Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/vh2VO_L3Axuj8Dy1BD-GPw3YDIo.roa
File: vh2VO_L3Axuj8Dy1BD-GPw3YDIo.roa (raw, json)
Hash identifier: FBM14r3NY4pWxPsIOXDIXATy3c3paLrHscqF9JtLapo=
Subject key identifier: BE:1D:95:3B:F2:F7:03:1B:A3:F0:3C:B5:04:3F:86:3F:0D:D8:0C:8A
Certificate issuer: /CN=778a2f36602c76fa7297b4e59f58dda0d501ea0d
Certificate serial: 018CC2DB1B166A52770729A1CC1A4A0990C7
Authority key identifier: 77:8A:2F:36:60:2C:76:FA:72:97:B4:E5:9F:58:DD:A0:D5:01:EA:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d4ovNmAsdvpyl7Tln1jdoNUB6g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/vh2VO_L3Axuj8Dy1BD-GPw3YDIo.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38948
IP address blocks: 80.251.80.0/20 maxlen: 24
2a0b:8140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/d4ovNmAsdvpyl7Tln1jdoNUB6g0.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/d4ovNmAsdvpyl7Tln1jdoNUB6g0.mft
rsync://rpki.ripe.net/repository/DEFAULT/d4ovNmAsdvpyl7Tln1jdoNUB6g0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1b:16:6a:52:77:07:29:a1:cc:1a:4a:09:90:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=778a2f36602c76fa7297b4e59f58dda0d501ea0d
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1d953bf2f7031ba3f03cb5043f863f0dd80c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9c:b7:b0:18:d6:6c:15:10:44:29:21:0d:55:
cc:34:1f:4c:ef:c7:fa:c8:a8:94:b6:5c:68:4a:cd:
e9:2d:31:38:0a:c8:3b:b5:87:dd:0c:9b:7b:b9:a5:
f8:c6:0c:7b:ed:1a:4a:b0:37:c3:f3:a0:e5:49:a5:
e6:27:bd:79:15:df:01:fd:03:c3:79:f7:67:a3:90:
9e:10:a4:fc:e8:81:a8:d3:88:a9:c5:7b:1f:f3:f6:
e0:86:f3:8b:8b:6a:3b:b4:1d:bd:40:f1:56:c2:e6:
da:15:4f:51:e3:6c:13:05:e1:c4:48:cd:b4:d0:1f:
40:cf:37:82:3a:a6:56:f1:d1:df:06:33:4b:66:9c:
d0:24:12:12:c6:d4:ff:8c:6b:c0:0c:43:6d:62:1c:
6e:58:66:5e:ec:a3:5e:49:fe:c5:30:81:e8:8e:35:
60:38:1c:e0:e2:c0:4c:a0:cc:e4:cd:70:16:3c:02:
43:4b:e7:0c:fb:63:16:f0:8b:70:40:44:41:b7:5a:
59:d6:a5:3b:d2:a4:d2:eb:f9:ea:3d:11:fa:a4:08:
69:b0:4e:ac:cc:ed:ed:b5:5e:ff:b3:60:57:a6:77:
45:0e:a3:fe:0e:0c:a9:4a:e8:c8:c9:62:c4:bf:53:
f0:c0:3f:92:b1:5f:b7:d9:70:50:d8:e6:7b:b1:01:
6b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1D:95:3B:F2:F7:03:1B:A3:F0:3C:B5:04:3F:86:3F:0D:D8:0C:8A
X509v3 Authority Key Identifier:
keyid:77:8A:2F:36:60:2C:76:FA:72:97:B4:E5:9F:58:DD:A0:D5:01:EA:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4ovNmAsdvpyl7Tln1jdoNUB6g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/vh2VO_L3Axuj8Dy1BD-GPw3YDIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/d4ovNmAsdvpyl7Tln1jdoNUB6g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.80.0/20
IPv6:
2a0b:8140::/29
Signature Algorithm: sha256WithRSAEncryption
31:3e:c8:b3:15:52:4e:08:7d:0d:56:79:de:b2:4a:ee:56:9b:
d6:81:d1:77:48:0b:5b:8f:52:38:32:d7:79:a0:e4:37:50:5b:
a5:97:c2:ed:8e:ed:20:c8:6c:1a:1c:80:7f:ed:99:7a:a4:91:
d1:2d:7b:af:ce:a7:c4:58:2a:3d:c3:08:54:7c:9f:80:9f:3a:
cc:cc:fa:65:7a:99:b5:ca:db:05:54:6b:94:45:5c:be:07:ef:
27:ce:76:12:c6:8e:58:d4:4f:30:34:df:f8:92:28:05:21:b8:
ef:33:0a:30:a8:a3:00:e6:6c:41:a1:f6:d1:b2:0b:40:e0:b6:
1b:47:e2:8a:09:04:97:dc:c1:7a:90:7a:d4:d2:8f:fa:ad:53:
21:b8:c9:8e:93:f7:d3:fc:5a:97:6c:17:1b:38:f6:84:58:a3:
7e:98:ee:43:55:71:73:a4:6a:47:b6:d4:d4:19:72:07:28:fb:
6d:bf:54:9d:ff:18:f9:00:d9:59:94:31:44:eb:7b:42:3a:91:
ba:23:9f:37:e3:c7:18:24:a2:44:b4:0f:4b:bd:fb:f8:92:f6:
5f:9b:24:7d:a2:79:4c:5e:45:38:59:96:5a:0e:b7:74:3d:bb:
39:42:ff:dc:4f:da:bf:f5:94:12:91:a9:0d:b3:28:ef:c7:63:
40:ed:86:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2xsWalJ3BymhzBpKCZDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OGEyZjM2NjAyYzc2ZmE3Mjk3YjRlNTlmNThkZGEwZDUw
MWVhMGQwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFkOTUzYmYyZjcwMzFiYTNmMDNjYjUwNDNmODYzZjBkZDgwYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJy3sBjWbBUQRCkhDVXMNB9M78f6
yKiUtlxoSs3pLTE4Csg7tYfdDJt7uaX4xgx77RpKsDfD86DlSaXmJ715Fd8B/QPD
efdno5CeEKT86IGo04ipxXsf8/bghvOLi2o7tB29QPFWwubaFU9R42wTBeHESM20
0B9AzzeCOqZW8dHfBjNLZpzQJBISxtT/jGvADENtYhxuWGZe7KNeSf7FMIHojjVg
OBzg4sBMoMzkzXAWPAJDS+cM+2MW8ItwQERBt1pZ1qU70qTS6/nqPRH6pAhpsE6s
zO3ttV7/s2BXpndFDqP+DgypSujIyWLEv1PwwD+SsV+32XBQ2OZ7sQFrmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL4dlTvy9wMbo/A8tQQ/hj8N2AyKMB8GA1UdIwQY
MBaAFHeKLzZgLHb6cpe05Z9Y3aDVAeoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRvdk5tQXNkdnB5bDdUbG4xamRvTlVCNmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iZWRlOTAtOTM5Yi00OTJjLWIwYzgt
NzNiYmQwMmNiZDM3LzEvdmgyVk9fTDNBeHVqOER5MUJELUdQdzNZRElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iZWRlOTAtOTM5Yi00OTJjLWIwYzgtNzNiYmQwMmNiZDM3
LzEvZDRvdk5tQXNkdnB5bDdUbG4xamRvTlVCNmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPtQMA0E
AgACMAcDBQMqC4FAMA0GCSqGSIb3DQEBCwUAA4IBAQAxPsizFVJOCH0NVnneskru
VpvWgdF3SAtbj1I4Mtd5oOQ3UFull8Ltju0gyGwaHIB/7Zl6pJHRLXuvzqfEWCo9
wwhUfJ+AnzrMzPplepm1ytsFVGuURVy+B+8nznYSxo5Y1E8wNN/4kigFIbjvMwow
qKMA5mxBofbRsgtA4LYbR+KKCQSX3MF6kHrU0o/6rVMhuMmOk/fT/FqXbBcbOPaE
WKN+mO5DVXFzpGpHttTUGXIHKPttv1Sd/xj5ANlZlDFE63tCOpG6I58348cYJKJE
tA9Lvfv4kvZfmyR9onlMXkU4WZZaDrd0Pbs5Qv/cT9q/9ZQSkakNsyjvx2NA7Ya/
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:09 2024 by rpki-client on console-ams.rpki-client.org