Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/VTSH3NpAwL7mZSRgQv9RWi8M4jE.roa
File: VTSH3NpAwL7mZSRgQv9RWi8M4jE.roa (raw, json)
Hash identifier: 1F49cMyO9C96UXtidG2uYgEQAObaZBt0dTU9tCV2U7g=
Subject key identifier: 55:34:87:DC:DA:40:C0:BE:E6:65:24:60:42:FF:51:5A:2F:0C:E2:31
Certificate issuer: /CN=997a6477dd970c94b2a17b52502982d4fc75b244
Certificate serial: 01906E071DBC917D20BF2393F56DD1966849
Authority key identifier: 99:7A:64:77:DD:97:0C:94:B2:A1:7B:52:50:29:82:D4:FC:75:B2:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXpkd92XDJSyoXtSUCmC1Px1skQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/VTSH3NpAwL7mZSRgQv9RWi8M4jE.roa
Signing time: Mon 01 Jul 2024 11:21:18 +0000
ROA not before: Mon 01 Jul 2024 11:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215444
IP address blocks: 193.242.185.0/24 maxlen: 24
2001:67c:ee0::/48 maxlen: 48
2001:67c:ee4::/48 maxlen: 48
2001:67c:ee8::/48 maxlen: 48
2001:67c:2c30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/mXpkd92XDJSyoXtSUCmC1Px1skQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/mXpkd92XDJSyoXtSUCmC1Px1skQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/mXpkd92XDJSyoXtSUCmC1Px1skQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:07:1d:bc:91:7d:20:bf:23:93:f5:6d:d1:96:68:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=997a6477dd970c94b2a17b52502982d4fc75b244
Validity
Not Before: Jul 1 11:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=553487dcda40c0bee665246042ff515a2f0ce231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bb:dd:6b:a3:7d:a9:23:1f:ed:54:e9:1a:87:
34:6b:07:3a:6b:9b:ad:3f:3e:27:df:e6:8f:89:88:
c4:42:66:f6:e2:45:1a:1d:66:dc:9c:2a:e4:ef:fb:
f7:00:0b:2d:85:8b:04:e2:99:d9:98:84:1b:99:30:
df:c2:5f:be:da:ee:80:72:a7:db:31:c5:72:a7:de:
ed:71:4d:db:bd:7b:3d:9c:c0:41:38:8f:82:31:08:
85:ff:d1:91:4b:eb:39:c2:78:9c:5e:83:a9:cd:90:
e5:7a:73:d7:81:da:c7:e4:d5:13:83:ef:5e:70:06:
81:71:27:61:27:8f:39:bc:e0:4a:e3:7f:0f:66:ae:
65:ea:12:d6:67:b5:64:22:b4:df:1c:83:83:fc:09:
da:20:91:12:d6:7b:bc:34:68:01:84:67:4b:32:bd:
64:ee:32:8f:29:e6:57:04:a1:09:4f:bd:b9:d8:cd:
ca:10:a5:de:c7:da:c5:c2:82:85:59:4c:77:0c:db:
3e:d9:42:ae:f1:8a:43:30:d6:ee:15:4a:2c:11:d8:
fe:05:f3:ae:91:f9:07:23:61:3d:c2:46:7d:00:56:
6f:1f:7f:10:c6:ca:b2:60:08:03:9f:3e:e4:27:8d:
89:91:3b:48:84:7f:ea:ed:2d:06:32:57:2d:01:a9:
e4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:34:87:DC:DA:40:C0:BE:E6:65:24:60:42:FF:51:5A:2F:0C:E2:31
X509v3 Authority Key Identifier:
keyid:99:7A:64:77:DD:97:0C:94:B2:A1:7B:52:50:29:82:D4:FC:75:B2:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXpkd92XDJSyoXtSUCmC1Px1skQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/VTSH3NpAwL7mZSRgQv9RWi8M4jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/481466-0e38-4e3b-9bf3-285745647f5f/1/mXpkd92XDJSyoXtSUCmC1Px1skQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.185.0/24
IPv6:
2001:67c:ee0::/48
2001:67c:ee4::/48
2001:67c:ee8::/48
2001:67c:2c30::/48
Signature Algorithm: sha256WithRSAEncryption
91:51:16:54:2b:21:c6:06:ad:0e:da:f9:1f:e7:7a:7c:0f:74:
5f:47:85:f1:7c:3a:2d:19:a7:fe:7d:2c:8c:d3:1c:57:3d:34:
45:d6:e0:5c:1d:24:4f:60:91:2e:cb:66:2f:02:45:a0:45:8e:
ae:15:2e:1d:f5:80:74:0a:d1:e0:91:69:eb:48:33:8e:38:53:
92:f5:c7:73:25:cc:92:e5:87:e7:4f:eb:58:00:2b:ba:f0:cc:
c7:4e:9a:30:49:2d:66:58:5c:a5:92:77:31:65:68:2c:a1:8b:
95:ff:83:a3:89:f8:08:66:08:fd:a3:70:99:9b:bb:18:91:84:
cf:24:ba:61:ce:c0:82:2a:1e:a9:13:07:3a:f5:16:63:ae:11:
f3:ca:e8:c6:71:4a:be:c6:69:03:4b:a2:79:69:c3:7c:54:01:
60:4f:d1:a6:04:51:85:f1:72:83:7a:66:f4:15:ef:38:95:1c:
ad:77:e6:5b:99:0b:6c:a8:af:15:11:3f:b0:18:ce:26:f4:67:
98:24:1d:40:80:f7:cc:8a:ba:11:c4:a4:ca:69:a2:d7:64:0f:
2b:b9:90:10:05:7a:87:3c:8e:32:d1:db:79:6a:3b:53:3f:ff:
44:b5:43:70:9b:11:25:0b:f8:d8:81:75:77:f4:8e:dd:3a:3e:
b7:af:80:96
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZBuBx28kX0gvyOT9W3RlmhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5N2E2NDc3ZGQ5NzBjOTRiMmExN2I1MjUwMjk4MmQ0ZmM3
NWIyNDQwHhcNMjQwNzAxMTEyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM0ODdkY2RhNDBjMGJlZTY2NTI0NjA0MmZmNTE1YTJmMGNlMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77vda6N9qSMf7VTpGoc0awc6a5ut
Pz4n3+aPiYjEQmb24kUaHWbcnCrk7/v3AAsthYsE4pnZmIQbmTDfwl++2u6Acqfb
McVyp97tcU3bvXs9nMBBOI+CMQiF/9GRS+s5wnicXoOpzZDlenPXgdrH5NUTg+9e
cAaBcSdhJ485vOBK438PZq5l6hLWZ7VkIrTfHIOD/AnaIJES1nu8NGgBhGdLMr1k
7jKPKeZXBKEJT7252M3KEKXex9rFwoKFWUx3DNs+2UKu8YpDMNbuFUosEdj+BfOu
kfkHI2E9wkZ9AFZvH38QxsqyYAgDnz7kJ42JkTtIhH/q7S0GMlctAankMwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFU0h9zaQMC+5mUkYEL/UVovDOIxMB8GA1UdIwQY
MBaAFJl6ZHfdlwyUsqF7UlApgtT8dbJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhwa2Q5MlhESlN5b1h0U1VDbUMxUHgxc2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80ODE0NjYtMGUzOC00ZTNiLTliZjMt
Mjg1NzQ1NjQ3ZjVmLzEvVlRTSDNOcEF3TDdtWlNSZ1F2OVJXaThNNGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80ODE0NjYtMGUzOC00ZTNiLTliZjMtMjg1NzQ1NjQ3ZjVm
LzEvbVhwa2Q5MlhESlN5b1h0U1VDbUMxUHgxc2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAwfK5MCoE
AgACMCQDBwAgAQZ8DuADBwAgAQZ8DuQDBwAgAQZ8DugDBwAgAQZ8LDAwDQYJKoZI
hvcNAQELBQADggEBAJFRFlQrIcYGrQ7a+R/nenwPdF9HhfF8Oi0Zp/59LIzTHFc9
NEXW4FwdJE9gkS7LZi8CRaBFjq4VLh31gHQK0eCRaetIM444U5L1x3MlzJLlh+dP
61gAK7rwzMdOmjBJLWZYXKWSdzFlaCyhi5X/g6OJ+AhmCP2jcJmbuxiRhM8kumHO
wIIqHqkTBzr1FmOuEfPK6MZxSr7GaQNLonlpw3xUAWBP0aYEUYXxcoN6ZvQV7ziV
HK135luZC2yorxURP7AYzib0Z5gkHUCA98yKuhHEpMppotdkDyu5kBAFeoc8jjLR
23lqO1M//0S1Q3CbESUL+NiBdXf0jt06PrevgJY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:33:22 2024 by rpki-client on console-fra.rpki-client.org