Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vxqsKSvClHem1rkXsWg9SgycOSo.roa
File: vxqsKSvClHem1rkXsWg9SgycOSo.roa (raw, json)
Hash identifier: hl8FUcab8D07kUCMeEBw+apbdDp9p0mx/B7Ui6jzruk=
Subject key identifier: BF:1A:AC:29:2B:C2:94:77:A6:D6:B9:17:B1:68:3D:4A:0C:9C:39:2A
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 018CC94D41FEDA005675FC8D29335E704578
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vxqsKSvClHem1rkXsWg9SgycOSo.roa
Signing time: Tue 02 Jan 2024 08:32:12 +0000
ROA not before: Tue 02 Jan 2024 08:32:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210990
IP address blocks: 192.145.120.0/22 maxlen: 24
176.106.44.0/24 maxlen: 24
176.106.43.0/24 maxlen: 24
176.106.42.0/24 maxlen: 24
176.106.41.0/24 maxlen: 24
176.106.40.0/24 maxlen: 24
176.106.47.0/24 maxlen: 24
176.106.46.0/24 maxlen: 24
176.106.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:41:fe:da:00:56:75:fc:8d:29:33:5e:70:45:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Jan 2 08:32:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf1aac292bc29477a6d6b917b1683d4a0c9c392a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:47:13:1f:05:eb:13:93:7d:19:ed:8f:e8:
17:23:16:56:64:bc:70:f8:fb:02:89:b6:b0:17:9a:
90:81:c3:54:55:77:74:b4:95:50:de:a9:da:e9:cc:
24:b5:59:3d:bb:86:c9:80:f5:dc:e8:92:89:db:c0:
ed:1a:83:59:4e:5d:8c:f1:21:65:15:82:24:38:7c:
c8:35:af:e4:b8:6c:df:f1:c5:e8:cb:64:4e:00:dd:
4b:e2:28:b0:3f:4d:bc:dc:38:41:ea:10:93:fd:7a:
b3:95:6c:a2:1b:96:a2:b9:b1:b7:87:af:bb:df:c3:
b9:b1:f0:59:50:7c:0f:83:e1:f6:ee:b8:ea:24:b7:
e7:a6:04:e1:1a:51:4d:1d:87:2e:31:3c:45:50:7a:
dc:a3:a8:fb:e1:8c:37:3c:a8:58:01:69:51:b1:8e:
c9:87:9e:ec:c8:44:5e:25:ce:bb:7f:35:67:ab:cd:
65:ce:d8:5e:b4:db:4c:e3:ea:ef:c6:99:ff:fc:b7:
d9:88:61:55:5e:cb:7a:b2:d0:c9:2b:4e:07:6e:ac:
55:5e:51:9c:82:30:ea:db:65:96:71:46:1b:01:16:
d2:3b:84:e0:3e:14:a4:5c:84:11:74:a3:11:50:b7:
be:c5:cc:24:61:c6:e1:04:90:a2:a2:60:90:b7:07:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1A:AC:29:2B:C2:94:77:A6:D6:B9:17:B1:68:3D:4A:0C:9C:39:2A
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vxqsKSvClHem1rkXsWg9SgycOSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.40.0/21
192.145.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c1:67:ce:d7:22:c2:e8:6a:16:94:57:90:08:68:b3:3a:dd:
d1:fb:0e:4e:43:16:76:0a:cc:7d:23:02:f0:67:26:2d:be:55:
49:b5:a8:c2:2d:bd:d7:97:ba:bb:7a:eb:f0:c1:ca:b4:7c:a3:
a4:4c:ab:63:64:70:cf:c4:85:95:8d:b3:c2:34:4f:09:3c:4c:
22:ce:73:18:0c:c5:83:a9:d2:4a:7d:02:8b:46:a2:ad:0f:91:
df:e3:7d:be:84:37:62:bb:b8:10:14:fa:ed:db:d8:f0:e6:a4:
28:7e:74:60:23:7b:20:93:ab:e7:cf:5f:d7:22:33:b7:5d:11:
84:1a:52:e8:46:c5:db:03:2f:48:57:21:4a:3c:2b:a2:8f:ec:
d0:c8:3c:17:db:64:0c:7b:e7:f0:95:57:2d:ab:a2:6d:d1:af:
d9:48:4e:d8:9f:7a:a8:5d:ee:a8:55:22:33:c8:d1:09:d2:c0:
3f:20:f8:03:63:d8:57:5a:1e:fa:58:20:80:ec:d1:02:d7:72:
2d:8c:1e:bf:47:57:da:68:d8:12:af:c5:9a:a0:c9:8a:96:1c:
9f:fc:15:1b:8f:a5:e3:9f:39:93:a8:c4:c1:5d:d0:9d:8e:d4:
02:01:62:58:44:4f:3c:ab:55:1a:34:42:97:0b:c9:50:d5:3e:
0b:0e:2a:67
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTUH+2gBWdfyNKTNecEV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTZjN2U2NjBiMWM3NGUzYjAzMThiMTQzMzhjM2YwMGRk
N2JjNzIwHhcNMjQwMTAyMDgzMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFhYWMyOTJiYzI5NDc3YTZkNmI5MTdiMTY4M2Q0YTBjOWMzOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5pHEx8F6xOTfRntj+gXIxZWZLxw
+PsCibawF5qQgcNUVXd0tJVQ3qna6cwktVk9u4bJgPXc6JKJ28DtGoNZTl2M8SFl
FYIkOHzINa/kuGzf8cXoy2ROAN1L4iiwP0283DhB6hCT/XqzlWyiG5aiubG3h6+7
38O5sfBZUHwPg+H27rjqJLfnpgThGlFNHYcuMTxFUHrco6j74Yw3PKhYAWlRsY7J
h57syEReJc67fzVnq81lzthetNtM4+rvxpn//LfZiGFVXst6stDJK04HbqxVXlGc
gjDq22WWcUYbARbSO4TgPhSkXIQRdKMRULe+xcwkYcbhBJCiomCQtwf7jwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL8arCkrwpR3pta5F7FoPUoMnDkqMB8GA1UdIwQY
MBaAFPpWx+ZgscdOOwMYsUM4w/AN17xyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sYkg1bUN4eDA0N0F4aXhRempEOEEzWHZISS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlm
LThiZjRmZTRjNzczMi8xL3Z4cXNLU3ZDbEhlbTFya1hzV2c5U2d5Y09Tby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlmLThiZjRmZTRjNzcz
Mi8xLzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAOwaigD
BALAkXgwDQYJKoZIhvcNAQELBQADggEBAIrBZ87XIsLoahaUV5AIaLM63dH7Dk5D
FnYKzH0jAvBnJi2+VUm1qMItvdeXurt66/DByrR8o6RMq2NkcM/EhZWNs8I0Twk8
TCLOcxgMxYOp0kp9AotGoq0Pkd/jfb6EN2K7uBAU+u3b2PDmpCh+dGAjeyCTq+fP
X9ciM7ddEYQaUuhGxdsDL0hXIUo8K6KP7NDIPBfbZAx75/CVVy2rom3Rr9lITtif
eqhd7qhVIjPI0QnSwD8g+ANj2FdaHvpYIIDs0QLXci2MHr9HV9po2BKvxZqgyYqW
HJ/8FRuPpeOfOZOoxMFd0J2O1AIBYlhETzyrVRo0QpcLyVDVPgsOKmc=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:02:02 2024 by rpki-client on console-ams.rpki-client.org