Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/vjrVLeME8THQqheahprmhdNXln8.roa
File: vjrVLeME8THQqheahprmhdNXln8.roa (raw, json)
Hash identifier: e1Q9sYsk6/97LtU3SMpA73hOpymkDwClAGoLB/9xWqQ=
Subject key identifier: BE:3A:D5:2D:E3:04:F1:31:D0:AA:17:9A:86:9A:E6:85:D3:57:96:7F
Certificate issuer: /CN=8eacc7f3b218c492d88dbebc9cdcb9a2d2d30ed1
Certificate serial: 018F73C73505147C17C509A21D22EC85110D
Authority key identifier: 8E:AC:C7:F3:B2:18:C4:92:D8:8D:BE:BC:9C:DC:B9:A2:D2:D3:0E:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqzH87IYxJLYjb68nNy5otLTDtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/vjrVLeME8THQqheahprmhdNXln8.roa
Signing time: Mon 13 May 2024 21:06:26 +0000
ROA not before: Mon 13 May 2024 21:06:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201860
IP address blocks: 185.60.237.0/24 maxlen: 24
185.60.238.0/24 maxlen: 24
185.60.239.0/24 maxlen: 24
185.98.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/jqzH87IYxJLYjb68nNy5otLTDtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/jqzH87IYxJLYjb68nNy5otLTDtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/jqzH87IYxJLYjb68nNy5otLTDtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:c7:35:05:14:7c:17:c5:09:a2:1d:22:ec:85:11:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eacc7f3b218c492d88dbebc9cdcb9a2d2d30ed1
Validity
Not Before: May 13 21:06:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be3ad52de304f131d0aa179a869ae685d357967f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:db:4c:97:f3:bd:26:1b:a9:99:f0:c7:ab:
0e:95:05:4b:64:2f:79:34:8d:5d:e7:25:45:ba:b0:
67:87:2b:53:ba:45:88:00:05:1d:6f:d3:3c:2a:54:
1e:1f:b6:09:fe:d5:9f:ec:9a:e1:92:e7:31:98:99:
37:7c:8b:07:6f:30:bf:6a:65:90:c5:be:47:62:58:
6e:40:a2:a7:fd:ed:68:09:4a:6c:3e:b0:17:4d:36:
c7:52:80:40:a0:64:d9:16:b7:fa:f0:2e:84:4a:58:
50:5a:8e:1e:28:02:cf:84:9d:b4:c2:e9:7a:00:cc:
80:fc:51:dc:49:c1:0d:8e:6b:4a:a1:9a:5c:3c:ff:
e4:1b:7d:98:d3:96:31:10:2b:e1:a0:8f:5f:10:a7:
cf:e5:c6:35:32:f0:be:ad:14:f9:f6:2a:46:6b:7d:
ba:63:53:4f:ab:36:df:94:0e:5e:1b:ef:46:e1:a8:
07:35:8b:34:34:fe:81:7b:c9:a0:b2:29:a0:9f:89:
b7:69:72:a0:ab:77:64:01:df:e5:48:7c:b8:f8:02:
3c:26:b8:46:e3:b0:23:cb:45:c8:1c:a1:f5:38:de:
66:36:b7:c7:9f:75:b0:e6:03:09:cd:98:8b:a0:11:
c8:66:37:53:84:e2:d7:b2:f6:23:65:ff:83:ab:1c:
b8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3A:D5:2D:E3:04:F1:31:D0:AA:17:9A:86:9A:E6:85:D3:57:96:7F
X509v3 Authority Key Identifier:
keyid:8E:AC:C7:F3:B2:18:C4:92:D8:8D:BE:BC:9C:DC:B9:A2:D2:D3:0E:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqzH87IYxJLYjb68nNy5otLTDtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/vjrVLeME8THQqheahprmhdNXln8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/jqzH87IYxJLYjb68nNy5otLTDtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.237.0-185.60.239.255
185.98.107.0/24
Signature Algorithm: sha256WithRSAEncryption
08:33:ba:db:64:97:0d:c6:98:ca:a6:e8:0e:c6:6b:43:ce:1d:
94:37:4f:f5:20:51:10:95:cb:07:2b:f5:8d:6b:e4:77:b6:93:
88:58:85:6a:0d:1b:c4:fc:34:6a:89:e7:3e:a4:38:f2:6e:14:
4d:6b:e4:9a:7c:4b:67:af:67:43:9b:ff:18:b7:fa:78:e2:63:
9f:19:66:48:32:99:ee:30:16:ba:aa:8b:31:ea:af:d6:27:84:
28:a5:e9:41:2b:2d:3b:4d:e7:d1:9c:ff:02:95:e6:df:b0:35:
34:03:44:e4:c6:30:90:b9:28:6b:6e:db:18:b3:c1:5d:a6:93:
95:87:b0:ac:b6:5d:cc:68:b5:45:85:8f:eb:08:29:18:80:df:
8a:35:78:18:b4:fe:fa:58:63:a7:aa:ed:cd:84:65:30:3d:9f:
79:29:d4:d0:7e:c3:2e:2d:f0:e1:46:d1:6b:33:50:b6:5d:38:
4d:ef:f9:65:8e:b7:de:bd:d7:88:4d:13:5d:d6:9c:39:14:31:
95:ae:d2:5a:c1:aa:b9:1e:f6:a0:fa:af:c3:27:b9:09:6b:d2:
82:c8:b1:bc:93:a2:37:47:19:6c:53:0e:16:cc:df:90:5a:6b:
8f:e1:49:b3:41:31:cb:1e:02:c5:6d:27:3e:c5:79:0a:14:c5:
18:18:36:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY9zxzUFFHwXxQmiHSLshRENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWNjN2YzYjIxOGM0OTJkODhkYmViYzljZGNiOWEyZDJk
MzBlZDEwHhcNMjQwNTEzMjEwNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNhZDUyZGUzMDRmMTMxZDBhYTE3OWE4NjlhZTY4NWQzNTc5NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY7bTJfzvSYbqZnwx6sOlQVLZC95
NI1d5yVFurBnhytTukWIAAUdb9M8KlQeH7YJ/tWf7JrhkucxmJk3fIsHbzC/amWQ
xb5HYlhuQKKn/e1oCUpsPrAXTTbHUoBAoGTZFrf68C6ESlhQWo4eKALPhJ20wul6
AMyA/FHcScENjmtKoZpcPP/kG32Y05YxECvhoI9fEKfP5cY1MvC+rRT59ipGa326
Y1NPqzbflA5eG+9G4agHNYs0NP6Be8mgsimgn4m3aXKgq3dkAd/lSHy4+AI8JrhG
47Ajy0XIHKH1ON5mNrfHn3Ww5gMJzZiLoBHIZjdThOLXsvYjZf+Dqxy4vwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL461S3jBPEx0KoXmoaa5oXTV5Z/MB8GA1UdIwQY
MBaAFI6sx/OyGMSS2I2+vJzcuaLS0w7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanF6SDg3SVl4SkxZamI2OG5OeTVvdExURHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iZDQyZWEtZWJiNi00NDQ1LWJkMjAt
Nzc1ZGE2YWEzMTIzLzEvdmpyVkxlTUU4VEhRcWhlYWhwcm1oZE5YbG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iZDQyZWEtZWJiNi00NDQ1LWJkMjAtNzc1ZGE2YWEzMTIz
LzEvanF6SDg3SVl4SkxZamI2OG5OeTVvdExURHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5PO0D
BAS5POADBAC5YmswDQYJKoZIhvcNAQELBQADggEBAAgzuttklw3GmMqm6A7Ga0PO
HZQ3T/UgURCVywcr9Y1r5He2k4hYhWoNG8T8NGqJ5z6kOPJuFE1r5Jp8S2evZ0Ob
/xi3+njiY58ZZkgyme4wFrqqizHqr9YnhCil6UErLTtN59Gc/wKV5t+wNTQDROTG
MJC5KGtu2xizwV2mk5WHsKy2XcxotUWFj+sIKRiA34o1eBi0/vpYY6eq7c2EZTA9
n3kp1NB+wy4t8OFG0WszULZdOE3v+WWOt96914hNE13WnDkUMZWu0lrBqrke9qD6
r8MnuQlr0oLIsbyTojdHGWxTDhbM35Baa4/hSbNBMcseAsVtJz7FeQoUxRgYNqQ=
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:06:05 2024 by rpki-client on console-ams.rpki-client.org