Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVZNzwWRy2fcyrKXofXL0693c_E.roa
File: vVZNzwWRy2fcyrKXofXL0693c_E.roa (raw, json)
Hash identifier: V2m/o2cHqAA+D2UbTaG0OMFz9eQiMRqyrll0IiaKN7o=
Subject key identifier: BD:56:4D:CF:05:91:CB:67:DC:CA:B2:97:A1:F5:CB:D3:AF:77:73:F1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE1D5CED4A22BC6AE0E3876A60100
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVZNzwWRy2fcyrKXofXL0693c_E.roa
Signing time: Tue 02 Jan 2024 06:29:28 +0000
ROA not before: Tue 02 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44017
IP address blocks: 91.92.233.0/24 maxlen: 24
91.92.234.0/24 maxlen: 24
91.92.235.0/24 maxlen: 24
87.120.91.0/24 maxlen: 24
94.156.147.0/24 maxlen: 24
94.156.146.0/24 maxlen: 24
2a00:1728:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e1:d5:ce:d4:a2:2b:c6:ae:0e:38:76:a6:01:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd564dcf0591cb67dccab297a1f5cbd3af7773f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:52:34:ff:6d:0f:c3:a0:62:2a:f2:42:5a:bb:
9d:bb:42:f5:64:b5:39:a9:ec:ef:fc:75:26:70:6f:
3c:8b:b0:fc:bb:48:25:d2:54:d8:40:9e:fd:b4:af:
15:29:2a:62:6b:7d:e6:42:72:3f:68:aa:f6:58:33:
1c:a5:57:71:e7:7f:64:de:89:1d:2a:60:a8:04:22:
fc:49:7b:2b:c9:60:f0:46:4e:db:b1:23:bc:aa:28:
83:f0:a5:48:9f:41:57:2e:e2:c2:10:a5:b0:ad:a6:
3c:87:cb:1c:d2:51:89:db:77:a1:15:bd:4d:f7:e1:
99:38:45:57:7b:22:0e:0b:a9:5d:7d:77:24:31:63:
6a:84:f7:ad:a9:60:cb:d7:9b:43:ab:b2:f3:63:8b:
dc:f1:35:b7:e1:06:95:92:4e:29:46:d2:29:01:fb:
91:3e:2a:2c:10:cb:f4:29:5e:47:85:0c:c9:0b:aa:
c0:8a:f2:dc:70:42:18:f2:dd:56:66:a1:ed:42:a4:
33:35:1b:5a:0e:2a:39:f5:2f:00:fb:52:a0:c3:1f:
7f:9b:e3:86:93:96:dc:33:4d:35:e8:54:ea:3b:09:
73:72:c4:d7:22:0d:3f:11:ca:2a:1a:22:ab:bf:46:
da:5e:d1:40:d3:8a:3b:81:28:de:3a:59:7b:e4:8b:
b7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:56:4D:CF:05:91:CB:67:DC:CA:B2:97:A1:F5:CB:D3:AF:77:73:F1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVZNzwWRy2fcyrKXofXL0693c_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.91.0/24
91.92.233.0-91.92.235.255
94.156.146.0/23
IPv6:
2a00:1728:1c::/48
Signature Algorithm: sha256WithRSAEncryption
3d:2e:d9:68:4c:48:8d:fa:b9:f7:08:ef:52:33:c4:99:b2:85:
06:f1:07:39:17:f2:86:bc:fa:ba:3c:b0:cf:4d:70:bf:1d:37:
a8:fd:c7:fb:e2:87:bb:01:cf:5e:53:b4:b4:9e:83:d8:5c:85:
cc:88:ba:c5:b5:5b:6c:ce:18:e4:11:82:16:24:66:88:d8:a1:
4e:13:ca:64:fd:6d:1a:80:85:b9:8f:76:1f:ee:88:9f:1d:5b:
4f:47:9c:7e:3f:aa:50:fe:d9:d0:26:d0:12:9a:21:17:c6:20:
14:8d:a2:b2:d5:45:b8:1a:f5:7b:7a:c3:ef:35:2f:71:5c:46:
16:c2:97:6a:cc:37:d5:bd:d5:16:e6:12:f2:46:be:15:79:cd:
4d:01:99:ce:a7:34:81:35:24:8a:3b:69:3e:7f:7f:01:1e:a0:
58:d9:75:7c:0e:45:f0:e6:36:22:e6:9a:dc:c8:65:0a:5d:0b:
f4:77:88:26:88:40:56:49:2d:9b:88:11:86:f0:2c:1c:3d:70:
56:40:61:64:81:e5:79:40:3f:9b:ae:f6:91:7c:e8:71:c9:b0:
86:70:10:a2:79:cc:29:2e:01:4a:47:9a:2f:e0:c1:fb:a4:0b:
ef:b2:f9:88:51:47:f9:9f:aa:03:ee:01:82:ad:4c:08:31:c9:
3a:13:3c:69
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzI3OHVztSiK8auDjh2pgEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDU2NGRjZjA1OTFjYjY3ZGNjYWIyOTdhMWY1Y2JkM2FmNzc3M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVI0/20Pw6BiKvJCWrudu0L1ZLU5
qezv/HUmcG88i7D8u0gl0lTYQJ79tK8VKSpia33mQnI/aKr2WDMcpVdx539k3okd
KmCoBCL8SXsryWDwRk7bsSO8qiiD8KVIn0FXLuLCEKWwraY8h8sc0lGJ23ehFb1N
9+GZOEVXeyIOC6ldfXckMWNqhPetqWDL15tDq7LzY4vc8TW34QaVkk4pRtIpAfuR
PiosEMv0KV5HhQzJC6rAivLccEIY8t1WZqHtQqQzNRtaDio59S8A+1Kgwx9/m+OG
k5bcM0016FTqOwlzcsTXIg0/EcoqGiKrv0baXtFA04o7gSjeOll75Iu3TQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFL1WTc8Fkctn3Mqyl6H1y9Ovd3PxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdlZaTnp3V1J5MmZjeXJLWG9mWEwwNjkzY19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAV3hbMAwD
BABbXOkDBAJbXOgDBAFenJIwDwQCAAIwCQMHACoAFygAHDANBgkqhkiG9w0BAQsF
AAOCAQEAPS7ZaExIjfq59wjvUjPEmbKFBvEHORfyhrz6ujywz01wvx03qP3H++KH
uwHPXlO0tJ6D2FyFzIi6xbVbbM4Y5BGCFiRmiNihThPKZP1tGoCFuY92H+6Inx1b
T0ecfj+qUP7Z0CbQEpohF8YgFI2istVFuBr1e3rD7zUvcVxGFsKXasw31b3VFuYS
8ka+FXnNTQGZzqc0gTUkijtpPn9/AR6gWNl1fA5F8OY2Iuaa3MhlCl0L9HeIJohA
Vkktm4gRhvAsHD1wVkBhZIHleUA/m672kXzoccmwhnAQonnMKS4BSkeaL+DB+6QL
77L5iFFH+Z+qA+4Bgq1MCDHJOhM8aQ==
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:46 2024 by rpki-client on console-ams.rpki-client.org