Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/vAa_VRiVGLdcUvr-8ncA4W5XxZc.roa
File: vAa_VRiVGLdcUvr-8ncA4W5XxZc.roa (raw, json)
Hash identifier: 8yrEmwAsn/Kd8wXsjLgOGTE0IbEXZRtODo+HitbCYNQ=
Subject key identifier: BC:06:BF:55:18:95:18:B7:5C:52:FA:FE:F2:77:00:E1:6E:57:C5:97
Certificate issuer: /CN=b8b6b49be4d60a072a4ba6ca9793f893b59e4c9e
Certificate serial: 018CCA29E736C9E52CD84CBE5744695DF294
Authority key identifier: B8:B6:B4:9B:E4:D6:0A:07:2A:4B:A6:CA:97:93:F8:93:B5:9E:4C:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/vAa_VRiVGLdcUvr-8ncA4W5XxZc.roa
Signing time: Tue 02 Jan 2024 12:33:12 +0000
ROA not before: Tue 02 Jan 2024 12:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44454
IP address blocks: 178.216.88.0/21 maxlen: 32
85.202.144.0/20 maxlen: 32
185.46.104.0/22 maxlen: 32
2a01:8160::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e7:36:c9:e5:2c:d8:4c:be:57:44:69:5d:f2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8b6b49be4d60a072a4ba6ca9793f893b59e4c9e
Validity
Not Before: Jan 2 12:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc06bf55189518b75c52fafef27700e16e57c597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6b:50:3d:e4:5c:68:0a:b4:04:17:60:16:ec:
2c:90:d9:2d:2e:f8:b9:61:5b:21:7e:a7:52:31:11:
ab:8e:4a:89:e8:39:80:e3:f1:f9:e9:6b:69:97:ca:
16:e9:11:fc:04:8b:88:e1:bf:b7:49:19:84:71:c0:
bc:1e:29:80:ee:fa:0f:2e:5f:8a:dd:dd:dd:c9:f6:
f0:4d:5f:89:df:df:a4:96:9a:c9:53:eb:70:36:85:
55:84:2e:fd:a6:46:0b:78:53:fd:5c:d9:f8:56:fe:
4c:f7:62:de:42:a4:19:7b:c7:4b:94:42:dd:8e:c0:
93:e8:bf:dd:c9:10:09:ee:91:7a:b3:a7:f7:03:f6:
e9:a8:13:52:2e:80:77:ac:84:9b:62:81:36:54:7b:
49:8e:ed:da:d9:fc:dc:7b:ff:b2:c3:51:c3:51:d3:
d4:26:55:e9:c7:a3:06:ea:4d:38:7b:45:dc:e7:af:
c1:ca:8e:9a:51:7b:16:04:a1:20:5e:15:d1:fe:c2:
87:ee:43:39:24:6b:68:ec:87:df:02:77:c6:56:0c:
64:76:14:5d:a2:2a:ef:38:40:03:e1:52:d2:11:6c:
a5:0b:8d:9f:a0:50:95:39:dd:a9:88:53:e4:78:05:
c2:71:d1:1f:c8:0b:c9:25:ff:a0:d0:e4:92:3f:65:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:06:BF:55:18:95:18:B7:5C:52:FA:FE:F2:77:00:E1:6E:57:C5:97
X509v3 Authority Key Identifier:
keyid:B8:B6:B4:9B:E4:D6:0A:07:2A:4B:A6:CA:97:93:F8:93:B5:9E:4C:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/vAa_VRiVGLdcUvr-8ncA4W5XxZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7fd500-00b8-454e-8733-99b4d4ace693/1/uLa0m-TWCgcqS6bKl5P4k7WeTJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.144.0/20
178.216.88.0/21
185.46.104.0/22
IPv6:
2a01:8160::/32
Signature Algorithm: sha256WithRSAEncryption
3b:21:5f:8f:96:0f:7f:2f:a5:c6:65:bc:10:cf:58:7e:55:22:
4f:9e:91:7b:59:7e:96:2b:e7:20:c8:b0:26:f9:b2:40:61:74:
db:72:4b:23:bf:b9:a9:ff:5f:c9:a8:78:3b:80:e6:4f:d2:78:
5a:9d:aa:88:c2:05:b9:82:ef:5a:91:c5:8a:0f:26:b7:0d:cd:
8b:7a:30:da:c0:84:cb:06:dc:67:fc:0d:3d:83:03:ec:47:16:
c6:f1:a4:dd:46:2c:16:08:89:dd:00:bd:39:c0:41:d7:bf:be:
ff:62:f9:fa:35:6d:ab:36:c6:fc:e2:c6:cf:d1:56:70:81:52:
e6:83:c4:0c:d6:0e:95:cb:6b:8c:3d:0d:13:e6:4a:cb:5b:7f:
09:e9:51:4b:71:30:72:48:62:b9:15:47:96:ab:d6:47:86:c0:
99:b7:aa:8c:7c:6e:27:d9:8f:d8:f3:4a:f4:69:6e:24:87:4a:
bd:14:d1:a4:e9:53:79:30:36:1b:41:a4:35:e6:64:7f:87:10:
d1:91:33:07:61:f6:2c:2c:9f:24:a8:29:f8:69:64:76:cf:da:
0b:6a:cb:a4:3c:45:53:a7:c9:5d:79:d0:f9:4b:0a:39:71:89:
b0:a9:6e:86:e3:92:a2:9d:4a:ad:63:49:d3:d5:7b:92:14:a6:
82:50:50:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKec2yeUs2Ey+V0RpXfKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YjZiNDliZTRkNjBhMDcyYTRiYTZjYTk3OTNmODkzYjU5
ZTRjOWUwHhcNMjQwMTAyMTIzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA2YmY1NTE4OTUxOGI3NWM1MmZhZmVmMjc3MDBlMTZlNTdjNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2tQPeRcaAq0BBdgFuwskNktLvi5
YVshfqdSMRGrjkqJ6DmA4/H56Wtpl8oW6RH8BIuI4b+3SRmEccC8HimA7voPLl+K
3d3dyfbwTV+J39+klprJU+twNoVVhC79pkYLeFP9XNn4Vv5M92LeQqQZe8dLlELd
jsCT6L/dyRAJ7pF6s6f3A/bpqBNSLoB3rISbYoE2VHtJju3a2fzce/+yw1HDUdPU
JlXpx6MG6k04e0Xc56/Byo6aUXsWBKEgXhXR/sKH7kM5JGto7IffAnfGVgxkdhRd
oirvOEAD4VLSEWylC42foFCVOd2piFPkeAXCcdEfyAvJJf+g0OSSP2WDUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLwGv1UYlRi3XFL6/vJ3AOFuV8WXMB8GA1UdIwQY
MBaAFLi2tJvk1goHKkumypeT+JO1nkyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUxhMG0tVFdDZ2NxUzZiS2w1UDRrN1dlVEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83ZmQ1MDAtMDBiOC00NTRlLTg3MzMt
OTliNGQ0YWNlNjkzLzEvdkFhX1ZSaVZHTGRjVXZyLThuY0E0VzVYeFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83ZmQ1MDAtMDBiOC00NTRlLTg3MzMtOTliNGQ0YWNlNjkz
LzEvdUxhMG0tVFdDZ2NxUzZiS2w1UDRrN1dlVEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEVcqQAwQD
sthYAwQCuS5oMA0EAgACMAcDBQAqAYFgMA0GCSqGSIb3DQEBCwUAA4IBAQA7IV+P
lg9/L6XGZbwQz1h+VSJPnpF7WX6WK+cgyLAm+bJAYXTbcksjv7mp/1/JqHg7gOZP
0nhanaqIwgW5gu9akcWKDya3Dc2LejDawITLBtxn/A09gwPsRxbG8aTdRiwWCInd
AL05wEHXv77/Yvn6NW2rNsb84sbP0VZwgVLmg8QM1g6Vy2uMPQ0T5krLW38J6VFL
cTBySGK5FUeWq9ZHhsCZt6qMfG4n2Y/Y80r0aW4kh0q9FNGk6VN5MDYbQaQ15mR/
hxDRkTMHYfYsLJ8kqCn4aWR2z9oLasukPEVTp8ldedD5Swo5cYmwqW6G45KinUqt
Y0nT1XuSFKaCUFAp
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:53:39 2024 by rpki-client on console-fra.rpki-client.org