Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vBmn7Q6zDIT24NBHlo9tmyOCsvQ.roa
File: vBmn7Q6zDIT24NBHlo9tmyOCsvQ.roa (raw, json)
Hash identifier: wRrNquEmp7KhGIwCFzUX3NF5vcXtMANimJDhqf1rP48=
Subject key identifier: BC:19:A7:ED:0E:B3:0C:84:F6:E0:D0:47:96:8F:6D:9B:23:82:B2:F4
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B9470328B7FE0DD53478965CA3AD97
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vBmn7Q6zDIT24NBHlo9tmyOCsvQ.roa
Signing time: Mon 01 Jan 2024 20:31:20 +0000
ROA not before: Mon 01 Jan 2024 20:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25467
IP address blocks: 92.243.65.0/24 maxlen: 24
46.183.185.0/24 maxlen: 24
46.183.184.0/24 maxlen: 24
2a03:f80:385::/48 maxlen: 48
2a03:f80:389::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:47:03:28:b7:fe:0d:d5:34:78:96:5c:a3:ad:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc19a7ed0eb30c84f6e0d047968f6d9b2382b2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d0:3e:ba:58:87:25:9c:1e:c4:e9:e8:58:e0:
61:89:b7:a3:89:98:92:86:25:7b:9f:a4:cd:86:0a:
95:df:bb:a8:12:ec:da:25:05:0a:2d:7f:29:b4:80:
2a:9f:bb:33:fe:33:5a:e8:59:5f:41:e5:83:96:84:
43:99:a4:a7:a5:41:54:af:f5:ba:0b:0b:65:08:58:
1d:56:1d:dd:c0:b7:d6:3f:88:c1:ea:fc:fc:00:49:
cd:e6:58:3b:ac:0b:8f:a8:19:e6:b0:d2:59:15:fc:
00:64:9d:4a:2b:d5:61:f9:0b:32:00:18:39:ee:53:
cb:b9:f4:f2:e6:0c:f6:f7:21:0c:54:2d:54:bb:96:
2d:49:ec:3e:7e:74:de:1c:7b:1d:ed:03:e0:0e:db:
7b:12:0c:49:9f:d5:d0:fa:f2:f5:34:3c:c7:0d:6f:
22:e3:9d:6b:fd:e2:0b:d8:68:6b:c5:21:b6:d5:f4:
b0:e8:a2:81:cf:62:cc:a5:12:69:86:87:05:bd:f7:
2b:16:3f:03:67:c4:fc:89:4d:59:40:f0:aa:24:b6:
b5:0f:15:d0:75:b9:7f:85:28:80:d2:d4:44:00:c4:
9e:8f:b6:04:ed:a9:fb:80:61:09:57:d8:64:d4:12:
49:43:de:a6:aa:22:c0:b8:76:f7:89:b0:f4:e1:c4:
3e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:19:A7:ED:0E:B3:0C:84:F6:E0:D0:47:96:8F:6D:9B:23:82:B2:F4
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vBmn7Q6zDIT24NBHlo9tmyOCsvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.184.0/23
92.243.65.0/24
IPv6:
2a03:f80:385::/48
2a03:f80:389::/48
Signature Algorithm: sha256WithRSAEncryption
88:f8:51:c8:90:80:1c:ba:cc:ce:d0:d1:41:e9:8d:6a:23:72:
97:a5:1d:7c:c3:0c:77:2b:54:44:b8:ee:9d:7c:3c:e5:8d:99:
fe:36:91:ce:ba:b1:e3:18:4b:53:e3:ac:0c:36:44:db:93:c9:
cd:bd:52:ae:66:31:ae:b1:99:e2:13:f6:42:7e:ea:8d:87:18:
a7:2d:cd:55:30:31:de:52:a4:16:5f:c2:07:65:ff:f1:ba:99:
7c:e8:a2:44:c0:cb:90:61:eb:7e:a2:37:d3:0c:f8:90:c7:0f:
10:f9:e0:53:e8:fe:5c:d6:e8:d6:3f:cd:86:1f:ee:ea:05:e3:
13:d4:7f:bd:3a:e5:27:e5:36:b7:81:d2:dc:23:17:32:4a:b9:
61:5e:a5:dd:d2:19:bd:2a:63:3f:cd:60:0d:65:fa:c3:7a:5e:
c5:cd:03:61:82:bc:95:a9:3d:c9:f6:33:d6:e7:77:eb:62:c6:
b8:1a:92:87:fe:0a:a7:a8:64:1a:17:0a:76:55:ce:b1:c6:0c:
bc:2f:2c:60:43:5f:cd:33:0a:2d:49:33:52:d6:b3:58:bb:80:
fe:c5:b9:0d:19:97:d2:b6:09:c1:84:2f:e0:9d:f0:03:33:6a:
e8:87:e1:19:72:5f:8e:b7:32:52:27:1c:4b:9b:c2:60:4e:6d:
29:04:56:7f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGuUcDKLf+DdU0eJZco62XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE5YTdlZDBlYjMwYzg0ZjZlMGQwNDc5NjhmNmQ5YjIzODJiMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9A+uliHJZwexOnoWOBhibejiZiS
hiV7n6TNhgqV37uoEuzaJQUKLX8ptIAqn7sz/jNa6FlfQeWDloRDmaSnpUFUr/W6
CwtlCFgdVh3dwLfWP4jB6vz8AEnN5lg7rAuPqBnmsNJZFfwAZJ1KK9Vh+QsyABg5
7lPLufTy5gz29yEMVC1Uu5YtSew+fnTeHHsd7QPgDtt7EgxJn9XQ+vL1NDzHDW8i
451r/eIL2GhrxSG21fSw6KKBz2LMpRJphocFvfcrFj8DZ8T8iU1ZQPCqJLa1DxXQ
dbl/hSiA0tREAMSej7YE7an7gGEJV9hk1BJJQ96mqiLAuHb3ibD04cQ+RwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLwZp+0OswyE9uDQR5aPbZsjgrL0MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdkJtbjdRNnpESVQyNE5CSGxvOXRteU9Dc3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBLre4AwQA
XPNBMBgEAgACMBIDBwAqAw+AA4UDBwAqAw+AA4kwDQYJKoZIhvcNAQELBQADggEB
AIj4UciQgBy6zM7Q0UHpjWojcpelHXzDDHcrVES47p18POWNmf42kc66seMYS1Pj
rAw2RNuTyc29Uq5mMa6xmeIT9kJ+6o2HGKctzVUwMd5SpBZfwgdl//G6mXzookTA
y5Bh636iN9MM+JDHDxD54FPo/lzW6NY/zYYf7uoF4xPUf7065SflNreB0twjFzJK
uWFepd3SGb0qYz/NYA1l+sN6XsXNA2GCvJWpPcn2M9bnd+tixrgakof+CqeoZBoX
CnZVzrHGDLwvLGBDX80zCi1JM1LWs1i7gP7FuQ0Zl9K2CcGEL+Cd8AMzauiH4Rly
X463MlInHEubwmBObSkEVn8=
-----END CERTIFICATE-----
Generated at Sat May 18 05:24:11 2024 by rpki-client on console-fra.rpki-client.org