Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/vaFNSsjQ0is0kQ1uyjYXPYYqhMA.roa
File: vaFNSsjQ0is0kQ1uyjYXPYYqhMA.roa (raw, json)
Hash identifier: C3IoJoENxVBto/huwJjCntTeXNSqVgHlS633SBwSzrs=
Subject key identifier: BD:A1:4D:4A:C8:D0:D2:2B:34:91:0D:6E:CA:36:17:3D:86:2A:84:C0
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018F86625D8303EED20922A1F3DC9EF4A968
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/vaFNSsjQ0is0kQ1uyjYXPYYqhMA.roa
Signing time: Fri 17 May 2024 11:49:04 +0000
ROA not before: Fri 17 May 2024 11:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216018
IP address blocks: 185.23.74.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:62:5d:83:03:ee:d2:09:22:a1:f3:dc:9e:f4:a9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: May 17 11:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bda14d4ac8d0d22b34910d6eca36173d862a84c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:70:05:9c:7f:a5:59:7d:b6:76:9a:47:52:20:
5a:13:17:49:02:4b:9b:a6:40:f4:24:b1:9d:87:e3:
92:9d:8f:36:b4:99:49:e5:f5:cd:28:cd:ad:d2:33:
25:cc:ff:fe:05:eb:f1:5c:ef:68:e2:45:24:a7:24:
7c:fb:db:eb:71:7f:2b:a9:12:b1:db:65:64:47:ed:
50:ec:da:74:d5:4f:72:c2:61:c5:26:57:30:df:91:
1c:ee:6f:b2:09:ad:7b:3d:54:9e:3c:07:22:e4:b3:
f0:03:51:f5:1b:2c:6e:1f:ac:04:0d:49:39:ab:35:
31:41:e0:83:62:2b:59:0c:20:e3:7d:ef:49:44:35:
fb:5b:43:46:b1:f9:36:99:2d:0d:4e:3f:ab:d0:3a:
03:97:22:85:9a:26:64:51:c2:99:c4:d4:18:5a:ef:
b0:5e:5f:fb:8e:77:11:ef:57:0f:0a:aa:d3:07:f0:
b2:13:58:a4:ea:1b:e0:5c:5b:76:dc:57:6e:6f:8b:
35:12:36:ce:82:41:d2:43:26:07:78:47:f2:62:a3:
e5:b4:00:f5:05:93:99:ce:8b:53:f7:a9:f6:d7:4f:
27:7c:98:c4:2a:e7:bb:9d:52:63:16:8e:87:25:87:
2d:2d:d8:17:66:f4:23:f6:68:c9:49:14:0c:87:2d:
c3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A1:4D:4A:C8:D0:D2:2B:34:91:0D:6E:CA:36:17:3D:86:2A:84:C0
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/vaFNSsjQ0is0kQ1uyjYXPYYqhMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.74.0/24
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
13:56:89:c1:1f:61:7d:34:f1:f0:0b:a3:b8:5f:12:a4:ca:38:
c4:6e:58:02:69:90:93:d3:e6:22:5d:49:e6:52:66:3b:c9:7b:
2d:f5:7c:52:dd:ab:06:12:a8:dd:50:ff:7b:9e:d7:74:3f:b5:
81:13:ec:6a:52:af:34:02:d5:dd:54:86:55:65:ec:3b:42:37:
12:33:8b:75:f0:48:0d:7a:2c:5e:b9:68:ee:42:7a:dd:4a:ff:
e1:fe:ab:d9:1b:34:2e:46:2b:83:b7:f8:63:f0:41:4a:7e:aa:
9b:1e:f6:59:4b:41:1b:c1:e5:e4:36:9d:d0:42:01:b7:85:81:
a0:61:8c:6d:3a:f5:82:af:4e:37:2f:ae:ad:29:8f:c4:f6:a9:
71:6a:b8:b9:44:10:20:a3:0f:6f:99:6c:bb:5d:6f:ad:75:86:
a2:b0:e9:90:ba:fb:fa:60:96:a9:ce:e6:d1:20:40:bb:8c:d9:
89:bd:b5:7e:62:ca:d4:3b:3c:16:a7:f8:77:3b:b6:15:43:98:
00:9e:0f:31:c2:27:a5:a8:79:f5:e8:4b:43:5e:21:66:bc:28:
70:0e:31:20:11:a0:8e:dc:13:2c:cd:6a:15:27:4e:fb:d3:a8:
dd:ad:f9:78:2d:b7:a1:2a:87:09:ea:db:18:c8:16:9c:76:7f:
90:f0:70:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+GYl2DA+7SCSKh89ye9KloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjQwNTE3MTE0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGExNGQ0YWM4ZDBkMjJiMzQ5MTBkNmVjYTM2MTczZDg2MmE4NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43AFnH+lWX22dppHUiBaExdJAkub
pkD0JLGdh+OSnY82tJlJ5fXNKM2t0jMlzP/+BevxXO9o4kUkpyR8+9vrcX8rqRKx
22VkR+1Q7Np01U9ywmHFJlcw35Ec7m+yCa17PVSePAci5LPwA1H1GyxuH6wEDUk5
qzUxQeCDYitZDCDjfe9JRDX7W0NGsfk2mS0NTj+r0DoDlyKFmiZkUcKZxNQYWu+w
Xl/7jncR71cPCqrTB/CyE1ik6hvgXFt23Fdub4s1EjbOgkHSQyYHeEfyYqPltAD1
BZOZzotT96n2108nfJjEKue7nVJjFo6HJYctLdgXZvQj9mjJSRQMhy3DxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2hTUrI0NIrNJENbso2Fz2GKoTAMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvdmFGTlNzalEwaXMwa1ExdXlqWVhQWVlxaE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRdKAwQB
uXHcMA0GCSqGSIb3DQEBCwUAA4IBAQATVonBH2F9NPHwC6O4XxKkyjjEblgCaZCT
0+YiXUnmUmY7yXst9XxS3asGEqjdUP97ntd0P7WBE+xqUq80AtXdVIZVZew7QjcS
M4t18EgNeixeuWjuQnrdSv/h/qvZGzQuRiuDt/hj8EFKfqqbHvZZS0EbweXkNp3Q
QgG3hYGgYYxtOvWCr043L66tKY/E9qlxari5RBAgow9vmWy7XW+tdYaisOmQuvv6
YJapzubRIEC7jNmJvbV+YsrUOzwWp/h3O7YVQ5gAng8xwielqHn16EtDXiFmvChw
DjEgEaCO3BMszWoVJ07706jdrfl4LbehKocJ6tsYyBacdn+Q8HC8
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:09:08 2024 by rpki-client on console-ams.rpki-client.org