Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/9VfyQlDrgjGEsT-Z2CH3JH9pjtI.roa
File: 9VfyQlDrgjGEsT-Z2CH3JH9pjtI.roa (raw, json)
Hash identifier: DvOo9eNlNDON387S712OHAueL9jmcNYkIxRoD4AWUdY=
Subject key identifier: F5:57:F2:42:50:EB:82:31:84:B1:3F:99:D8:21:F7:24:7F:69:8E:D2
Certificate issuer: /CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Certificate serial: 018CC64B0B71747901125A04C6621F862647
Authority key identifier: D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/9VfyQlDrgjGEsT-Z2CH3JH9pjtI.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20802
IP address blocks: 185.111.220.0/22 maxlen: 24
2a06:6000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/2Z6pWH5epOljrXrn8SV2HA4pJWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/2Z6pWH5epOljrXrn8SV2HA4pJWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0b:71:74:79:01:12:5a:04:c6:62:1f:86:26:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f557f24250eb823184b13f99d821f7247f698ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ea:b7:e0:75:48:14:54:b9:a8:24:44:6b:fe:
20:0c:39:6b:b8:29:9c:b0:23:52:86:2e:f9:88:1f:
56:b5:d6:ae:af:50:15:8d:ab:bc:68:61:a9:fb:bd:
9e:24:cd:2c:ab:f5:f1:0b:15:7b:f8:4a:68:20:ff:
56:f1:dc:2e:2c:52:08:e8:60:9d:05:80:69:4d:aa:
f9:b1:d8:db:f5:bc:ec:12:a2:72:44:62:4f:82:cc:
8c:aa:ca:dd:13:0a:90:43:18:5c:f8:da:ed:d6:06:
aa:2c:37:7f:da:fc:3a:dc:a1:d1:6b:01:f5:65:26:
f7:41:b4:e5:c8:32:3d:e4:83:a9:be:45:7c:55:b4:
e3:b6:70:87:1c:85:b5:9e:58:8a:0d:f3:5e:8f:ce:
ab:d4:d8:cc:73:73:93:77:0d:87:29:33:04:e5:35:
c3:c3:f4:9e:4a:71:d0:27:6b:06:51:65:22:06:13:
eb:2d:97:85:db:bd:f2:b5:85:e3:57:3c:ce:9d:25:
b6:65:b6:b3:5f:38:02:57:75:fe:59:25:a7:fd:5b:
db:09:29:ad:a4:5f:b8:84:9a:79:6f:c2:bf:ae:2d:
be:ca:8c:4d:c1:d7:4a:4f:ff:cd:87:16:22:20:f3:
a3:36:d1:4a:15:b8:18:68:46:f4:bf:f1:ee:ea:76:
fc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:57:F2:42:50:EB:82:31:84:B1:3F:99:D8:21:F7:24:7F:69:8E:D2
X509v3 Authority Key Identifier:
keyid:D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/9VfyQlDrgjGEsT-Z2CH3JH9pjtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/2Z6pWH5epOljrXrn8SV2HA4pJWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.220.0/22
IPv6:
2a06:6000::/29
Signature Algorithm: sha256WithRSAEncryption
60:4c:9c:b7:05:e8:dd:c0:d7:b9:3d:45:c4:72:3e:43:1b:1a:
22:e7:3e:ac:ea:63:0e:67:e2:d4:78:79:54:da:07:55:ba:4e:
f6:06:af:ba:32:d8:2f:ab:1a:b8:a0:66:4e:58:c5:5a:a3:32:
83:4e:7f:5b:0d:a4:10:7c:a9:11:b9:21:36:02:62:3a:4e:04:
a8:5a:80:d1:ea:0f:80:f7:89:15:be:80:3c:b7:b4:fb:f5:bc:
92:95:b7:cc:43:0e:28:13:78:26:b1:17:0a:ac:10:2e:09:11:
39:ba:36:97:40:1a:c6:1f:01:d9:22:f3:5d:6a:a5:a9:e6:4c:
c1:9f:b9:d2:38:64:c1:38:dc:48:ff:bd:58:8f:b1:11:27:f4:
ff:b7:f2:50:9b:74:78:99:89:36:aa:6d:0c:ca:fb:74:4e:5d:
9c:48:3e:4a:57:09:87:60:da:8e:11:d3:cb:6d:4f:62:27:c0:
71:1a:15:0a:c0:35:d2:f4:20:39:95:3c:8d:63:c1:80:f2:c5:
07:03:e9:0f:c9:38:63:31:0b:d5:79:06:95:3c:02:c6:1e:25:
cc:34:19:fc:25:fa:f3:49:db:3d:1f:74:d5:c6:ab:c0:59:16:
2d:00:13:c9:3c:ba:30:d3:35:b1:82:71:ae:30:9e:e7:02:09:
a8:92:5f:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSwtxdHkBEloExmIfhiZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWVhOTU4N2U1ZWE0ZTk2M2FkN2FlN2YxMjU3NjFjMGUy
OTI1NjMwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU3ZjI0MjUwZWI4MjMxODRiMTNmOTlkODIxZjcyNDdmNjk4ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuq34HVIFFS5qCREa/4gDDlruCmc
sCNShi75iB9Wtdaur1AVjau8aGGp+72eJM0sq/XxCxV7+EpoIP9W8dwuLFII6GCd
BYBpTar5sdjb9bzsEqJyRGJPgsyMqsrdEwqQQxhc+Nrt1gaqLDd/2vw63KHRawH1
ZSb3QbTlyDI95IOpvkV8VbTjtnCHHIW1nliKDfNej86r1NjMc3OTdw2HKTME5TXD
w/SeSnHQJ2sGUWUiBhPrLZeF273ytYXjVzzOnSW2ZbazXzgCV3X+WSWn/VvbCSmt
pF+4hJp5b8K/ri2+yoxNwddKT//NhxYiIPOjNtFKFbgYaEb0v/Hu6nb8mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPVX8kJQ64IxhLE/mdgh9yR/aY7SMB8GA1UdIwQY
MBaAFNmeqVh+XqTpY6165/EldhwOKSVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUt
MDdkZjAxNmM0MWI4LzEvOVZmeVFsRHJnakdFc1QtWjJDSDNKSDlwanRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUtMDdkZjAxNmM0MWI4
LzEvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW/cMA0E
AgACMAcDBQMqBmAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgTJy3BejdwNe5PUXEcj5D
Gxoi5z6s6mMOZ+LUeHlU2gdVuk72Bq+6Mtgvqxq4oGZOWMVaozKDTn9bDaQQfKkR
uSE2AmI6TgSoWoDR6g+A94kVvoA8t7T79bySlbfMQw4oE3gmsRcKrBAuCRE5ujaX
QBrGHwHZIvNdaqWp5kzBn7nSOGTBONxI/71Yj7ERJ/T/t/JQm3R4mYk2qm0Myvt0
Tl2cSD5KVwmHYNqOEdPLbU9iJ8BxGhUKwDXS9CA5lTyNY8GA8sUHA+kPyThjMQvV
eQaVPALGHiXMNBn8JfrzSds9H3TVxqvAWRYtABPJPLow0zWxgnGuMJ7nAgmokl/i
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:44:29 2024 by rpki-client on console-fra.rpki-client.org