Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/vsoJoIEVOHmm4QTcZnSp0OrHPi0.roa
File: vsoJoIEVOHmm4QTcZnSp0OrHPi0.roa (raw, json)
Hash identifier: skEJE0/6DvX1JbLlooPV3eFyeVFATjkKphG6A3REssU=
Subject key identifier: BE:CA:09:A0:81:15:38:79:A6:E1:04:DC:66:74:A9:D0:EA:C7:3E:2D
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018EFC010404297A85E4BD88F2C6045542AE
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/vsoJoIEVOHmm4QTcZnSp0OrHPi0.roa
Signing time: Sat 20 Apr 2024 14:55:08 +0000
ROA not before: Sat 20 Apr 2024 14:55:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215206
IP address blocks: 45.89.60.0/24 maxlen: 24
45.89.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:01:04:04:29:7a:85:e4:bd:88:f2:c6:04:55:42:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Apr 20 14:55:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beca09a081153879a6e104dc6674a9d0eac73e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:27:d1:ac:33:c4:9d:6b:35:b1:5e:0e:ea:
10:f9:5c:41:5d:80:41:d9:4b:35:6b:b6:87:d2:38:
c9:dd:bc:11:5f:e4:7c:57:cd:1b:25:42:14:15:8a:
5b:30:b3:c2:de:9d:b6:a6:a5:d8:27:71:fb:be:1a:
cc:2c:59:28:92:13:09:99:40:fe:a9:d7:32:34:94:
74:a3:e0:95:6c:98:66:9a:66:d9:53:05:74:1e:88:
7a:f8:4b:96:32:9a:2f:dc:b9:35:7f:f5:da:3d:b3:
6a:c2:6b:cc:cb:eb:54:23:64:96:21:00:fd:da:fc:
57:c4:c7:30:44:81:cb:19:67:6a:b6:5b:52:94:0e:
7f:79:13:38:18:66:21:98:28:a5:69:b4:f9:e9:82:
39:dc:1c:09:d9:45:41:17:51:b2:2b:b7:ff:61:0a:
86:8c:03:04:41:68:27:40:50:50:2e:79:64:b9:64:
4d:a1:82:70:3f:91:80:72:b8:37:ba:ec:f1:6f:80:
c7:63:5d:32:60:43:61:9c:e1:b7:47:7d:cb:07:83:
c3:cf:3d:6e:f4:39:df:be:c0:e6:5e:d4:72:d1:4a:
90:a8:ec:01:bb:dd:b2:e3:e2:f0:e0:1a:1a:a8:f6:
04:5b:01:d6:53:11:56:ec:92:da:f7:27:2a:2e:08:
1a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CA:09:A0:81:15:38:79:A6:E1:04:DC:66:74:A9:D0:EA:C7:3E:2D
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/vsoJoIEVOHmm4QTcZnSp0OrHPi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.60.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:80:d9:5e:04:8e:a6:b3:d4:ac:4c:2d:89:06:47:a6:83:92:
67:64:bd:2f:66:d7:96:ff:a0:4e:ee:af:7e:c8:c4:ea:f5:7c:
9a:0e:9c:57:d2:91:06:57:75:1e:9d:99:17:d1:42:36:f4:b9:
a0:49:9d:81:4e:51:49:d3:8a:a9:4b:04:c2:65:50:12:81:21:
77:43:b5:49:f1:67:66:c6:43:68:6e:c2:0f:44:5f:87:61:00:
d8:42:49:7f:31:82:87:6b:bc:d7:8d:d0:bd:5c:af:36:96:52:
34:6e:b6:cd:db:73:f9:72:d5:92:d1:b0:9b:87:7a:c2:23:f9:
9d:a9:b1:76:23:f7:21:72:d0:79:ae:37:39:5a:f0:5f:05:ad:
8f:78:cc:91:fe:f5:0a:9e:c1:77:79:7a:97:0d:08:ff:f6:7d:
48:d9:19:1f:99:1a:5c:c0:51:fc:e6:59:82:59:cf:2a:20:88:
5e:05:11:37:c2:7c:10:de:69:74:82:11:5c:15:b6:05:46:df:
ac:8d:6b:5c:a2:07:db:02:91:2c:7e:cf:5e:1c:b8:9e:d8:ee:
51:a2:54:78:eb:17:0c:94:e0:38:be:3b:c2:10:4c:21:bd:88:
e5:b4:2c:f3:39:a6:26:7d:08:0d:a9:14:5b:ad:48:37:0f:7b:
77:4a:5a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY78AQQEKXqF5L2I8sYEVUKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwNDIwMTQ1NTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWNhMDlhMDgxMTUzODc5YTZlMTA0ZGM2Njc0YTlkMGVhYzczZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDEn0awzxJ1rNbFeDuoQ+VxBXYBB
2Us1a7aH0jjJ3bwRX+R8V80bJUIUFYpbMLPC3p22pqXYJ3H7vhrMLFkokhMJmUD+
qdcyNJR0o+CVbJhmmmbZUwV0Hoh6+EuWMpov3Lk1f/XaPbNqwmvMy+tUI2SWIQD9
2vxXxMcwRIHLGWdqtltSlA5/eRM4GGYhmCilabT56YI53BwJ2UVBF1GyK7f/YQqG
jAMEQWgnQFBQLnlkuWRNoYJwP5GAcrg3uuzxb4DHY10yYENhnOG3R33LB4PDzz1u
9DnfvsDmXtRy0UqQqOwBu92y4+Lw4BoaqPYEWwHWUxFW7JLa9ycqLgga3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7KCaCBFTh5puEE3GZ0qdDqxz4tMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdnNvSm9JRVZPSG1tNFFUY1puU3AwT3JIUGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVk8MA0G
CSqGSIb3DQEBCwUAA4IBAQC1gNleBI6ms9SsTC2JBkemg5JnZL0vZteW/6BO7q9+
yMTq9XyaDpxX0pEGV3UenZkX0UI29LmgSZ2BTlFJ04qpSwTCZVASgSF3Q7VJ8Wdm
xkNobsIPRF+HYQDYQkl/MYKHa7zXjdC9XK82llI0brbN23P5ctWS0bCbh3rCI/md
qbF2I/chctB5rjc5WvBfBa2PeMyR/vUKnsF3eXqXDQj/9n1I2RkfmRpcwFH85lmC
Wc8qIIheBRE3wnwQ3ml0ghFcFbYFRt+sjWtcogfbApEsfs9eHLie2O5RolR46xcM
lOA4vjvCEEwhvYjltCzzOaYmfQgNqRRbrUg3D3t3SlqN
-----END CERTIFICATE-----
Generated at Tue May 7 09:31:21 2024 by rpki-client on console-ams.rpki-client.org