Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/VVi2AeeND2YAMXG3tX9hNKKJB0U.roa
File: VVi2AeeND2YAMXG3tX9hNKKJB0U.roa (raw, json)
Hash identifier: rg8F29mgN9CLL79yuOHFg7VTmemPT39fX4LbyECEcus=
Subject key identifier: 55:58:B6:01:E7:8D:0F:66:00:31:71:B7:B5:7F:61:34:A2:89:07:45
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 018CC26D657BEB39A4CA14F08EC609EED6D7
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/VVi2AeeND2YAMXG3tX9hNKKJB0U.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201975
IP address blocks: 193.148.20.0/22 maxlen: 24
45.86.176.0/22 maxlen: 24
185.54.180.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:65:7b:eb:39:a4:ca:14:f0:8e:c6:09:ee:d6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5558b601e78d0f66003171b7b57f6134a2890745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:80:e3:53:5d:d2:89:1c:14:24:51:06:56:
94:13:1d:35:71:3f:57:a6:3e:76:52:23:b1:0a:c6:
d6:c5:7b:c8:06:02:5e:bd:95:61:6b:81:3e:e3:84:
2f:00:67:f3:0d:5e:3c:56:90:0b:e6:b8:41:7f:f7:
a6:33:62:57:a2:85:35:85:59:ea:9a:b0:e0:d5:f3:
d8:78:27:98:9f:1b:6e:3e:48:92:e7:ac:77:05:2a:
95:92:5c:b2:f2:7a:c4:06:5e:5c:94:52:4d:3f:6e:
6b:cb:44:2c:83:68:01:c3:c9:17:ee:5c:6a:b8:9a:
f4:e1:55:4b:ad:1a:d9:74:76:8c:06:e3:9d:29:3f:
40:2c:27:ac:61:20:29:21:97:34:f2:05:ff:fd:f0:
2b:79:c4:6b:3f:47:a5:08:0f:8f:77:c9:bf:f2:e9:
04:13:a2:0f:0a:27:fc:27:7c:3f:69:3e:fb:6c:45:
81:7f:5f:08:c9:69:33:82:54:61:04:51:a3:c2:49:
52:4e:86:eb:86:78:7f:ac:9e:57:2d:2d:f5:c1:62:
0a:8b:69:22:5a:a5:5d:f0:9f:2a:c8:7c:19:f3:1a:
86:85:ce:98:dc:4e:c4:d9:78:29:c0:41:79:83:61:
57:de:13:17:35:f8:b6:a5:49:01:65:b1:a0:a7:b8:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:58:B6:01:E7:8D:0F:66:00:31:71:B7:B5:7F:61:34:A2:89:07:45
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/VVi2AeeND2YAMXG3tX9hNKKJB0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
37:7e:bf:d8:e1:cc:e0:98:44:c9:7c:75:16:48:8c:ce:13:8c:
a4:63:7d:0f:0f:16:f6:38:21:f9:ad:49:04:e8:00:c3:70:94:
d4:76:f9:b9:bf:7d:d6:16:8d:ca:b9:0d:df:19:0b:2b:40:68:
ea:9e:e2:6f:c2:2a:ce:58:ed:46:e1:bd:0c:94:27:3d:ea:a6:
c8:dd:ba:63:25:16:40:cf:80:71:22:28:29:1d:72:04:b0:76:
0d:9a:20:83:d3:de:fd:cf:b3:2b:2d:76:77:a6:3a:de:f3:3f:
39:db:d2:3c:7d:b2:f8:11:31:78:c5:bb:84:1a:b3:f5:01:85:
0a:1c:57:f3:e9:79:4b:32:7e:e1:8e:46:d0:97:86:4d:26:67:
d0:e0:31:c2:a7:34:c8:6b:ea:cc:e2:ce:e1:e7:22:25:32:46:
ee:0d:9b:29:a1:47:f8:11:2d:c1:51:8f:d5:9f:29:97:c3:17:
fb:a9:a5:4e:91:66:91:59:ea:5a:69:40:bf:11:4c:0e:22:83:
fb:50:12:13:56:18:53:49:50:29:07:77:47:2b:88:7b:f4:c6:
4e:5b:33:6d:4d:43:6f:74:db:bf:6b:83:2c:6a:7a:49:20:0b:
22:26:01:16:f2:86:30:7f:aa:fa:2a:9b:09:ee:1a:55:2d:b0:
ee:52:31:ab
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzCbWV76zmkyhTwjsYJ7tbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU4YjYwMWU3OGQwZjY2MDAzMTcxYjdiNTdmNjEzNGEyODkwNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4KA41Nd0okcFCRRBlaUEx01cT9X
pj52UiOxCsbWxXvIBgJevZVha4E+44QvAGfzDV48VpAL5rhBf/emM2JXooU1hVnq
mrDg1fPYeCeYnxtuPkiS56x3BSqVklyy8nrEBl5clFJNP25ry0Qsg2gBw8kX7lxq
uJr04VVLrRrZdHaMBuOdKT9ALCesYSApIZc08gX//fArecRrP0elCA+Pd8m/8ukE
E6IPCif8J3w/aT77bEWBf18IyWkzglRhBFGjwklSTobrhnh/rJ5XLS31wWIKi2ki
WqVd8J8qyHwZ8xqGhc6Y3E7E2XgpwEF5g2FX3hMXNfi2pUkBZbGgp7gCUQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFVYtgHnjQ9mADFxt7V/YTSiiQdFMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvVlZpMkFlZU5EMllBTVhHM3RYOWhOS0tKQjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQA3fr/Y4czgmETJfHUWSIzOE4ykY30PDxb2OCH5rUkE6ADDcJTUdvm5
v33WFo3KuQ3fGQsrQGjqnuJvwirOWO1G4b0MlCc96qbI3bpjJRZAz4BxIigpHXIE
sHYNmiCD0979z7MrLXZ3pjre8z8529I8fbL4ETF4xbuEGrP1AYUKHFfz6XlLMn7h
jkbQl4ZNJmfQ4DHCpzTIa+rM4s7h5yIlMkbuDZspoUf4ES3BUY/VnymXwxf7qaVO
kWaRWepaaUC/EUwOIoP7UBITVhhTSVApB3dHK4h79MZOWzNtTUNvdNu/a4MsanpJ
IAsiJgEW8oYwf6r6KpsJ7hpVLbDuUjGr
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:06:47 2024 by rpki-client on console-fra.rpki-client.org