Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/VS-l_XfB7EQvo8I3V6K6fXm-eIU.roa
File: VS-l_XfB7EQvo8I3V6K6fXm-eIU.roa (raw, json)
Hash identifier: kU2rVZ7mx12Ux/mRHTyd5gtKLL33qjysoKbAjkbVmT0=
Subject key identifier: 55:2F:A5:FD:77:C1:EC:44:2F:A3:C2:37:57:A2:BA:7D:79:BE:78:85
Certificate issuer: /CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Certificate serial: 018CCA2A75C8E88D798A8B5E46DAFADB6BF6
Authority key identifier: 38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/VS-l_XfB7EQvo8I3V6K6fXm-eIU.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54574
IP address blocks: 45.88.192.0/22 maxlen: 24
2a07:aec0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/OL1tjruCQE1XCTUbwjKaDuQ6mkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/OL1tjruCQE1XCTUbwjKaDuQ6mkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:75:c8:e8:8d:79:8a:8b:5e:46:da:fa:db:6b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=552fa5fd77c1ec442fa3c23757a2ba7d79be7885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:1d:2a:d2:16:a3:e3:92:7c:c9:5d:37:e9:
64:d0:e4:02:2a:b0:2d:fc:70:07:3d:c3:a8:39:2d:
f5:87:8e:2a:62:ab:04:df:14:02:7a:4c:f6:e2:06:
59:cb:ed:85:7e:d4:48:17:13:ac:e3:c0:87:fa:b0:
d9:49:66:9b:60:3b:a0:24:52:d3:dd:a5:39:7f:41:
4a:bd:6c:2d:8f:3a:33:27:ab:78:9b:ef:94:1e:ec:
c0:98:ce:81:a2:98:ae:52:ec:6a:50:45:ce:c3:dc:
37:67:54:31:51:e2:7d:c6:b7:3b:9f:96:e1:25:60:
85:08:2e:87:7c:a4:47:6c:8f:39:24:a5:49:a6:ba:
52:1c:ea:d8:c9:79:a9:45:a0:f7:15:ef:fa:15:27:
5e:29:00:74:d6:b9:73:9f:c1:b7:f5:1b:81:2b:25:
51:90:2e:d8:d5:2c:e4:02:a6:72:f0:7e:6d:1d:1d:
97:00:85:06:4a:37:8a:4b:4e:e6:08:98:c7:97:bd:
33:9d:d1:5b:56:b6:31:5a:29:24:09:bb:89:ed:c5:
25:15:49:1e:e7:a5:0f:b9:85:5a:3a:1c:7a:c7:a9:
a9:79:6d:a4:8b:a6:eb:fe:a3:2c:5c:4d:09:a9:cd:
71:ae:b0:88:68:f7:cd:eb:56:e6:ea:cd:d4:78:38:
aa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:2F:A5:FD:77:C1:EC:44:2F:A3:C2:37:57:A2:BA:7D:79:BE:78:85
X509v3 Authority Key Identifier:
keyid:38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/VS-l_XfB7EQvo8I3V6K6fXm-eIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/OL1tjruCQE1XCTUbwjKaDuQ6mkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.192.0/22
IPv6:
2a07:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:9a:fa:87:0d:f1:19:1d:40:18:e2:8c:94:07:ca:4c:2d:51:
62:18:65:bd:ff:db:71:c9:22:61:42:10:98:ff:d7:67:b7:f9:
9b:4a:1b:c6:3d:71:6c:cd:eb:ac:97:5e:a2:87:1d:42:cd:e3:
e0:34:bd:2e:a2:81:b3:43:0f:a2:c6:fd:f0:86:4b:6c:c8:91:
fa:bc:a1:ce:2c:8b:66:fb:28:e2:ae:1c:00:b2:73:c6:b5:62:
8a:be:7c:79:5e:c8:fb:52:cc:12:b3:51:f5:20:7a:49:28:8a:
8a:4b:54:95:ec:42:6b:e3:ef:ab:fd:3a:ba:b4:76:67:78:f8:
c6:bb:39:8b:50:a9:f8:a9:3b:71:6e:d5:67:bf:9c:41:46:82:
f4:d7:0a:8d:22:36:23:a6:95:d9:8b:ef:e5:0e:06:c7:15:c6:
f9:d7:92:ee:3a:1a:4b:3d:ea:73:ed:17:b4:64:48:2d:7a:09:
ee:dd:30:ce:c0:fe:17:3b:55:c5:cc:cd:f1:19:5c:ed:dc:66:
fb:ad:b7:d9:a7:a9:e2:96:4c:ce:fe:2e:c2:dd:69:01:94:ba:
ef:14:38:2c:74:c4:68:31:46:b7:38:2e:e7:10:eb:75:00:fd:
10:4a:02:db:7e:b7:59:7b:03:99:20:98:f7:3d:fa:e7:bb:51:
ed:a1:df:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKnXI6I15ioteRtr622v2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmQ2ZDhlYmI4MjQwNGQ1NzA5MzUxYmMyMzI5YTBlZTQz
YTlhNDMwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTJmYTVmZDc3YzFlYzQ0MmZhM2MyMzc1N2EyYmE3ZDc5YmU3ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjQdKtIWo+OSfMldN+lk0OQCKrAt
/HAHPcOoOS31h44qYqsE3xQCekz24gZZy+2FftRIFxOs48CH+rDZSWabYDugJFLT
3aU5f0FKvWwtjzozJ6t4m++UHuzAmM6BopiuUuxqUEXOw9w3Z1QxUeJ9xrc7n5bh
JWCFCC6HfKRHbI85JKVJprpSHOrYyXmpRaD3Fe/6FSdeKQB01rlzn8G39RuBKyVR
kC7Y1SzkAqZy8H5tHR2XAIUGSjeKS07mCJjHl70zndFbVrYxWikkCbuJ7cUlFUke
56UPuYVaOhx6x6mpeW2ki6br/qMsXE0Jqc1xrrCIaPfN61bm6s3UeDiqwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFUvpf13wexEL6PCN1eiun15vniFMB8GA1UdIwQY
MBaAFDi9bY67gkBNVwk1G8Iymg7kOppDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUt
OGM5NTM5ZjQ0NGM2LzEvVlMtbF9YZkI3RVF2bzhJM1Y2SzZmWG0tZUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUtOGM5NTM5ZjQ0NGM2
LzEvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVjAMA0E
AgACMAcDBQMqB67AMA0GCSqGSIb3DQEBCwUAA4IBAQAamvqHDfEZHUAY4oyUB8pM
LVFiGGW9/9txySJhQhCY/9dnt/mbShvGPXFszeusl16ihx1CzePgNL0uooGzQw+i
xv3whktsyJH6vKHOLItm+yjirhwAsnPGtWKKvnx5Xsj7UswSs1H1IHpJKIqKS1SV
7EJr4++r/Tq6tHZnePjGuzmLUKn4qTtxbtVnv5xBRoL01wqNIjYjppXZi+/lDgbH
Fcb515LuOhpLPepz7Re0ZEgtegnu3TDOwP4XO1XFzM3xGVzt3Gb7rbfZp6nilkzO
/i7C3WkBlLrvFDgsdMRoMUa3OC7nEOt1AP0QSgLbfrdZewOZIJj3Pfrnu1Htod8F
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:56 2024 by rpki-client on console-ams.rpki-client.org