Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/vQ4vVvUQf-dor70j3IykRbt09XU.roa
File: vQ4vVvUQf-dor70j3IykRbt09XU.roa (raw, json)
Hash identifier: Un6gXawHr28Qy7WFJZFMF6h4aFXaRzuNgjKZg3q5J3c=
Subject key identifier: BD:0E:2F:56:F5:10:7F:E7:68:AF:BD:23:DC:8C:A4:45:BB:74:F5:75
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 018CC26D4CBB93CC2102C29D7A8685B8A939
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/vQ4vVvUQf-dor70j3IykRbt09XU.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62380
IP address blocks: 185.232.64.0/24 maxlen: 24
185.232.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.mft
rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4c:bb:93:cc:21:02:c2:9d:7a:86:85:b8:a9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd0e2f56f5107fe768afbd23dc8ca445bb74f575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e1:22:98:ca:28:88:fb:e0:ee:ae:61:c5:5e:
08:2a:c1:3e:42:c9:c0:df:49:1e:71:a0:45:67:4c:
e4:1b:bd:b0:04:77:bf:dd:ce:b9:31:8e:e9:b9:5e:
03:a7:63:ca:66:04:60:5c:d9:c8:8d:4d:77:39:5f:
9b:16:a9:de:60:9b:62:df:1f:ac:db:34:27:6b:42:
d0:36:6d:62:8f:d0:bc:b3:83:a4:b9:5c:3d:2a:a6:
c4:0b:60:73:cc:20:d5:1b:a2:9d:db:7c:e3:53:a3:
f8:a8:c7:e6:ec:d3:81:4f:06:b6:4a:09:28:54:66:
58:ca:64:aa:fd:aa:d1:2b:61:e6:56:2d:8d:8b:3b:
38:d9:1c:4a:54:a8:3e:bf:da:da:25:b7:37:88:5b:
d6:9c:16:70:c9:2e:7c:67:c6:09:4f:d0:47:13:56:
3b:08:e5:c4:3f:f5:f6:0b:c8:56:bb:cf:2f:c6:02:
20:3c:76:f3:80:a3:4e:ae:d2:08:75:48:ea:47:6d:
93:fd:35:22:d9:98:ab:2f:09:40:0e:83:eb:b8:3b:
9d:41:fd:2f:05:68:7e:32:d2:51:44:9d:1e:79:f2:
ad:6a:b3:10:8a:b0:e1:76:be:f7:8b:f2:75:ac:81:
dc:ee:65:2d:83:b3:e6:8f:ec:a9:4e:c0:05:9f:f6:
8a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0E:2F:56:F5:10:7F:E7:68:AF:BD:23:DC:8C:A4:45:BB:74:F5:75
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/vQ4vVvUQf-dor70j3IykRbt09XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.64.0/24
185.232.66.0/24
Signature Algorithm: sha256WithRSAEncryption
40:00:b3:1e:ba:87:8c:c2:62:bf:2c:0e:7b:50:a1:8d:b7:80:
8e:ca:8d:dc:2f:18:71:b1:5d:31:9e:31:a4:39:3f:1e:04:34:
bb:a9:e6:9e:fa:97:0d:3c:25:50:0c:8f:8b:d4:c0:35:4c:3a:
15:20:b5:28:d8:9e:1d:26:e7:5d:cf:fd:b9:4d:63:ba:bb:00:
34:43:22:aa:d8:83:15:b2:73:76:7a:bb:80:75:72:cb:f2:ed:
a5:e8:cb:87:25:eb:d8:84:7a:52:43:c6:96:76:11:5a:a0:1f:
5d:1f:ba:28:f2:9a:48:60:d2:1a:9a:e2:62:58:90:4d:6e:d4:
ab:24:b5:db:66:0e:23:10:25:40:fc:73:bd:bf:69:1b:14:69:
3d:17:9f:d7:a3:1d:92:08:54:f4:af:a2:b4:a8:f7:cc:d9:9a:
f8:73:40:6b:bd:48:35:91:48:21:7e:90:65:9d:d1:0c:e0:9d:
b9:74:ef:54:09:e0:1e:c5:78:23:51:48:8d:38:9a:77:90:23:
c8:6b:c7:93:d5:86:06:7a:16:40:7e:73:fd:dd:e1:79:86:f3:
c6:5f:12:79:ce:c6:b0:3e:74:9d:17:a3:66:4c:f1:b1:36:a0:
35:ee:bc:e5:c2:e5:fb:a1:2b:f3:d4:8d:01:19:ae:a9:3d:ac:
55:dc:25:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbUy7k8whAsKdeoaFuKk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBlMmY1NmY1MTA3ZmU3NjhhZmJkMjNkYzhjYTQ0NWJiNzRmNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eEimMooiPvg7q5hxV4IKsE+QsnA
30kecaBFZ0zkG72wBHe/3c65MY7puV4Dp2PKZgRgXNnIjU13OV+bFqneYJti3x+s
2zQna0LQNm1ij9C8s4OkuVw9KqbEC2BzzCDVG6Kd23zjU6P4qMfm7NOBTwa2Sgko
VGZYymSq/arRK2HmVi2Nizs42RxKVKg+v9raJbc3iFvWnBZwyS58Z8YJT9BHE1Y7
COXEP/X2C8hWu88vxgIgPHbzgKNOrtIIdUjqR22T/TUi2ZirLwlADoPruDudQf0v
BWh+MtJRRJ0eefKtarMQirDhdr73i/J1rIHc7mUtg7Pmj+ypTsAFn/aK5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL0OL1b1EH/naK+9I9yMpEW7dPV1MB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvdlE0dlZ2VVFmLWRvcjcwajNJeWtSYnQwOVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuehAAwQA
uehCMA0GCSqGSIb3DQEBCwUAA4IBAQBAALMeuoeMwmK/LA57UKGNt4COyo3cLxhx
sV0xnjGkOT8eBDS7qeae+pcNPCVQDI+L1MA1TDoVILUo2J4dJuddz/25TWO6uwA0
QyKq2IMVsnN2eruAdXLL8u2l6MuHJevYhHpSQ8aWdhFaoB9dH7oo8ppIYNIamuJi
WJBNbtSrJLXbZg4jECVA/HO9v2kbFGk9F5/Xox2SCFT0r6K0qPfM2Zr4c0BrvUg1
kUghfpBlndEM4J25dO9UCeAexXgjUUiNOJp3kCPIa8eT1YYGehZAfnP93eF5hvPG
XxJ5zsawPnSdF6NmTPGxNqA17rzlwuX7oSvz1I0BGa6pPaxV3CWX
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:57 2024 by rpki-client on console-ams.rpki-client.org