Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VDUyix2L61UrG2kulyW1VtuvRuM.roa
File: VDUyix2L61UrG2kulyW1VtuvRuM.roa (raw, json)
Hash identifier: n/ia57Rn6hnx54ZLYizQUme7GKeLxF8MEOnYqYRt2Gc=
Subject key identifier: 54:35:32:8B:1D:8B:EB:55:2B:1B:69:2E:97:25:B5:56:DB:AF:46:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E75651F74D1FB2D506808EC427BF8B04E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VDUyix2L61UrG2kulyW1VtuvRuM.roa
Signing time: Mon 25 Mar 2024 11:35:45 +0000
ROA not before: Mon 25 Mar 2024 11:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.133.75.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:65:1f:74:d1:fb:2d:50:68:08:ec:42:7b:f8:b0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 25 11:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5435328b1d8beb552b1b692e9725b556dbaf46e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:95:59:d7:d3:bf:f8:65:c3:9d:5c:fe:02:
50:cd:23:1d:1c:fe:13:d0:f3:45:96:d2:49:c7:71:
8d:59:4f:51:e2:a3:9f:4d:3b:ef:07:ba:1e:43:96:
50:42:53:39:40:89:a5:f2:90:c7:c0:21:4e:d7:f2:
c1:cf:93:0f:6d:e1:80:5d:0c:f2:02:76:aa:83:05:
77:67:fa:42:e0:9c:f9:f5:46:6e:28:0b:1a:56:5c:
0e:07:f0:bd:e9:90:2f:25:be:1e:c3:69:c4:62:9b:
3b:15:db:cd:7a:4f:e9:d4:39:6c:99:73:bb:fd:a0:
7c:2a:7c:ff:42:4b:5a:39:a9:23:1c:a5:54:f2:83:
0e:7c:34:66:2d:86:80:95:47:cd:98:95:ba:27:21:
71:4d:36:08:2c:7e:6b:2d:b5:47:3d:05:65:ad:26:
8d:7a:1a:89:92:da:ad:f4:ce:19:7d:c5:95:05:27:
57:d8:c9:2e:12:25:19:25:b8:4c:99:99:d7:d8:0e:
88:8c:31:9e:4c:95:a6:a8:7b:a5:21:2a:55:7c:89:
de:2a:1a:05:93:a6:db:7b:66:85:83:98:04:67:cf:
a8:ad:bd:a0:27:87:87:b6:37:4c:3a:ed:46:f1:4c:
51:b5:10:ec:e3:d1:5b:7e:9e:32:1a:75:b0:24:ec:
6b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:35:32:8B:1D:8B:EB:55:2B:1B:69:2E:97:25:B5:56:DB:AF:46:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VDUyix2L61UrG2kulyW1VtuvRuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
195.58.50.0/24
195.133.75.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6f:37:0c:a4:73:74:39:c3:4d:c9:39:91:71:85:5c:50:1d:
28:6d:85:b0:45:7b:28:57:76:92:44:78:c6:a0:97:35:71:79:
44:41:1c:83:91:25:b1:63:46:9f:8c:71:4f:ae:a9:41:01:07:
14:80:24:38:90:5a:cd:c7:51:01:95:8a:f1:9e:12:c3:99:8e:
da:ab:fe:d0:4c:af:30:3d:15:0f:ce:21:24:1e:3f:55:40:ef:
14:33:2e:7b:0b:b0:c9:9d:0c:e0:17:3e:af:02:d6:54:fd:d8:
62:72:b4:9e:07:3e:0b:bf:22:23:a7:76:0d:98:c0:41:ce:b9:
17:50:65:42:db:59:23:07:14:53:06:f4:1b:aa:fe:40:98:58:
d3:9e:6b:f7:ef:c4:6b:38:35:89:b3:c9:3f:f9:3f:52:23:fe:
84:ff:d1:5d:ab:b2:b6:95:9d:4b:8e:b3:a8:ae:8a:3d:aa:39:
02:30:b7:bb:95:e3:61:9f:97:5b:47:c2:ce:2d:6b:c1:7f:61:
02:2d:62:72:7d:94:16:64:59:e7:e7:8f:b9:ae:66:b6:75:96:
ef:cc:8c:41:30:e9:12:26:8c:8f:bb:7a:0a:a7:f7:63:07:2c:
86:ff:60:82:77:2f:b0:40:28:05:54:02:21:fd:ac:de:07:2c:
73:26:23:c1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY51ZR900fstUGgI7EJ7+LBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzI1MTEzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM1MzI4YjFkOGJlYjU1MmIxYjY5MmU5NzI1YjU1NmRiYWY0NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy6VWdfTv/hlw51c/gJQzSMdHP4T
0PNFltJJx3GNWU9R4qOfTTvvB7oeQ5ZQQlM5QIml8pDHwCFO1/LBz5MPbeGAXQzy
AnaqgwV3Z/pC4Jz59UZuKAsaVlwOB/C96ZAvJb4ew2nEYps7FdvNek/p1DlsmXO7
/aB8Knz/QktaOakjHKVU8oMOfDRmLYaAlUfNmJW6JyFxTTYILH5rLbVHPQVlrSaN
ehqJktqt9M4ZfcWVBSdX2MkuEiUZJbhMmZnX2A6IjDGeTJWmqHulISpVfIneKhoF
k6bbe2aFg5gEZ8+orb2gJ4eHtjdMOu1G8UxRtRDs49Fbfp4yGnWwJOxrYwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFQ1Mosdi+tVKxtpLpcltVbbr0bjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVkRVeWl4Mkw2MVVyRzJrdWx5VzFWdHV2UnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwhAwQA
wlcjAwQAwlc+AwQAwle/AwQAwlfbAwQAwlf8AwQAwzoyAwQAw4VLAwQA1MAJMA0G
CSqGSIb3DQEBCwUAA4IBAQALbzcMpHN0OcNNyTmRcYVcUB0obYWwRXsoV3aSRHjG
oJc1cXlEQRyDkSWxY0afjHFPrqlBAQcUgCQ4kFrNx1EBlYrxnhLDmY7aq/7QTK8w
PRUPziEkHj9VQO8UMy57C7DJnQzgFz6vAtZU/dhicrSeBz4LvyIjp3YNmMBBzrkX
UGVC21kjBxRTBvQbqv5AmFjTnmv378RrODWJs8k/+T9SI/6E/9Fdq7K2lZ1LjrOo
roo9qjkCMLe7leNhn5dbR8LOLWvBf2ECLWJyfZQWZFnn54+5rma2dZbvzIxBMOkS
JoyPu3oKp/djByyG/2CCdy+wQCgFVAIh/azeByxzJiPB
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:37 2024 by rpki-client on console-fra.rpki-client.org