Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/VjykQu_Q7uoPfbGYLydHQBk1cmg.roa
File: VjykQu_Q7uoPfbGYLydHQBk1cmg.roa (raw, json)
Hash identifier: aW6VCVqdlc4Y9b6xNUmCFDjwNxF2Pis1rzP/vm2uj74=
Subject key identifier: 56:3C:A4:42:EF:D0:EE:EA:0F:7D:B1:98:2F:27:47:40:19:35:72:68
Certificate issuer: /CN=01b3fa2ab8901b415e10838872c63d9f0ce136ad
Certificate serial: 018CCA2A6AC0E533967C216DCD784E84B7F4
Authority key identifier: 01:B3:FA:2A:B8:90:1B:41:5E:10:83:88:72:C6:3D:9F:0C:E1:36:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AbP6KriQG0FeEIOIcsY9nwzhNq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/VjykQu_Q7uoPfbGYLydHQBk1cmg.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203329
IP address blocks: 185.138.140.0/22 maxlen: 24
149.233.0.0/19 maxlen: 24
2a07:e80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/AbP6KriQG0FeEIOIcsY9nwzhNq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/AbP6KriQG0FeEIOIcsY9nwzhNq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/AbP6KriQG0FeEIOIcsY9nwzhNq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6a:c0:e5:33:96:7c:21:6d:cd:78:4e:84:b7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01b3fa2ab8901b415e10838872c63d9f0ce136ad
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=563ca442efd0eeea0f7db1982f27474019357268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ea:c7:1b:9e:a9:1a:09:50:2b:2f:a1:99:c9:
d9:04:64:d4:b2:41:f4:59:53:e5:1f:11:c7:f5:d9:
30:d0:f0:3a:f3:72:96:bd:65:b4:f5:8d:f1:2a:6c:
22:01:52:92:29:f1:2f:0c:e4:84:98:b2:f7:e0:36:
79:fe:1d:a8:d8:1e:73:2f:d0:fc:74:04:d7:c2:cd:
4a:49:34:19:39:60:89:0d:4e:ce:be:c0:f7:e6:3e:
25:77:02:bd:cd:71:99:28:73:1d:e2:51:0b:24:0a:
ae:ca:17:70:45:65:1b:a3:e7:8f:af:49:5d:f7:34:
4f:a4:b6:df:5d:1c:1d:23:40:03:21:46:27:f6:76:
6c:99:ca:98:68:04:6b:69:e6:a3:9f:01:18:99:82:
6f:55:7e:16:53:f1:92:1e:5b:3b:3e:92:56:10:fd:
6a:10:f7:48:b4:5e:8f:47:2f:9e:5a:04:d0:5f:a1:
c2:42:bb:7c:a7:2b:bd:e7:90:8c:d5:21:da:a3:15:
a3:99:64:e1:aa:c5:b3:f9:88:84:c7:f8:00:9c:eb:
d5:fd:83:72:83:2b:bd:a1:aa:21:0e:fd:82:a0:d2:
7a:99:88:65:1c:ce:61:d1:a4:ba:0f:9c:ce:cb:dd:
88:15:e2:9c:d2:df:e3:39:4c:71:f6:34:d7:58:52:
7a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3C:A4:42:EF:D0:EE:EA:0F:7D:B1:98:2F:27:47:40:19:35:72:68
X509v3 Authority Key Identifier:
keyid:01:B3:FA:2A:B8:90:1B:41:5E:10:83:88:72:C6:3D:9F:0C:E1:36:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AbP6KriQG0FeEIOIcsY9nwzhNq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/VjykQu_Q7uoPfbGYLydHQBk1cmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/42bda6-a5da-471b-a3bf-81ecb490fb86/1/AbP6KriQG0FeEIOIcsY9nwzhNq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.233.0.0/19
185.138.140.0/22
IPv6:
2a07:e80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:95:9f:ef:07:7e:33:76:88:e7:f9:4d:93:f5:f6:17:11:91:
86:9e:43:6b:31:36:05:e9:b1:d3:68:33:f6:15:38:23:59:4b:
a3:8b:3a:ef:b8:41:f4:14:7d:6b:fd:8e:f0:98:c5:1c:e9:f2:
ef:a3:b5:6e:ec:54:eb:32:7b:be:66:ab:f0:7e:7b:76:de:d6:
47:4c:68:9f:9d:dd:a3:89:92:30:f6:26:4e:62:48:1b:70:9d:
64:a9:71:1c:f0:d9:44:d5:c2:ed:e8:f4:b7:9e:a0:e6:7d:58:
59:f2:25:43:d2:cd:4b:82:60:e4:0f:78:9a:12:d9:43:78:f8:
97:fc:fc:29:16:61:9a:12:1b:08:44:c7:dd:c0:40:37:71:fc:
bd:e9:ea:c4:05:54:0a:e9:9d:2b:ff:e1:80:40:1e:12:d5:f3:
aa:41:68:e2:54:a1:bc:92:0d:a7:e0:65:63:23:20:b7:0d:64:
16:ad:2e:e8:08:7f:e3:2c:52:86:f7:ce:67:f6:1c:41:c3:3d:
3a:bd:85:ac:e4:b7:b3:ea:f2:7b:e1:68:73:69:d3:67:a9:c0:
17:70:41:73:bb:7a:ac:a0:60:75:2d:50:02:1e:20:12:78:cd:
b5:23:11:1f:76:f1:87:18:57:f3:de:a1:e4:b5:f8:a5:42:ed:
f2:98:b8:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKmrA5TOWfCFtzXhOhLf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYjNmYTJhYjg5MDFiNDE1ZTEwODM4ODcyYzYzZDlmMGNl
MTM2YWQwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNjYTQ0MmVmZDBlZWVhMGY3ZGIxOTgyZjI3NDc0MDE5MzU3MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAperHG56pGglQKy+hmcnZBGTUskH0
WVPlHxHH9dkw0PA683KWvWW09Y3xKmwiAVKSKfEvDOSEmLL34DZ5/h2o2B5zL9D8
dATXws1KSTQZOWCJDU7OvsD35j4ldwK9zXGZKHMd4lELJAquyhdwRWUbo+ePr0ld
9zRPpLbfXRwdI0ADIUYn9nZsmcqYaARraeajnwEYmYJvVX4WU/GSHls7PpJWEP1q
EPdItF6PRy+eWgTQX6HCQrt8pyu955CM1SHaoxWjmWThqsWz+YiEx/gAnOvV/YNy
gyu9oaohDv2CoNJ6mYhlHM5h0aS6D5zOy92IFeKc0t/jOUxx9jTXWFJ6rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFY8pELv0O7qD32xmC8nR0AZNXJoMB8GA1UdIwQY
MBaAFAGz+iq4kBtBXhCDiHLGPZ8M4TatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJQNktyaVFHMEZlRUlPSWNzWTlud3poTnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80MmJkYTYtYTVkYS00NzFiLWEzYmYt
ODFlY2I0OTBmYjg2LzEvVmp5a1F1X1E3dW9QZmJHWUx5ZEhRQmsxY21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80MmJkYTYtYTVkYS00NzFiLWEzYmYtODFlY2I0OTBmYjg2
LzEvQWJQNktyaVFHMEZlRUlPSWNzWTlud3poTnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFlekAAwQC
uYqMMA0EAgACMAcDBQMqBw6AMA0GCSqGSIb3DQEBCwUAA4IBAQBvlZ/vB34zdojn
+U2T9fYXEZGGnkNrMTYF6bHTaDP2FTgjWUujizrvuEH0FH1r/Y7wmMUc6fLvo7Vu
7FTrMnu+Zqvwfnt23tZHTGifnd2jiZIw9iZOYkgbcJ1kqXEc8NlE1cLt6PS3nqDm
fVhZ8iVD0s1LgmDkD3iaEtlDePiX/PwpFmGaEhsIRMfdwEA3cfy96erEBVQK6Z0r
/+GAQB4S1fOqQWjiVKG8kg2n4GVjIyC3DWQWrS7oCH/jLFKG985n9hxBwz06vYWs
5Lez6vJ74WhzadNnqcAXcEFzu3qsoGB1LVACHiASeM21IxEfdvGHGFfz3qHktfil
Qu3ymLhI
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:22 2024 by rpki-client on console-fra.rpki-client.org