Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/VqgwkXKFPnVWkZEjMkpM5WZ12Ks.roa
File: VqgwkXKFPnVWkZEjMkpM5WZ12Ks.roa (raw, json)
Hash identifier: Elst5qMRWoriOkZnclValnK06w1IYFPkM09T7JHHVDE=
Subject key identifier: 56:A8:30:91:72:85:3E:75:56:91:91:23:32:4A:4C:E5:66:75:D8:AB
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019363D678FF087104B4012B5CFEA34045E7
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/VqgwkXKFPnVWkZEjMkpM5WZ12Ks.roa
Signing time: Mon 25 Nov 2024 15:00:20 +0000
ROA not before: Mon 25 Nov 2024 15:00:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
185.198.203.0/24 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:3000::/36 maxlen: 36
2a0a:8ec0:8003::/48 maxlen: 48
2a0a:8ec1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:d6:78:ff:08:71:04:b4:01:2b:5c:fe:a3:40:45:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Nov 25 15:00:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56a8309172853e7556919123324a4ce56675d8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:09:5e:2e:ab:47:8f:ed:71:b6:c3:ec:17:
ad:9e:37:5b:12:1f:e5:60:0b:05:ce:61:ac:0b:d4:
cb:20:c6:c4:0c:de:98:96:0a:22:fe:da:b1:9d:b6:
21:be:33:a8:7b:8c:b5:31:b1:ce:34:11:75:99:e6:
6c:33:12:64:6d:8b:b7:f8:f7:61:eb:10:95:b4:8d:
a8:94:c7:4e:72:df:37:33:9b:66:55:f3:ca:f0:9b:
7e:cc:84:cb:eb:c5:a2:83:d7:3d:52:24:94:b2:0a:
10:a8:a9:35:73:0b:94:29:53:d3:bf:12:31:67:46:
17:34:b2:c0:3b:af:89:64:8a:06:c8:35:3f:49:3b:
11:83:a8:e6:c5:ac:dc:a7:b4:f0:92:45:75:17:c6:
3b:83:29:04:9b:61:e0:8a:4c:4f:0f:f0:01:10:c2:
ee:c1:a1:13:dd:b1:47:55:ac:2c:f1:57:37:50:69:
35:79:7e:d9:c4:51:bf:b2:a6:ef:8c:c4:d1:44:c7:
11:0a:29:1c:c4:12:aa:85:9f:07:e6:93:be:90:9c:
72:d3:8a:f0:ba:f7:6c:36:2f:ab:d4:44:46:c7:fd:
34:8b:43:56:38:df:b9:ab:54:66:05:64:fe:34:75:
09:18:b5:f4:eb:a6:0a:0b:d8:2d:1d:f2:f4:46:ae:
49:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A8:30:91:72:85:3E:75:56:91:91:23:32:4A:4C:E5:66:75:D8:AB
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/VqgwkXKFPnVWkZEjMkpM5WZ12Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:58:34:10:0d:52:0b:4e:d4:d6:0d:c5:e5:eb:7d:39:9f:e1:
40:63:04:67:e6:b8:eb:d8:a7:76:41:c3:de:9b:b9:a3:bf:4e:
33:40:d9:ac:7d:8a:e2:94:06:8b:d3:fb:fc:a0:03:ed:f6:9f:
5f:a7:4b:24:1b:1c:3c:a0:15:13:9f:40:cc:a0:6a:04:7e:c2:
a6:9a:54:40:72:a4:84:ab:d9:bb:51:4f:3a:08:d1:ca:1e:2d:
aa:8c:42:67:a5:21:b4:4f:0f:c9:7d:d3:5c:2a:df:ce:f0:a0:
66:6d:e0:6a:22:d8:99:53:78:88:cc:23:37:b8:67:9c:88:45:
4b:06:a4:c1:13:9b:ed:08:cb:d8:e0:25:9d:28:a0:9e:df:43:
93:3b:da:08:36:8e:a6:35:2f:96:9c:04:e9:ed:22:62:b5:97:
33:7d:78:10:48:a2:a8:14:d0:2d:05:42:d3:43:bd:e7:6d:8a:
bb:be:d6:e2:21:1b:ea:77:62:3c:87:f7:84:e3:34:1c:12:b0:
4a:b1:a9:7c:e6:1f:d6:79:ed:fc:53:90:62:6a:96:dc:48:8f:
54:c7:87:b4:27:9e:f1:aa:31:5c:11:fc:a1:59:f2:42:bd:06:
5a:c1:5a:21:f8:79:7b:48:f5:a6:63:2b:5a:16:1a:b4:8d:08:
a9:72:72:bb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNj1nj/CHEEtAErXP6jQEXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjQxMTI1MTUwMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmE4MzA5MTcyODUzZTc1NTY5MTkxMjMzMjRhNGNlNTY2NzVkOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGkJXi6rR4/tcbbD7BetnjdbEh/l
YAsFzmGsC9TLIMbEDN6Ylgoi/tqxnbYhvjOoe4y1MbHONBF1meZsMxJkbYu3+Pdh
6xCVtI2olMdOct83M5tmVfPK8Jt+zITL68Wig9c9UiSUsgoQqKk1cwuUKVPTvxIx
Z0YXNLLAO6+JZIoGyDU/STsRg6jmxazcp7TwkkV1F8Y7gykEm2HgikxPD/ABEMLu
waET3bFHVaws8Vc3UGk1eX7ZxFG/sqbvjMTRRMcRCikcxBKqhZ8H5pO+kJxy04rw
uvdsNi+r1ERGx/00i0NWON+5q1RmBWT+NHUJGLX066YKC9gtHfL0Rq5JiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFaoMJFyhT51VpGRIzJKTOVmddirMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvVnFnd2tYS0ZQblZXa1pFak1rcE01V1oxMktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZdcAwQE
UEJgAwQCucbIAwQCwxQUMA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEBCwUAA4IB
AQB6WDQQDVILTtTWDcXl6305n+FAYwRn5rjr2Kd2QcPem7mjv04zQNmsfYrilAaL
0/v8oAPt9p9fp0skGxw8oBUTn0DMoGoEfsKmmlRAcqSEq9m7UU86CNHKHi2qjEJn
pSG0Tw/JfdNcKt/O8KBmbeBqItiZU3iIzCM3uGeciEVLBqTBE5vtCMvY4CWdKKCe
30OTO9oINo6mNS+WnATp7SJitZczfXgQSKKoFNAtBULTQ73nbYq7vtbiIRvqd2I8
h/eE4zQcErBKsal85h/Wee38U5BiapbcSI9Ux4e0J57xqjFcEfyhWfJCvQZawVoh
+Hl7SPWmYytaFhq0jQipcnK7
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:43:46 2024 by rpki-client on console-fra.rpki-client.org