Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/vDn8hokAu3gqZNPW3jNDWueEnew.roa
File: vDn8hokAu3gqZNPW3jNDWueEnew.roa (raw, json)
Hash identifier: gTkpXJOZSdo1xXwZyzKruebXW3dYpA+4/EzV6gbFyt4=
Subject key identifier: BC:39:FC:86:89:00:BB:78:2A:64:D3:D6:DE:33:43:5A:E7:84:9D:EC
Certificate issuer: /CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Certificate serial: 018CCA2B7C21A7D2C034B98A5BB432208F04
Authority key identifier: 3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/vDn8hokAu3gqZNPW3jNDWueEnew.roa
Signing time: Tue 02 Jan 2024 12:34:56 +0000
ROA not before: Tue 02 Jan 2024 12:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59715
IP address blocks: 185.5.200.0/22 maxlen: 24
2a02:cdc0::/29 maxlen: 52
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:7c:21:a7:d2:c0:34:b9:8a:5b:b4:32:20:8f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Validity
Not Before: Jan 2 12:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc39fc868900bb782a64d3d6de33435ae7849dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b0:f0:2a:c7:1f:25:a2:46:14:2d:09:29:b4:
81:1a:8e:d3:a1:9d:58:41:7f:6a:4f:61:a6:dc:23:
9c:87:c7:ac:3e:d4:e8:ac:3c:da:37:62:88:5f:d1:
f1:99:4c:a6:a7:9e:7f:be:e0:23:a4:8f:12:2b:e5:
64:93:da:07:2f:2f:b5:70:f3:c4:d2:75:c5:8b:ec:
34:c6:55:52:49:6e:03:7e:91:b8:83:a5:38:2d:ec:
c2:d5:55:62:2b:d0:c9:68:a6:d2:d9:52:83:93:c5:
c0:b4:1f:15:c8:9e:03:5b:cb:94:a7:9f:64:5f:31:
8f:f8:bf:55:b2:d7:04:6d:10:23:8e:a3:c9:12:a8:
90:7a:a7:e0:da:3a:e7:29:8c:41:62:17:ae:cb:a6:
8b:45:b8:bd:21:44:a5:f5:f7:9a:48:ae:b2:b2:e1:
14:d0:ef:e2:e5:30:ff:69:dc:71:7f:32:ea:2a:74:
3b:3b:0a:7d:94:f7:78:a5:95:9e:08:1c:0a:ec:64:
11:5b:c9:8a:25:8c:39:2f:ad:34:51:dd:6e:ff:56:
f3:f9:a6:cb:bb:03:92:36:fd:6c:0c:e3:44:0d:02:
10:9f:a2:95:e6:ed:47:f2:1c:4e:f7:e0:94:5d:f9:
98:d7:c9:b9:17:45:65:c6:6f:8b:4c:3c:dc:e0:ac:
44:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:39:FC:86:89:00:BB:78:2A:64:D3:D6:DE:33:43:5A:E7:84:9D:EC
X509v3 Authority Key Identifier:
keyid:3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/vDn8hokAu3gqZNPW3jNDWueEnew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.200.0/22
IPv6:
2a02:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
05:8e:9f:17:17:3a:33:55:dc:12:10:75:ad:4e:aa:47:55:bb:
08:51:3e:6d:ff:68:71:1e:50:f4:85:e3:b3:e5:a8:86:aa:b2:
1e:c9:12:28:0f:44:26:36:e9:6c:b2:12:f9:e0:20:bf:dd:60:
0c:5f:68:95:57:03:15:00:13:8e:14:37:68:b5:55:6d:03:96:
ed:f0:bf:10:74:6a:74:b6:48:38:38:85:66:46:ef:c1:8c:79:
54:02:1f:b4:cd:fe:ea:51:7f:61:de:2d:16:13:ac:b0:47:f8:
18:44:ce:f0:3d:b3:8a:41:6c:10:9d:04:23:db:ca:04:36:c5:
9f:37:bf:58:34:b8:bb:e6:3e:b0:78:f3:71:1f:bb:74:5c:86:
7c:a1:45:64:98:01:fc:16:77:7b:d1:76:2e:d3:7c:2a:2b:76:
13:ea:dd:dd:64:9e:38:b2:88:fc:55:31:4c:ac:48:0b:63:1f:
8e:cf:ee:ce:8c:f3:3f:3d:e9:45:ef:60:d5:09:d9:bc:66:87:
3b:88:ac:1c:05:f5:a3:f4:8f:96:62:60:79:e4:cc:a2:c5:89:
77:f4:c8:6a:8b:c5:ca:05:99:28:77:12:95:bb:c6:ff:f2:d9:
69:1c:26:5a:0d:77:ac:c9:b2:9b:1f:9d:69:a9:85:64:dc:16:
66:c9:6b:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKK3whp9LANLmKW7QyII8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNGRmOWE1NDYwY2JkNDUwYjRlNzUzODAzOTNhODIxZTg1
Yzc0ZDgwHhcNMjQwMTAyMTIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM5ZmM4Njg5MDBiYjc4MmE2NGQzZDZkZTMzNDM1YWU3ODQ5ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LDwKscfJaJGFC0JKbSBGo7ToZ1Y
QX9qT2Gm3COch8esPtTorDzaN2KIX9HxmUymp55/vuAjpI8SK+Vkk9oHLy+1cPPE
0nXFi+w0xlVSSW4DfpG4g6U4LezC1VViK9DJaKbS2VKDk8XAtB8VyJ4DW8uUp59k
XzGP+L9VstcEbRAjjqPJEqiQeqfg2jrnKYxBYheuy6aLRbi9IUSl9feaSK6ysuEU
0O/i5TD/adxxfzLqKnQ7Owp9lPd4pZWeCBwK7GQRW8mKJYw5L600Ud1u/1bz+abL
uwOSNv1sDONEDQIQn6KV5u1H8hxO9+CUXfmY18m5F0Vlxm+LTDzc4KxEoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLw5/IaJALt4KmTT1t4zQ1rnhJ3sMB8GA1UdIwQY
MBaAFDtN+aVGDL1FC051OAOTqCHoXHTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2Zjkt
OTgxMmQ3Y2ZkNjk0LzEvdkRuOGhva0F1M2dxWk5QVzNqTkRXdWVFbmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2ZjktOTgxMmQ3Y2ZkNjk0
LzEvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQXIMA0E
AgACMAcDBQMqAs3AMA0GCSqGSIb3DQEBCwUAA4IBAQAFjp8XFzozVdwSEHWtTqpH
VbsIUT5t/2hxHlD0heOz5aiGqrIeyRIoD0QmNulsshL54CC/3WAMX2iVVwMVABOO
FDdotVVtA5bt8L8QdGp0tkg4OIVmRu/BjHlUAh+0zf7qUX9h3i0WE6ywR/gYRM7w
PbOKQWwQnQQj28oENsWfN79YNLi75j6wePNxH7t0XIZ8oUVkmAH8Fnd70XYu03wq
K3YT6t3dZJ44soj8VTFMrEgLYx+Oz+7OjPM/PelF72DVCdm8Zoc7iKwcBfWj9I+W
YmB55MyixYl39Mhqi8XKBZkodxKVu8b/8tlpHCZaDXesybKbH51pqYVk3BZmyWuk
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:38:57 2024 by rpki-client on console-ams.rpki-client.org