Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/vK-Xsy_lxlY2UwmSEVNVXo5cJSo.roa
File: vK-Xsy_lxlY2UwmSEVNVXo5cJSo.roa (raw, json)
Hash identifier: hKMGzMk4nuJMT7X2pKv7bDghCdHa03TC4wFkoY766lY=
Subject key identifier: BC:AF:97:B3:2F:E5:C6:56:36:53:09:92:11:53:55:5E:8E:5C:25:2A
Certificate issuer: /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial: 018CCA2A38F820474FA4141ABEC9B66D6DEA
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/vK-Xsy_lxlY2UwmSEVNVXo5cJSo.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201199
IP address blocks: 185.82.103.0/24 maxlen: 24
185.82.102.0/24 maxlen: 24
185.82.101.0/24 maxlen: 24
185.82.100.0/24 maxlen: 24
2a05:8f00::/48 maxlen: 48
2a05:8f00::/29 maxlen: 29
2a05:8f01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:f8:20:47:4f:a4:14:1a:be:c9:b6:6d:6d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcaf97b32fe5c656365309921153555e8e5c252a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:bf:cd:7a:50:b4:35:6c:d8:d3:0e:23:1f:
cd:c2:9e:df:3e:31:52:3f:e6:d1:e3:89:02:96:43:
1b:67:e9:ce:0e:99:96:28:f8:81:31:8f:84:90:3a:
6d:97:c8:4a:25:49:b9:58:02:7e:93:0a:75:f4:d7:
d7:b3:20:6e:f7:9b:22:8a:88:12:e1:7c:bf:c9:c1:
be:cd:89:95:53:a4:5a:f2:e2:f0:70:79:bf:98:cd:
31:e0:15:d4:a0:e9:9f:89:8f:da:6b:d0:ff:b0:b8:
dc:87:51:a8:9f:42:f3:0e:62:49:99:75:cc:a5:76:
f8:6a:c3:67:a7:ce:84:3a:a8:b7:2f:e3:49:34:f0:
21:fe:81:a7:98:99:f9:45:f9:f4:f7:4f:62:73:0d:
fa:56:04:f2:4d:78:af:19:32:0a:fe:ea:fb:54:03:
c7:b9:f5:f5:7c:99:98:3f:b6:56:f0:0e:38:4e:ce:
19:4a:19:78:bf:87:02:8d:82:59:b0:eb:21:60:62:
97:a4:e6:a3:79:b7:94:30:25:5d:83:e7:d2:8e:ba:
6e:fd:e1:c6:d6:8e:74:c3:c7:46:fb:63:9a:f5:0c:
3b:17:4f:61:e9:49:26:ad:16:e2:60:d0:0e:51:c6:
c0:d8:71:92:bd:ab:49:99:89:35:e9:d6:97:ee:40:
a6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AF:97:B3:2F:E5:C6:56:36:53:09:92:11:53:55:5E:8E:5C:25:2A
X509v3 Authority Key Identifier:
keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/vK-Xsy_lxlY2UwmSEVNVXo5cJSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.100.0/22
IPv6:
2a05:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
7a:87:51:cf:94:2a:1c:34:0b:52:67:72:fb:08:c1:15:b1:2b:
33:98:fd:05:1f:e5:01:22:bd:d2:6c:ab:91:ea:bb:3a:8c:6c:
0f:e0:36:8d:ac:0a:a0:fc:f2:b2:49:b6:16:f2:c1:aa:26:11:
40:25:d0:98:08:3c:a7:ec:c9:ea:ce:9f:fb:da:c4:46:a0:5c:
ca:18:77:29:47:a0:76:5a:01:d2:af:bc:a3:40:35:e6:46:ab:
71:b9:23:fe:62:d9:16:50:19:cc:c4:33:ee:64:c4:35:c1:ba:
c9:c1:38:84:b4:02:d5:85:49:98:5c:4a:17:02:cf:26:29:38:
6c:b9:44:8f:6d:0d:98:00:bc:f3:c6:fa:84:95:84:04:29:6c:
b4:e7:14:ca:22:f5:0c:14:ac:20:b5:b5:7b:4c:ef:7a:8f:e2:
97:74:5f:32:00:2e:9e:71:2e:00:45:fa:bb:93:60:46:99:c9:
48:e6:17:3d:86:7a:f5:f6:9a:f3:79:a6:df:82:2c:11:b9:71:
3a:25:3f:02:1e:a3:81:9a:80:b5:7f:1c:11:d4:9a:85:3f:d5:
85:b7:f9:82:a3:23:05:6a:05:69:08:b8:a5:2f:3e:9d:5f:1a:
7b:e1:cd:9e:1b:9f:7f:cb:72:0a:1c:d6:b5:a7:33:00:34:9f:
1e:ad:dd:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKjj4IEdPpBQavsm2bW3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FmOTdiMzJmZTVjNjU2MzY1MzA5OTIxMTUzNTU1ZThlNWMyNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh6/zXpQtDVs2NMOIx/Nwp7fPjFS
P+bR44kClkMbZ+nODpmWKPiBMY+EkDptl8hKJUm5WAJ+kwp19NfXsyBu95siiogS
4Xy/ycG+zYmVU6Ra8uLwcHm/mM0x4BXUoOmfiY/aa9D/sLjch1Gon0LzDmJJmXXM
pXb4asNnp86EOqi3L+NJNPAh/oGnmJn5Rfn0909icw36VgTyTXivGTIK/ur7VAPH
ufX1fJmYP7ZW8A44Ts4ZShl4v4cCjYJZsOshYGKXpOajebeUMCVdg+fSjrpu/eHG
1o50w8dG+2Oa9Qw7F09h6UkmrRbiYNAOUcbA2HGSvatJmYk16daX7kCmswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLyvl7Mv5cZWNlMJkhFTVV6OXCUqMB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvdkstWHN5X2x4bFkyVXdtU0VWTlZYbzVjSlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJkMA0E
AgACMAcDBQMqBY8AMA0GCSqGSIb3DQEBCwUAA4IBAQB6h1HPlCocNAtSZ3L7CMEV
sSszmP0FH+UBIr3SbKuR6rs6jGwP4DaNrAqg/PKySbYW8sGqJhFAJdCYCDyn7Mnq
zp/72sRGoFzKGHcpR6B2WgHSr7yjQDXmRqtxuSP+YtkWUBnMxDPuZMQ1wbrJwTiE
tALVhUmYXEoXAs8mKThsuUSPbQ2YALzzxvqElYQEKWy05xTKIvUMFKwgtbV7TO96
j+KXdF8yAC6ecS4ARfq7k2BGmclI5hc9hnr19przeabfgiwRuXE6JT8CHqOBmoC1
fxwR1JqFP9WFt/mCoyMFagVpCLilLz6dXxp74c2eG59/y3IKHNa1pzMANJ8erd2g
-----END CERTIFICATE-----
Generated at Sat Sep 28 15:55:15 2024 by rpki-client on console-fra.rpki-client.org