Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/vvSNDqanpihSON6qk6iL7XxOWjs.roa
File: vvSNDqanpihSON6qk6iL7XxOWjs.roa (raw, json)
Hash identifier: Mr2OkigNKANX/ELrtJHGV+4QIPMp06XWUzDcSttBW68=
Subject key identifier: BE:F4:8D:0E:A6:A7:A6:28:52:38:DE:AA:93:A8:8B:ED:7C:4E:5A:3B
Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial: 018CC5DBEB6C0CA4DA9F855CD7559F7C7716
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/vvSNDqanpihSON6qk6iL7XxOWjs.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64407
IP address blocks: 185.66.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:eb:6c:0c:a4:da:9f:85:5c:d7:55:9f:7c:77:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bef48d0ea6a7a6285238deaa93a88bed7c4e5a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7b:3a:13:cb:d2:4a:83:db:ef:cd:53:b5:30:
b5:e4:52:cd:5b:b3:c7:87:ec:a9:23:b0:0d:31:cb:
44:5e:4c:0e:f6:e3:26:d1:a4:7a:b0:53:ab:c3:96:
f4:5b:3e:9a:15:0b:45:c3:20:06:5f:2b:e1:21:51:
11:2c:7e:5e:5c:30:1b:f3:73:bf:7e:90:b7:e3:d3:
72:9c:74:0a:c4:61:1c:a7:2c:79:46:a4:3c:8a:d2:
e3:a1:d3:37:53:6b:9e:30:fb:97:0f:fd:b0:f2:1a:
6e:46:f9:17:40:6f:e4:09:17:33:59:66:6e:c7:95:
0e:cc:07:64:2b:81:fe:ee:12:d6:1a:7f:2a:1d:1f:
5c:fa:6e:1e:00:a2:dc:87:35:db:05:13:6b:71:f8:
1f:bb:3b:a5:a1:5f:dc:0d:b6:35:28:8d:cd:eb:f9:
b2:11:30:97:16:7b:aa:66:22:82:d5:dd:3d:22:20:
98:1f:86:f1:b1:99:20:b8:34:e4:2a:3e:82:c0:b4:
d8:26:9a:a0:2f:bf:bc:7d:5e:18:3d:10:64:c8:08:
89:17:b2:98:03:88:7e:63:90:d0:ee:eb:88:e4:f2:
d5:7c:81:34:3f:00:fa:2d:25:93:9b:09:a9:cd:0e:
91:b6:47:83:18:e0:58:a4:15:96:fa:60:1d:59:bc:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F4:8D:0E:A6:A7:A6:28:52:38:DE:AA:93:A8:8B:ED:7C:4E:5A:3B
X509v3 Authority Key Identifier:
keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/vvSNDqanpihSON6qk6iL7XxOWjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.123.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:55:f4:88:00:f1:c4:bc:3d:cd:48:2d:e7:6f:8d:34:9b:69:
92:7e:c3:73:a0:88:8c:9a:bf:7b:d5:d9:97:9d:e1:4c:ec:6d:
48:98:89:2b:af:25:39:af:74:9f:26:8a:02:0f:fa:ec:44:f0:
56:db:90:8a:b5:3a:07:bf:cc:42:25:cd:86:dc:ef:b9:9a:d7:
77:7a:7b:ca:6b:cf:aa:ce:fd:23:75:85:00:53:fd:66:63:8e:
7e:b1:f1:31:bd:5b:34:38:c1:ab:ca:d7:e0:a6:e5:43:e8:ff:
70:2d:0c:c0:b3:2b:fe:c8:48:94:3d:da:94:42:3a:e9:ef:1b:
b0:b5:3a:dd:83:55:2e:75:0f:7f:0b:b9:da:c4:ff:30:42:49:
b0:75:d5:6f:94:eb:0c:39:bf:28:c5:96:ce:25:46:9e:da:3d:
91:2e:41:8b:b7:58:a0:0e:b0:e7:c6:4c:16:b8:da:03:f7:03:
7c:56:3a:27:29:bd:1e:2f:d2:10:4a:a0:1d:d7:d7:11:71:7a:
64:92:ae:83:01:a1:7d:79:16:da:9a:e4:b0:80:fd:86:a2:7d:
2c:ce:35:f6:c1:8c:da:36:a0:c3:86:4d:91:56:d5:eb:23:bd:
39:91:02:3f:4c:cc:a0:70:a4:54:5f:cd:8c:31:ca:7a:b2:28:
00:59:6c:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+tsDKTan4Vc11WffHcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWY0OGQwZWE2YTdhNjI4NTIzOGRlYWE5M2E4OGJlZDdjNGU1YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHs6E8vSSoPb781TtTC15FLNW7PH
h+ypI7ANMctEXkwO9uMm0aR6sFOrw5b0Wz6aFQtFwyAGXyvhIVERLH5eXDAb83O/
fpC349NynHQKxGEcpyx5RqQ8itLjodM3U2ueMPuXD/2w8hpuRvkXQG/kCRczWWZu
x5UOzAdkK4H+7hLWGn8qHR9c+m4eAKLchzXbBRNrcfgfuzuloV/cDbY1KI3N6/my
ETCXFnuqZiKC1d09IiCYH4bxsZkguDTkKj6CwLTYJpqgL7+8fV4YPRBkyAiJF7KY
A4h+Y5DQ7uuI5PLVfIE0PwD6LSWTmwmpzQ6RtkeDGOBYpBWW+mAdWbx3DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL70jQ6mp6YoUjjeqpOoi+18Tlo7MB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvdnZTTkRxYW5waWhTT042cWs2aUw3WHhPV2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQC6VfSIAPHEvD3NSC3nb400m2mSfsNzoIiMmr971dmX
neFM7G1ImIkrryU5r3SfJooCD/rsRPBW25CKtToHv8xCJc2G3O+5mtd3envKa8+q
zv0jdYUAU/1mY45+sfExvVs0OMGrytfgpuVD6P9wLQzAsyv+yEiUPdqUQjrp7xuw
tTrdg1UudQ9/C7naxP8wQkmwddVvlOsMOb8oxZbOJUae2j2RLkGLt1igDrDnxkwW
uNoD9wN8VjonKb0eL9IQSqAd19cRcXpkkq6DAaF9eRbamuSwgP2Gon0szjX2wYza
NqDDhk2RVtXrI705kQI/TMygcKRUX82MMcp6sigAWWy0
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:50 2024 by rpki-client on console-fra.rpki-client.org