Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/VYDRoS41NXe2mNYFes6BRRDWuv8.roa
File: VYDRoS41NXe2mNYFes6BRRDWuv8.roa (raw, json)
Hash identifier: +swi4WT4EM4DgM8qsYnFzjan4KHLiVD94bvw8oD3Z8M=
Subject key identifier: 55:80:D1:A1:2E:35:35:77:B6:98:D6:05:7A:CE:81:45:10:D6:BA:FF
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018CCA2BB50C76BB90E04A347415B53CE2C0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/VYDRoS41NXe2mNYFes6BRRDWuv8.roa
Signing time: Tue 02 Jan 2024 12:35:11 +0000
ROA not before: Tue 02 Jan 2024 12:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24723
IP address blocks: 206.252.228.0/23 maxlen: 23
206.252.230.0/24 maxlen: 24
206.252.236.0/22 maxlen: 22
206.252.252.0/22 maxlen: 22
206.252.253.0/24 maxlen: 24
195.238.184.0/22 maxlen: 22
77.79.255.0/24 maxlen: 24
85.232.240.0/24 maxlen: 24
85.232.243.0/24 maxlen: 24
46.229.158.0/24 maxlen: 24
46.229.158.0/23 maxlen: 23
46.229.159.0/24 maxlen: 24
77.79.198.0/24 maxlen: 24
2001:1a68:3::/48 maxlen: 48
2001:1a68:34::/48 maxlen: 48
2001:1a68:37::/48 maxlen: 48
2001:1a68:2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b5:0c:76:bb:90:e0:4a:34:74:15:b5:3c:e2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 12:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5580d1a12e353577b698d6057ace814510d6baff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ab:2e:20:86:18:7e:25:ef:f5:ef:ba:7e:ef:
c4:0c:b2:16:b0:34:fb:53:45:da:c9:47:90:f5:64:
ef:51:a1:62:75:c1:f5:09:38:d6:21:75:b8:a7:2b:
58:1a:33:82:8e:36:96:d9:1e:86:a8:00:dd:ae:5e:
55:ca:5c:8d:fe:31:0d:cf:10:ce:79:a7:2d:22:2a:
5d:9f:ca:15:6c:fa:a1:c0:0c:f9:34:dc:3b:a3:1c:
b4:10:41:2a:d8:f2:31:c4:11:6c:da:da:78:fb:33:
77:23:40:2a:3e:81:97:e6:64:67:18:be:5e:6c:d7:
c9:55:6a:c8:0f:81:c1:5f:ce:64:3b:2d:2a:d1:4d:
5c:b2:61:09:0b:4c:02:01:d2:dd:04:02:e2:41:41:
75:87:97:5b:ec:6a:3d:13:e4:96:ef:a0:b1:10:0e:
df:dc:7e:72:14:6b:d0:3f:4a:5f:70:b5:43:64:da:
dd:b3:45:37:e7:a8:47:72:57:ee:00:8d:de:08:57:
eb:c9:38:05:a0:46:3b:a5:c8:39:09:e0:d6:05:e4:
86:b8:83:00:b1:ad:7d:83:9a:96:ca:0a:de:a9:a3:
10:01:51:11:8b:ff:c3:ce:be:d2:56:da:60:df:f3:
8f:8a:58:f0:40:d3:c9:9f:ff:a5:ef:b6:36:09:e5:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:80:D1:A1:2E:35:35:77:B6:98:D6:05:7A:CE:81:45:10:D6:BA:FF
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/VYDRoS41NXe2mNYFes6BRRDWuv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.158.0/23
77.79.198.0/24
77.79.255.0/24
85.232.240.0/24
85.232.243.0/24
195.238.184.0/22
206.252.228.0-206.252.230.255
206.252.236.0/22
206.252.252.0/22
IPv6:
2001:1a68:3::/48
2001:1a68:2c::/48
2001:1a68:34::/48
2001:1a68:37::/48
Signature Algorithm: sha256WithRSAEncryption
95:bd:33:08:3d:ca:a6:09:e6:84:a9:f3:c8:6e:95:9f:bf:f7:
a5:d0:35:bb:f6:e6:c0:bc:89:37:a6:df:82:48:37:18:f5:26:
52:2a:11:09:0d:dd:1a:e8:c4:8e:c5:16:94:39:65:4e:eb:4f:
b7:17:9e:ef:2f:14:e3:a2:6e:50:44:f8:41:0c:5b:18:d6:46:
11:3d:21:d1:39:ca:2f:17:cc:02:c5:63:9a:d2:1f:75:52:20:
6e:18:ee:52:5b:3c:f8:b9:48:ea:3a:a4:71:8f:f2:b0:d6:a8:
c5:1a:2f:54:9f:1d:79:fd:d0:fb:67:ea:c4:6c:51:e8:87:f6:
dc:19:fe:1d:f8:96:5a:41:08:79:24:09:64:b4:56:ce:94:ee:
c0:66:b9:90:ce:b1:ce:97:c2:b0:81:2d:1f:39:d0:64:ad:f5:
3c:47:89:2b:c1:e4:95:d4:4e:a3:50:e5:9c:d4:da:a5:9a:f4:
09:80:01:0f:e6:31:8a:59:30:d9:57:c6:80:32:00:fa:52:9c:
56:11:93:51:a9:ba:9c:21:b1:d4:aa:30:fd:f3:eb:e8:14:b6:
13:fa:94:c1:b4:dd:18:46:de:cc:ce:51:71:b1:67:15:90:bb:
5b:44:f4:d0:24:3a:d7:9c:c6:24:2f:97:83:36:a5:cc:ae:46:
b2:4c:07:18
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzKK7UMdruQ4Eo0dBW1POLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgwZDFhMTJlMzUzNTc3YjY5OGQ2MDU3YWNlODE0NTEwZDZiYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6suIIYYfiXv9e+6fu/EDLIWsDT7
U0XayUeQ9WTvUaFidcH1CTjWIXW4pytYGjOCjjaW2R6GqADdrl5VylyN/jENzxDO
eactIipdn8oVbPqhwAz5NNw7oxy0EEEq2PIxxBFs2tp4+zN3I0AqPoGX5mRnGL5e
bNfJVWrID4HBX85kOy0q0U1csmEJC0wCAdLdBALiQUF1h5db7Go9E+SW76CxEA7f
3H5yFGvQP0pfcLVDZNrds0U356hHclfuAI3eCFfryTgFoEY7pcg5CeDWBeSGuIMA
sa19g5qWygreqaMQAVERi//Dzr7SVtpg3/OPiljwQNPJn/+l77Y2CeXgmQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFWA0aEuNTV3tpjWBXrOgUUQ1rr/MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvVllEUm9TNDFOWGUybU5ZRmVzNkJSUkRXdXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwRAQCAAEwPgMEAS7lngME
AE1PxgMEAE1P/wMEAFXo8AMEAFXo8wMEAsPuuDAMAwQCzvzkAwQAzvzmAwQCzvzs
AwQCzvz8MCoEAgACMCQDBwAgARpoAAMDBwAgARpoACwDBwAgARpoADQDBwAgARpo
ADcwDQYJKoZIhvcNAQELBQADggEBAJW9Mwg9yqYJ5oSp88hulZ+/96XQNbv25sC8
iTem34JINxj1JlIqEQkN3RroxI7FFpQ5ZU7rT7cXnu8vFOOiblBE+EEMWxjWRhE9
IdE5yi8XzALFY5rSH3VSIG4Y7lJbPPi5SOo6pHGP8rDWqMUaL1SfHXn90Ptn6sRs
UeiH9twZ/h34llpBCHkkCWS0Vs6U7sBmuZDOsc6XwrCBLR850GSt9TxHiSvB5JXU
TqNQ5ZzU2qWa9AmAAQ/mMYpZMNlXxoAyAPpSnFYRk1GpupwhsdSqMP3z6+gUthP6
lMG03RhG3szOUXGxZxWQu1tE9NAkOtecxiQvl4M2pcyuRrJMBxg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:28 2024 by rpki-client on console-fra.rpki-client.org