Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/VeN8KkhM02kbRnECiUHiV1AWrno.roa
File: VeN8KkhM02kbRnECiUHiV1AWrno.roa (raw, json)
Hash identifier: LeA/ZN+HMCEOTjyBuZemkynOT1Z2kKvwuyTFKbJL4WQ=
Subject key identifier: 55:E3:7C:2A:48:4C:D3:69:1B:46:71:02:89:41:E2:57:50:16:AE:7A
Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Certificate serial: 018CCA2BC73545C4A90B07EEA543325B00CB
Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/VeN8KkhM02kbRnECiUHiV1AWrno.roa
Signing time: Tue 02 Jan 2024 12:35:15 +0000
ROA not before: Tue 02 Jan 2024 12:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199455
IP address blocks: 185.4.118.0/24 maxlen: 24
185.4.117.0/24 maxlen: 24
185.4.116.0/24 maxlen: 24
185.4.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c7:35:45:c4:a9:0b:07:ee:a5:43:32:5b:00:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Validity
Not Before: Jan 2 12:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55e37c2a484cd3691b4671028941e2575016ae7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:87:ba:1a:f0:44:dc:60:71:8e:60:2f:f5:ab:
9b:a6:19:13:2c:31:6d:e4:a1:9b:a3:70:f6:67:6e:
1b:43:56:fa:7b:56:83:99:86:8a:29:05:e1:f5:6a:
40:da:32:17:6c:9a:ee:91:da:76:f1:54:f1:e0:e8:
07:77:0b:c1:d4:62:9f:da:4e:c8:f4:88:8d:44:c4:
99:62:54:9d:1d:af:c8:78:e7:ba:a9:19:fa:d8:9c:
ca:fd:bb:0e:6d:e7:d3:e8:5d:f3:0a:a5:36:d2:3f:
9f:0c:ce:84:bc:7d:20:5b:fa:e0:af:8c:84:ec:a1:
f5:d4:17:67:f2:4a:f2:d0:0b:74:ac:9b:c7:03:6b:
c1:0c:d4:7c:19:b6:42:81:25:07:4d:23:7b:51:e6:
6b:bc:6e:9b:44:08:c2:53:b0:15:9a:b7:ab:a0:8d:
12:fc:c7:4c:8a:5e:3a:df:ab:15:bd:5c:f6:3f:7a:
6d:26:8a:3e:97:04:49:16:82:e4:63:ac:88:67:74:
27:d0:c8:a3:2b:e8:67:a9:0f:bb:70:a8:2a:bf:e5:
40:59:dc:e6:ad:19:d0:5a:7b:91:79:a2:df:52:1e:
38:12:8a:1f:af:82:1b:01:38:51:95:3d:f4:99:ae:
a9:b7:d8:20:1e:5c:9e:6f:85:86:76:d3:a4:e9:ea:
b4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E3:7C:2A:48:4C:D3:69:1B:46:71:02:89:41:E2:57:50:16:AE:7A
X509v3 Authority Key Identifier:
keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/VeN8KkhM02kbRnECiUHiV1AWrno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.116.0/22
Signature Algorithm: sha256WithRSAEncryption
46:51:9d:8f:66:e6:a5:0d:d9:07:d2:75:8f:09:de:a4:11:c6:
2b:7b:1f:a4:8e:d3:4e:d0:28:9d:9e:d8:ad:2d:62:ed:08:e3:
75:9c:3d:bd:b0:b9:eb:7a:aa:41:0a:f4:d7:11:0c:ec:e6:e4:
a1:39:19:2f:72:ac:22:8d:19:b6:79:9f:28:50:d5:41:25:56:
84:1b:7c:32:75:78:3e:ee:f7:bb:3e:7c:24:79:87:60:f5:b9:
a8:70:7a:8f:2e:5f:87:3b:f1:6a:d6:0e:80:f8:40:ad:b6:ba:
9b:86:a5:3f:33:ee:22:a2:f6:06:4c:16:2a:19:ca:10:3a:27:
1e:82:d7:7e:6d:21:0c:a7:0f:d0:c3:d6:9b:59:32:f7:61:8c:
0b:37:63:3b:23:50:92:3e:37:61:70:3c:8e:1d:fe:e5:1f:3a:
50:b6:4a:9b:f6:5f:6d:19:e6:d3:aa:3e:af:6c:bd:28:04:10:
8b:dd:d2:be:d4:02:6c:e9:64:a5:de:c2:09:a6:fc:a0:49:a1:
6c:e0:28:c0:fc:39:7e:9c:cc:fa:ab:e4:e7:53:0f:52:a9:e1:
ad:a1:58:94:6c:38:dc:12:99:79:0c:a4:5b:d2:56:bd:73:90:
8f:fe:ec:58:29:52:4c:af:25:f2:a9:d7:c4:70:f2:7a:fb:78:
f4:b8:0d:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK8c1RcSpCwfupUMyWwDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz
N2UyY2QwHhcNMjQwMTAyMTIzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWUzN2MyYTQ4NGNkMzY5MWI0NjcxMDI4OTQxZTI1NzUwMTZhZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoe6GvBE3GBxjmAv9aubphkTLDFt
5KGbo3D2Z24bQ1b6e1aDmYaKKQXh9WpA2jIXbJrukdp28VTx4OgHdwvB1GKf2k7I
9IiNRMSZYlSdHa/IeOe6qRn62JzK/bsObefT6F3zCqU20j+fDM6EvH0gW/rgr4yE
7KH11Bdn8kry0At0rJvHA2vBDNR8GbZCgSUHTSN7UeZrvG6bRAjCU7AVmreroI0S
/MdMil4636sVvVz2P3ptJoo+lwRJFoLkY6yIZ3Qn0MijK+hnqQ+7cKgqv+VAWdzm
rRnQWnuReaLfUh44Eoofr4IbAThRlT30ma6pt9ggHlyeb4WGdtOk6eq01QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXjfCpITNNpG0ZxAolB4ldQFq56MB8GA1UdIwQY
MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt
NjUyOTc1MWIyYjAxLzEvVmVOOEtraE0wMmtiUm5FQ2lVSGlWMUFXcm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx
LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G
CSqGSIb3DQEBCwUAA4IBAQBGUZ2PZualDdkH0nWPCd6kEcYrex+kjtNO0Cidntit
LWLtCON1nD29sLnreqpBCvTXEQzs5uShORkvcqwijRm2eZ8oUNVBJVaEG3wydXg+
7ve7PnwkeYdg9bmocHqPLl+HO/Fq1g6A+ECttrqbhqU/M+4iovYGTBYqGcoQOice
gtd+bSEMpw/Qw9abWTL3YYwLN2M7I1CSPjdhcDyOHf7lHzpQtkqb9l9tGebTqj6v
bL0oBBCL3dK+1AJs6WSl3sIJpvygSaFs4CjA/Dl+nMz6q+TnUw9SqeGtoViUbDjc
Epl5DKRb0la9c5CP/uxYKVJMryXyqdfEcPJ6+3j0uA15
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:45:42 2024 by rpki-client on console-ams.rpki-client.org