Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/vuV9DiImVcwNO9BkopRgsMOroHE.roa
File: vuV9DiImVcwNO9BkopRgsMOroHE.roa (raw, json)
Hash identifier: hvkJVrZHtE0uuiYkx/97uOMf1Yr0q6axxQGfWe9B3pk=
Subject key identifier: BE:E5:7D:0E:22:26:55:CC:0D:3B:D0:64:A2:94:60:B0:C3:AB:A0:71
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018F1B36301CE514E6F0434CA27AF647C7C0
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/vuV9DiImVcwNO9BkopRgsMOroHE.roa
Signing time: Fri 26 Apr 2024 16:21:26 +0000
ROA not before: Fri 26 Apr 2024 16:21:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
193.32.186.0/23 maxlen: 23
194.93.60.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:36:30:1c:e5:14:e6:f0:43:4c:a2:7a:f6:47:c7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Apr 26 16:21:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bee57d0e222655cc0d3bd064a29460b0c3aba071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:80:5c:5f:5a:e6:43:96:6b:dc:af:ce:c1:2b:
88:3d:1f:19:d5:ff:cf:d8:29:44:34:f0:9b:6e:92:
7f:d8:fe:1e:ed:66:86:f3:a6:56:f5:7c:dc:e6:be:
39:8e:d9:3a:b7:10:c7:b0:35:48:bb:94:19:61:fe:
6f:57:4e:7a:40:7e:7b:bf:49:ce:6e:81:0a:fd:ef:
ac:c7:26:e5:64:74:dc:16:d7:32:41:ac:65:81:20:
e0:a3:6a:0a:b5:e6:78:a4:f6:74:72:0d:4b:55:a3:
1c:3d:a5:dd:d1:c2:33:7a:84:29:2b:ab:23:f5:d6:
3f:87:99:59:86:80:5e:06:b8:68:d7:e7:64:22:4a:
4b:5e:3a:c7:2e:82:be:43:27:f3:82:39:57:a6:a7:
77:b3:a3:da:d5:3a:00:10:fd:8b:55:da:1b:b8:63:
f9:ed:73:e3:75:07:22:36:d3:69:2b:9d:1e:cb:f7:
c5:74:b4:25:10:68:ae:91:a7:b5:1b:b8:d5:01:8c:
05:9a:42:d7:ae:d3:47:71:c9:f6:56:64:ca:e6:0c:
ea:99:f3:b8:28:a5:0e:36:13:32:5c:94:c0:72:fe:
dc:87:8c:42:0c:77:8a:bf:79:23:33:60:94:a4:08:
4d:68:88:14:2c:64:0a:33:92:b2:eb:3c:66:cf:32:
63:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E5:7D:0E:22:26:55:CC:0D:3B:D0:64:A2:94:60:B0:C3:AB:A0:71
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/vuV9DiImVcwNO9BkopRgsMOroHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.160.0/22
92.249.60.0/22
188.119.68.0/22
193.32.186.0/23
194.93.60.0/22
212.87.196.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
42:b0:88:88:f2:dd:fe:77:dd:44:2d:26:6a:f9:29:5c:b3:98:
36:d3:19:d1:94:73:f1:a4:a8:84:b6:bd:21:a1:c0:6f:3b:e1:
77:0b:d0:7a:72:0a:9e:26:01:12:37:e2:6c:db:99:fb:a4:ad:
13:59:2e:b6:81:f2:6f:9f:3c:18:08:aa:db:4d:af:f1:3c:4c:
c5:42:e2:56:eb:64:e3:7c:08:ef:73:14:02:fd:3a:6e:83:01:
10:e2:31:30:00:a6:b5:a0:ad:de:1e:ad:96:b0:2f:52:09:3d:
c8:08:62:9a:ca:18:39:bb:ba:6b:74:43:27:58:8f:56:04:f3:
20:cf:c3:18:36:9e:74:6c:a7:33:c8:80:be:d4:6e:a7:e0:94:
b3:55:dc:e1:bd:4a:18:93:76:e3:42:cf:cc:23:8f:c1:a2:52:
a4:04:f1:67:fa:19:b6:f4:48:32:40:a2:fb:22:f4:77:23:c3:
57:67:64:4b:fb:06:bf:07:a9:72:94:93:41:c2:f1:65:7f:58:
e2:dc:8c:5b:5f:d9:c3:96:cc:b6:2f:9b:f2:2c:06:c0:7b:9e:
50:6e:c9:91:47:00:1d:03:dd:0c:2a:6f:95:3d:83:c4:0e:a4:
d2:5b:05:d2:ba:05:4a:18:71:c6:e4:37:2e:13:43:2a:9b:9a:
ee:fa:6e:6a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY8bNjAc5RTm8ENMonr2R8fAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNDI2MTYyMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWU1N2QwZTIyMjY1NWNjMGQzYmQwNjRhMjk0NjBiMGMzYWJhMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIBcX1rmQ5Zr3K/OwSuIPR8Z1f/P
2ClENPCbbpJ/2P4e7WaG86ZW9Xzc5r45jtk6txDHsDVIu5QZYf5vV056QH57v0nO
boEK/e+sxyblZHTcFtcyQaxlgSDgo2oKteZ4pPZ0cg1LVaMcPaXd0cIzeoQpK6sj
9dY/h5lZhoBeBrho1+dkIkpLXjrHLoK+QyfzgjlXpqd3s6Pa1ToAEP2LVdobuGP5
7XPjdQciNtNpK50ey/fFdLQlEGiukae1G7jVAYwFmkLXrtNHccn2VmTK5gzqmfO4
KKUONhMyXJTAcv7ch4xCDHeKv3kjM2CUpAhNaIgULGQKM5Ky6zxmzzJj4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL7lfQ4iJlXMDTvQZKKUYLDDq6BxMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvdnVWOURpSW1WY3dOTzlCa29wUmdzTU9yb0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVQigAwQC
XPk8AwQCvHdEAwQBwSC6AwQCwl08AwQC1FfEAwQC1GsEMA0GCSqGSIb3DQEBCwUA
A4IBAQBCsIiI8t3+d91ELSZq+Slcs5g20xnRlHPxpKiEtr0hocBvO+F3C9B6cgqe
JgESN+Js25n7pK0TWS62gfJvnzwYCKrbTa/xPEzFQuJW62TjfAjvcxQC/TpugwEQ
4jEwAKa1oK3eHq2WsC9SCT3ICGKayhg5u7prdEMnWI9WBPMgz8MYNp50bKczyIC+
1G6n4JSzVdzhvUoYk3bjQs/MI4/BolKkBPFn+hm29EgyQKL7IvR3I8NXZ2RL+wa/
B6lylJNBwvFlf1ji3IxbX9nDlsy2L5vyLAbAe55QbsmRRwAdA90MKm+VPYPEDqTS
WwXSugVKGHHG5DcuE0Mqm5ru+m5q
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:58:34 2024 by rpki-client on console-fra.rpki-client.org