBWEZjODA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC84YzVmNWEtODA0Yi00ZGY2LTgyN2It
YzdjY2Q3OTQzMTA2LzEvVmtuNUZqYzFibENqVzM2cFJWemNJMmRMZVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC84YzVmNWEtODA0Yi00ZGY2LTgyN2ItYzdjY2Q3OTQzMTA2
LzEvblppYk9aamhuOEFQaG5EUGJKMTBBWEZjODA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8NKAwQC
W+tEAwQAwRy4AwQAwjJRMA0GCSqGSIb3DQEBCwUAA4IBAQDhtmy6gOkz/z3DqsPp
Ub5M+XxLyrjt6Uas0s6pLq7fv4+2KC/JC+YqHw4e4wkQacgY0dRBoujkniymtScs
O07OZEkivb//wm7w1XZvU+cBmXwoEldEfdIF/sFyhKUJkdqNSqyPyk1vicHC7XCF
k6qpccPMqv6DyD4d25697qwib0LbT4twrrGrQu+YA2aRiOPH3WqJsj/4HzzXBJzW
fPw8DWoO8T6biT1kprU81X8B48MOaHHNxaNldqgdEh3TAdiPVV+5ol+7+MwVSJoy
y0+3nE2m5SQ2sTCfcsPE2qX9Ib3ekgOyPrdRyMCk5BVyDlIz3ETAjNG3tNlRd8dy
8Br3
-----END CERTIFICATE-----
Generated at Sat May 10 08:31:36 2025 by rpki-client