Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/Vzy-91u750q7yijQJt7IRUrBQOI.roa
File: Vzy-91u750q7yijQJt7IRUrBQOI.roa (raw, json)
Hash identifier: jnw7fotgfP1OhoPeDEauhKBkItBTv9uTphEqgI0GPDc=
Subject key identifier: 57:3C:BE:F7:5B:BB:E7:4A:BB:CA:28:D0:26:DE:C8:45:4A:C1:40:E2
Certificate issuer: /CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Certificate serial: 018CC64B6499962C7A5AE061220D828F5C1D
Authority key identifier: F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/Vzy-91u750q7yijQJt7IRUrBQOI.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60486
IP address blocks: 185.29.152.0/22 maxlen: 22
185.29.152.0/23 maxlen: 23
185.29.154.0/24 maxlen: 24
85.184.244.0/24 maxlen: 24
85.184.246.0/24 maxlen: 24
85.184.245.0/24 maxlen: 24
85.184.247.0/24 maxlen: 24
83.143.72.0/24 maxlen: 24
2a00:a920:700::/40 maxlen: 40
2a00:a920:900::/40 maxlen: 40
2a00:a920:800::/40 maxlen: 40
2a00:a920:400::/40 maxlen: 40
2a00:a920:300::/40 maxlen: 40
2a00:a920:200::/40 maxlen: 40
2a00:a920:100::/40 maxlen: 40
2a00:a920::/40 maxlen: 40
2a00:a920:c00::/40 maxlen: 40
2a00:a920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:64:99:96:2c:7a:5a:e0:61:22:0d:82:8f:5c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=573cbef75bbbe74abbca28d026dec8454ac140e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ae:39:1f:3d:d8:df:00:4d:90:24:dd:2f:5c:
d2:3a:af:cd:59:18:41:83:f4:43:86:93:96:a5:95:
7e:08:36:cb:7d:dc:11:0c:a3:65:fc:a4:b9:f0:52:
9e:15:71:3c:46:b0:1b:ec:6b:91:3d:21:af:90:be:
db:99:f8:86:4c:33:27:1e:04:2a:03:25:88:ba:03:
71:f2:86:6b:5a:f7:14:da:fc:01:e0:fe:80:e7:01:
70:45:92:1c:65:b1:91:22:7f:3d:8d:fd:35:ed:ea:
85:db:cc:62:2e:a8:fa:b3:28:b6:10:7b:c9:e1:86:
73:3f:8b:25:85:74:d8:24:33:15:f7:66:3b:58:4f:
1a:40:ec:de:df:dc:7d:b0:dd:10:22:16:d5:a0:4e:
b1:ea:c8:4a:14:ce:d9:aa:a9:13:81:19:91:78:11:
8f:69:92:16:1f:d7:4e:ef:c9:e4:f1:e6:8a:30:6f:
58:e6:ed:1f:b3:5f:75:52:d7:5f:c6:62:1e:08:3c:
38:d8:49:de:7d:14:06:1c:44:e7:d1:db:fe:b8:9a:
23:a4:ca:f5:9a:7c:a2:d4:6e:ac:43:03:95:43:cf:
13:94:37:27:71:c9:e5:f9:ef:23:51:d9:30:e3:c1:
ea:cb:a3:61:5b:3a:ef:d9:c9:86:94:8c:f6:9e:9c:
a3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3C:BE:F7:5B:BB:E7:4A:BB:CA:28:D0:26:DE:C8:45:4A:C1:40:E2
X509v3 Authority Key Identifier:
keyid:F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/Vzy-91u750q7yijQJt7IRUrBQOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.72.0/24
85.184.244.0/22
185.29.152.0/22
IPv6:
2a00:a920::/32
Signature Algorithm: sha256WithRSAEncryption
27:08:70:b4:36:67:9f:55:52:8c:ad:ec:4b:04:03:6f:5f:5b:
ea:97:f8:98:f4:fd:a0:b4:f4:cc:a2:fa:4a:cf:c9:c6:50:dd:
dc:b7:21:ff:c3:84:00:ce:f8:64:5e:cc:7e:43:bd:21:8e:d2:
a1:a2:2d:4c:e3:7a:55:ec:b1:63:92:7d:37:53:cc:85:07:16:
09:66:32:a6:dd:18:44:fb:e6:f2:17:b5:25:f2:6d:c8:ac:1f:
63:3c:27:ef:2f:27:1d:f8:eb:90:dd:77:d3:77:14:ca:1a:ab:
34:89:40:6d:56:16:e5:57:00:56:22:83:56:83:d4:37:3d:47:
c7:5b:2e:74:88:c4:c4:d1:65:41:fb:19:d0:a8:30:bc:71:6f:
6a:74:83:ec:00:91:2c:9f:18:1e:7a:d0:16:2e:0b:67:0b:fd:
06:da:e6:d2:c4:32:2f:15:dc:60:7c:c7:d1:e5:71:e2:4f:33:
33:62:1d:08:18:5e:c4:79:ba:02:17:6b:c0:71:d2:fc:39:71:
21:09:52:02:1e:7b:cc:e0:fd:9f:c7:9d:fb:cd:7a:23:c2:b0:
30:b3:ba:76:af:c9:5b:f0:5d:67:3d:f0:82:cc:a7:ca:5f:81:
2c:3a:ce:b9:79:38:4b:ee:b7:3e:4d:d7:ed:71:b0:ad:df:67:
0c:3c:9b:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS2SZlix6WuBhIg2Cj1wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGE2NzEzNWI3MzdjYTlkMmRmZDdiOTdmZTU5NzhiOGYz
MDBkNmIwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzNjYmVmNzViYmJlNzRhYmJjYTI4ZDAyNmRlYzg0NTRhYzE0MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7K45Hz3Y3wBNkCTdL1zSOq/NWRhB
g/RDhpOWpZV+CDbLfdwRDKNl/KS58FKeFXE8RrAb7GuRPSGvkL7bmfiGTDMnHgQq
AyWIugNx8oZrWvcU2vwB4P6A5wFwRZIcZbGRIn89jf017eqF28xiLqj6syi2EHvJ
4YZzP4slhXTYJDMV92Y7WE8aQOze39x9sN0QIhbVoE6x6shKFM7ZqqkTgRmReBGP
aZIWH9dO78nk8eaKMG9Y5u0fs191UtdfxmIeCDw42EnefRQGHETn0dv+uJojpMr1
mnyi1G6sQwOVQ88TlDcnccnl+e8jUdkw48Hqy6NhWzrv2cmGlIz2npyj8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFc8vvdbu+dKu8oo0CbeyEVKwUDiMB8GA1UdIwQY
MBaAFPHaZxNbc3yp0t/XuX/ll4uPMA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEt
ZmMxMTJhZTYzZWE0LzEvVnp5LTkxdTc1MHE3eWlqUUp0N0lSVXJCUU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEtZmMxMTJhZTYzZWE0
LzEvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAU49IAwQC
Vbj0AwQCuR2YMA0EAgACMAcDBQAqAKkgMA0GCSqGSIb3DQEBCwUAA4IBAQAnCHC0
NmefVVKMrexLBANvX1vql/iY9P2gtPTMovpKz8nGUN3ctyH/w4QAzvhkXsx+Q70h
jtKhoi1M43pV7LFjkn03U8yFBxYJZjKm3RhE++byF7Ul8m3IrB9jPCfvLycd+OuQ
3XfTdxTKGqs0iUBtVhblVwBWIoNWg9Q3PUfHWy50iMTE0WVB+xnQqDC8cW9qdIPs
AJEsnxgeetAWLgtnC/0G2ubSxDIvFdxgfMfR5XHiTzMzYh0IGF7EeboCF2vAcdL8
OXEhCVICHnvM4P2fx537zXojwrAws7p2r8lb8F1nPfCCzKfKX4EsOs65eThL7rc+
TdftcbCt32cMPJty
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:13:54 2024 by rpki-client on console-ams.rpki-client.org