Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/VupDgUfZredJU4iSjhgIED3HjTE.roa
File: VupDgUfZredJU4iSjhgIED3HjTE.roa (raw, json)
Hash identifier: mJ2qmJYRp5J3qM4j91E6qODcMmzA/NYkiaNNUOBQWzA=
Subject key identifier: 56:EA:43:81:47:D9:AD:E7:49:53:88:92:8E:18:08:10:3D:C7:8D:31
Certificate issuer: /CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Certificate serial: 01911522C042EB20128D3D9E2B5C266640F1
Authority key identifier: BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/VupDgUfZredJU4iSjhgIED3HjTE.roa
Signing time: Fri 02 Aug 2024 22:08:04 +0000
ROA not before: Fri 02 Aug 2024 22:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 46.173.64.0/22 maxlen: 22
46.173.68.0/22 maxlen: 22
46.173.72.0/22 maxlen: 22
46.173.76.0/22 maxlen: 22
46.173.80.0/22 maxlen: 22
46.173.84.0/22 maxlen: 22
46.173.88.0/22 maxlen: 22
46.173.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:15:22:c0:42:eb:20:12:8d:3d:9e:2b:5c:26:66:40:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Validity
Not Before: Aug 2 22:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56ea438147d9ade7495388928e1808103dc78d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:34:c4:e0:c4:57:92:6b:22:85:36:87:e3:a9:
d5:5a:2b:3b:81:8a:41:84:9f:21:f0:3d:48:d9:af:
26:0d:ed:8f:b6:e3:78:c7:64:83:07:0c:dc:4d:de:
78:84:2c:93:6e:34:b0:b0:78:38:79:5c:9c:e0:a0:
9a:05:f5:63:e4:42:48:1b:f2:98:d4:12:df:c3:8e:
72:77:48:d3:81:e5:ba:51:a6:b6:86:58:15:15:b2:
ff:52:fc:da:ba:38:c5:8e:64:7c:b7:6f:a3:1c:9f:
14:cb:73:cf:ac:d2:12:40:dd:7a:86:6d:3e:82:b7:
a7:44:cf:12:c5:e9:89:73:91:a1:37:1f:28:84:43:
3d:11:e5:f0:4b:fd:a1:37:8a:e8:be:ce:2d:4e:97:
0e:81:08:85:86:85:7f:ed:98:c9:91:09:4f:96:7c:
2e:65:1d:eb:8e:29:be:2e:54:ba:1a:6d:f2:93:ee:
ff:f6:9b:10:1b:9b:ca:ad:ac:ac:78:bf:b2:74:4c:
b3:c8:fa:fe:cc:18:1d:24:35:4e:6a:f3:0e:36:c3:
80:74:12:d3:5a:3e:cf:c7:98:ed:2f:4c:e1:26:26:
40:54:29:d8:e5:f8:92:34:94:c5:72:37:bf:33:87:
42:97:ed:8e:d9:a7:b7:12:35:d9:3d:9c:3d:55:9e:
da:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EA:43:81:47:D9:AD:E7:49:53:88:92:8E:18:08:10:3D:C7:8D:31
X509v3 Authority Key Identifier:
keyid:BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/VupDgUfZredJU4iSjhgIED3HjTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.64.0/19
Signature Algorithm: sha256WithRSAEncryption
69:f2:ff:53:9c:8e:8d:ab:27:02:81:30:00:45:90:96:2d:35:
c8:25:a0:11:de:c7:a4:84:aa:48:b6:b1:7e:6f:51:8c:ab:a6:
fb:b3:da:8f:26:7c:f2:8a:4f:89:67:81:e7:0e:e3:54:2e:d9:
c9:19:0e:a4:ea:68:c6:5e:23:b8:22:fb:93:18:c3:28:2e:55:
01:36:8f:e0:a6:f1:e5:4d:e4:e2:2d:32:87:53:78:85:26:a5:
49:c6:ea:e1:43:06:6c:1e:dd:ce:53:dc:23:b4:85:55:c7:e8:
d4:d4:4a:65:63:db:14:bd:0e:86:4c:32:04:e4:69:81:3a:d1:
90:ef:2e:c3:51:a7:41:ec:88:0a:9b:6e:a6:97:cd:54:a0:17:
79:4b:fb:84:ea:92:90:44:45:5c:98:a7:7e:4c:8c:a0:9c:d6:
13:d1:f5:04:0f:f0:7e:dc:2f:23:c2:c0:9a:b7:d5:ba:ab:a9:
21:1d:13:89:d3:74:27:7b:11:77:8b:be:a9:52:97:b0:f0:74:
3c:f8:e9:26:ac:ef:23:a8:22:71:15:e8:1b:27:72:b8:3d:28:
b8:11:ca:a2:fe:63:21:2f:43:11:2f:8e:26:51:03:44:ef:b0:
90:66:47:86:8c:e3:11:6a:21:e2:dd:fd:15:40:7e:4a:ba:f0:
3c:0b:07:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEVIsBC6yASjT2eK1wmZkDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYWM4ZjMzZGI0YTRhMDE3NWQ4ZjhlYTdjYTc0NzUwN2U3
ZTgxZTAwHhcNMjQwODAyMjIwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmVhNDM4MTQ3ZDlhZGU3NDk1Mzg4OTI4ZTE4MDgxMDNkYzc4ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujTE4MRXkmsihTaH46nVWis7gYpB
hJ8h8D1I2a8mDe2PtuN4x2SDBwzcTd54hCyTbjSwsHg4eVyc4KCaBfVj5EJIG/KY
1BLfw45yd0jTgeW6Uaa2hlgVFbL/UvzaujjFjmR8t2+jHJ8Uy3PPrNISQN16hm0+
grenRM8SxemJc5GhNx8ohEM9EeXwS/2hN4rovs4tTpcOgQiFhoV/7ZjJkQlPlnwu
ZR3rjim+LlS6Gm3yk+7/9psQG5vKrayseL+ydEyzyPr+zBgdJDVOavMONsOAdBLT
Wj7Px5jtL0zhJiZAVCnY5fiSNJTFcje/M4dCl+2O2ae3EjXZPZw9VZ7aOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFbqQ4FH2a3nSVOIko4YCBA9x40xMB8GA1UdIwQY
MBaAFL2sjzPbSkoBddj46nynR1B+foHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTIt
MjUwYmFmNzhlMzBlLzEvVnVwRGdVZlpyZWRKVTRpU2poZ0lFRDNIalRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTItMjUwYmFmNzhlMzBl
LzEvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLq1AMA0G
CSqGSIb3DQEBCwUAA4IBAQBp8v9TnI6NqycCgTAARZCWLTXIJaAR3sekhKpItrF+
b1GMq6b7s9qPJnzyik+JZ4HnDuNULtnJGQ6k6mjGXiO4IvuTGMMoLlUBNo/gpvHl
TeTiLTKHU3iFJqVJxurhQwZsHt3OU9wjtIVVx+jU1EplY9sUvQ6GTDIE5GmBOtGQ
7y7DUadB7IgKm26ml81UoBd5S/uE6pKQREVcmKd+TIygnNYT0fUED/B+3C8jwsCa
t9W6q6khHROJ03QnexF3i76pUpew8HQ8+OkmrO8jqCJxFegbJ3K4PSi4Ecqi/mMh
L0MRL44mUQNE77CQZkeGjOMRaiHi3f0VQH5KuvA8Cwfx
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:23 2024 by rpki-client on console-fra.rpki-client.org