Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vYZvir0xVJVbWUQE6or9vY1fDpU.roa
File: vYZvir0xVJVbWUQE6or9vY1fDpU.roa (raw, json)
Hash identifier: aiLMJwfi6eXoigHR8k8hHdHI8ySq+tUDHAc7FkzUtf8=
Subject key identifier: BD:86:6F:8A:BD:31:54:95:5B:59:44:04:EA:8A:FD:BD:8D:5F:0E:95
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD5C471AEED0ECDE1372409253A6C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vYZvir0xVJVbWUQE6or9vY1fDpU.roa
Signing time: Tue 02 Jan 2024 06:29:24 +0000
ROA not before: Tue 02 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25206
IP address blocks: 87.120.112.0/24 maxlen: 24
87.120.115.0/24 maxlen: 24
87.120.112.0/21 maxlen: 21
87.120.112.0/20 maxlen: 20
87.120.116.0/24 maxlen: 24
87.120.113.0/24 maxlen: 24
87.120.117.0/24 maxlen: 24
87.120.114.0/24 maxlen: 24
87.120.118.0/24 maxlen: 24
87.120.119.0/24 maxlen: 24
87.120.123.0/24 maxlen: 24
87.120.120.0/21 maxlen: 21
87.120.120.0/24 maxlen: 24
87.120.124.0/24 maxlen: 24
87.120.121.0/24 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.122.0/24 maxlen: 24
87.120.127.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d5:c4:71:ae:ed:0e:cd:e1:37:24:09:25:3a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd866f8abd3154955b594404ea8afdbd8d5f0e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2a:20:8c:6f:b7:c9:55:c2:e2:83:5e:c4:79:
6d:9b:cf:a5:aa:61:06:fc:db:aa:d7:be:b6:52:56:
fd:da:1d:cb:86:33:84:73:33:82:f0:99:8d:64:40:
e0:ab:06:34:54:02:39:6f:a9:4b:9e:da:af:3c:d8:
11:36:e1:53:79:72:df:95:91:dc:29:e9:68:45:9c:
72:e0:25:c3:ab:d0:62:2c:a4:a6:a6:28:2a:9a:c5:
da:c8:d2:71:2c:cc:5b:da:13:b6:c1:2f:c5:54:5d:
b8:b4:f9:20:ce:68:38:0e:6f:7b:b7:fd:cb:ad:11:
b0:bb:09:6c:ce:95:81:af:ae:7b:b6:d8:23:82:41:
8e:63:90:65:33:4e:37:2a:7e:4d:15:c9:97:48:dc:
d6:b9:5c:24:2f:05:71:a2:7b:13:18:e6:08:09:c0:
ef:b8:3b:b5:09:94:c3:b1:0b:72:da:05:54:37:7a:
05:31:47:74:da:04:9d:eb:d7:f0:ea:c6:fa:91:4b:
72:29:e4:e9:4f:93:10:fe:2a:03:61:0d:21:9b:da:
6a:2b:19:63:5e:3b:4e:c6:c7:34:9f:9e:82:e3:33:
e5:be:66:fb:52:f0:5b:44:c2:f2:32:10:88:c3:c2:
a1:05:f5:df:3a:69:7b:58:a4:9a:04:a4:5e:9b:a2:
7b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:86:6F:8A:BD:31:54:95:5B:59:44:04:EA:8A:FD:BD:8D:5F:0E:95
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vYZvir0xVJVbWUQE6or9vY1fDpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.112.0/20
Signature Algorithm: sha256WithRSAEncryption
73:f5:e5:fb:07:86:d7:96:59:53:ed:34:5d:a5:0b:26:cb:73:
f9:77:37:22:77:58:43:10:c6:3b:91:80:51:e4:73:9e:9f:4c:
9a:54:0e:d0:95:c2:b5:82:66:da:fa:81:00:d1:59:a0:88:d3:
f2:dd:03:3a:f0:41:4a:4c:34:62:46:d0:53:86:8d:1a:c1:9b:
9f:2d:15:fc:36:26:50:84:03:23:f5:05:5d:9c:98:d1:68:f0:
e5:e6:9a:df:ad:a9:53:d7:df:82:c0:c6:41:64:89:6f:d1:89:
60:69:62:b2:54:5f:d1:ad:ea:2f:d7:bb:fe:f5:b1:dc:3f:31:
7c:5b:04:e8:b4:82:85:0d:18:d3:d1:e4:8b:de:a6:dc:aa:4b:
48:48:b5:1c:56:d1:97:dc:44:c4:53:de:f7:1c:12:8c:cd:38:
f6:07:fe:11:d4:49:c2:84:6f:8a:1d:3a:fc:f3:5c:ab:8d:8a:
81:4c:87:5c:93:31:2d:4e:51:0d:b1:f1:3d:c8:c2:83:fe:16:
f6:90:b3:b8:ee:0b:f1:82:cf:3d:41:a7:2a:46:75:99:81:1e:
2c:3b:9d:18:fc:a7:88:6d:d5:df:fa:90:81:ba:96:72:a5:cf:
87:52:d4:34:81:b0:eb:2f:ab:91:79:c4:d2:b1:69:c3:44:25:
6a:40:3e:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3NXEca7tDs3hNyQJJTpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg2NmY4YWJkMzE1NDk1NWI1OTQ0MDRlYThhZmRiZDhkNWYwZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiogjG+3yVXC4oNexHltm8+lqmEG
/Nuq1762Ulb92h3LhjOEczOC8JmNZEDgqwY0VAI5b6lLntqvPNgRNuFTeXLflZHc
KeloRZxy4CXDq9BiLKSmpigqmsXayNJxLMxb2hO2wS/FVF24tPkgzmg4Dm97t/3L
rRGwuwlszpWBr657ttgjgkGOY5BlM043Kn5NFcmXSNzWuVwkLwVxonsTGOYICcDv
uDu1CZTDsQty2gVUN3oFMUd02gSd69fw6sb6kUtyKeTpT5MQ/ioDYQ0hm9pqKxlj
XjtOxsc0n56C4zPlvmb7UvBbRMLyMhCIw8KhBfXfOml7WKSaBKRem6J7awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2Gb4q9MVSVW1lEBOqK/b2NXw6VMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdlladmlyMHhWSlZiV1VRRTZvcjl2WTFmRHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEV3hwMA0G
CSqGSIb3DQEBCwUAA4IBAQBz9eX7B4bXlllT7TRdpQsmy3P5dzcid1hDEMY7kYBR
5HOen0yaVA7QlcK1gmba+oEA0VmgiNPy3QM68EFKTDRiRtBTho0awZufLRX8NiZQ
hAMj9QVdnJjRaPDl5prfralT19+CwMZBZIlv0YlgaWKyVF/Rreov17v+9bHcPzF8
WwTotIKFDRjT0eSL3qbcqktISLUcVtGX3ETEU973HBKMzTj2B/4R1EnChG+KHTr8
81yrjYqBTIdckzEtTlENsfE9yMKD/hb2kLO47gvxgs89QacqRnWZgR4sO50Y/KeI
bdXf+pCBupZypc+HUtQ0gbDrL6uRecTSsWnDRCVqQD7+
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:07 2024 by rpki-client on console-ams.rpki-client.org