Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/vSZZvgftuYb43rrGh-q4LjaDCuQ.roa
File: vSZZvgftuYb43rrGh-q4LjaDCuQ.roa (raw, json)
Hash identifier: rWGDYVpr0QqsdkjQne/LrNy/Qk+z0CuqVL6ZhDDaDdI=
Subject key identifier: BD:26:59:BE:07:ED:B9:86:F8:DE:BA:C6:87:EA:B8:2E:36:83:0A:E4
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 018CC3493A3FBFEAE1E73EF96BBE0C55583E
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/vSZZvgftuYb43rrGh-q4LjaDCuQ.roa
Signing time: Mon 01 Jan 2024 04:30:05 +0000
ROA not before: Mon 01 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200271
IP address blocks: 185.255.84.0/22 maxlen: 22
2a02:4ba::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3a:3f:bf:ea:e1:e7:3e:f9:6b:be:0c:55:58:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 1 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd2659be07edb986f8debac687eab82e36830ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:7e:1c:01:b3:00:d0:17:63:69:ce:d5:53:
db:fa:ef:5e:44:27:95:99:a7:20:75:3a:9f:ca:be:
b1:63:d8:b2:d5:cc:5a:58:b0:1b:7e:e7:ab:cf:81:
b3:c6:d9:e6:9f:51:b1:45:f1:d2:ef:e7:ae:75:5d:
43:71:bc:9f:f6:15:e3:58:99:83:e0:c0:07:22:d2:
a8:29:2c:78:3b:4e:2b:53:c8:7e:3a:e3:a7:9f:ee:
5a:06:f1:9d:e7:57:e8:91:b4:15:85:8e:2c:67:ca:
ae:86:f4:ad:88:38:d0:78:45:85:b8:99:22:bf:43:
41:19:0a:9e:35:96:b9:a1:48:96:77:d0:f6:10:c1:
81:ad:40:28:e5:7f:80:14:25:2b:41:24:6d:65:2a:
67:2f:c6:1d:0b:04:e4:21:c1:1c:3c:d1:7c:23:75:
3b:e4:36:82:09:8a:bf:96:8d:ec:51:e6:03:10:93:
18:92:a5:fb:53:44:72:9d:6d:91:69:3a:bf:c0:cc:
29:db:2f:3d:d0:d8:e2:3f:3f:bf:da:aa:f9:c4:e2:
30:0a:1a:75:5c:8c:c8:f4:75:e1:8b:d3:a4:34:c1:
82:cb:df:3d:5f:c0:1c:e7:9a:57:0e:77:4c:16:27:
9f:13:3e:e8:ea:82:49:36:3f:ba:1a:43:93:25:14:
2d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:26:59:BE:07:ED:B9:86:F8:DE:BA:C6:87:EA:B8:2E:36:83:0A:E4
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/vSZZvgftuYb43rrGh-q4LjaDCuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.84.0/22
IPv6:
2a02:4ba::/32
Signature Algorithm: sha256WithRSAEncryption
01:cd:bd:5b:e5:9b:48:36:7c:b7:c6:1f:dd:20:ef:6e:0a:02:
28:c5:5e:e3:f7:65:3c:c7:b1:fd:bd:8c:6c:50:26:e6:f5:8d:
67:82:49:71:af:f7:45:d2:84:10:8c:23:08:1e:cd:d5:37:16:
59:ec:30:cd:89:cb:9e:2b:2b:d9:85:c1:f8:dc:ba:de:3d:78:
97:5b:c6:6c:e7:6a:4a:3c:18:5d:03:eb:4e:46:69:63:c1:98:
fc:6d:19:0a:3a:c4:b7:51:03:ec:51:89:a3:41:02:da:bf:e8:
21:ae:14:d4:a0:5e:c0:ab:cd:35:b6:8d:e4:3b:49:61:d4:24:
d3:3e:59:dc:87:39:aa:d0:02:c6:0b:eb:f0:36:aa:35:29:be:
25:d6:62:b6:27:f1:3a:e4:d6:d0:ea:2e:b3:d9:d7:1b:3c:4d:
ab:49:16:86:25:cc:70:1c:f1:f7:9c:37:48:b2:1e:64:a0:f7:
07:e1:ea:82:b7:4b:a0:d5:81:59:1a:4e:bf:58:0b:49:83:e8:
4e:a1:a9:4a:89:52:d8:1b:71:56:cb:c1:14:8f:ff:3b:22:94:
aa:93:aa:be:2f:2d:aa:8f:05:56:01:bd:57:0f:2d:81:59:5c:
c2:3c:2e:ec:12:c1:8b:84:7f:41:9d:df:6b:57:9a:89:e4:2d:
6d:5f:6c:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSTo/v+rh5z75a74MVVg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI2NTliZTA3ZWRiOTg2ZjhkZWJhYzY4N2VhYjgyZTM2ODMwYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2h+HAGzANAXY2nO1VPb+u9eRCeV
macgdTqfyr6xY9iy1cxaWLAbfuerz4Gzxtnmn1GxRfHS7+eudV1Dcbyf9hXjWJmD
4MAHItKoKSx4O04rU8h+OuOnn+5aBvGd51fokbQVhY4sZ8quhvStiDjQeEWFuJki
v0NBGQqeNZa5oUiWd9D2EMGBrUAo5X+AFCUrQSRtZSpnL8YdCwTkIcEcPNF8I3U7
5DaCCYq/lo3sUeYDEJMYkqX7U0RynW2RaTq/wMwp2y890NjiPz+/2qr5xOIwChp1
XIzI9HXhi9OkNMGCy989X8Ac55pXDndMFiefEz7o6oJJNj+6GkOTJRQtWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL0mWb4H7bmG+N66xofquC42gwrkMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvdlNaWnZnZnR1WWI0M3JyR2gtcTRMamFEQ3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf9UMA0E
AgACMAcDBQAqAgS6MA0GCSqGSIb3DQEBCwUAA4IBAQABzb1b5ZtINny3xh/dIO9u
CgIoxV7j92U8x7H9vYxsUCbm9Y1ngklxr/dF0oQQjCMIHs3VNxZZ7DDNicueKyvZ
hcH43LrePXiXW8Zs52pKPBhdA+tORmljwZj8bRkKOsS3UQPsUYmjQQLav+ghrhTU
oF7Aq801to3kO0lh1CTTPlnchzmq0ALGC+vwNqo1Kb4l1mK2J/E65NbQ6i6z2dcb
PE2rSRaGJcxwHPH3nDdIsh5koPcH4eqCt0ug1YFZGk6/WAtJg+hOoalKiVLYG3FW
y8EUj/87IpSqk6q+Ly2qjwVWAb1XDy2BWVzCPC7sEsGLhH9Bnd9rV5qJ5C1tX2yB
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:58 2024 by rpki-client on console-ams.rpki-client.org