Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VPgvA97CCFn5cO5eSM20zvgkIQs.roa
File: VPgvA97CCFn5cO5eSM20zvgkIQs.roa (raw, json)
Hash identifier: FTHwCgwbqJEOWeteAjOFoFzjTbVgT8U9S2Xhr+ca6wo=
Subject key identifier: 54:F8:2F:03:DE:C2:08:59:F9:70:EE:5E:48:CD:B4:CE:F8:24:21:0B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0190A687C7DE256464AAB3137B1EECF6EA48
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VPgvA97CCFn5cO5eSM20zvgkIQs.roa
Signing time: Fri 12 Jul 2024 10:40:34 +0000
ROA not before: Fri 12 Jul 2024 10:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265770
IP address blocks: 5.253.228.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.32.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:87:c7:de:25:64:64:aa:b3:13:7b:1e:ec:f6:ea:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 12 10:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54f82f03dec20859f970ee5e48cdb4cef824210b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:f2:4d:7f:43:7a:91:58:b8:6b:74:fe:1c:
53:bd:19:e6:7e:4a:fe:2f:c5:11:43:3f:b3:f5:15:
8f:bb:f2:f3:b4:9e:bb:b2:7f:37:70:03:e0:a3:59:
c8:53:b6:46:f7:ad:20:cf:f8:55:72:ee:84:86:27:
4f:18:a5:9f:9d:e4:04:79:c3:7b:bb:ed:94:bd:2a:
a1:b3:2a:28:a4:b3:06:15:da:85:31:9b:7d:a9:ed:
03:82:99:49:44:b4:58:3c:01:4c:cf:33:3f:03:40:
79:40:5e:05:e7:49:51:57:37:fd:d1:95:87:14:3a:
9d:cc:3b:11:ce:a2:00:65:6a:21:e1:3e:fd:52:b3:
04:88:71:4e:5b:90:f5:30:13:35:e0:c5:bc:ca:2b:
24:1b:c1:bc:29:b8:81:8c:44:eb:04:70:e6:f0:06:
ee:f0:5a:8e:da:bb:68:cf:b9:04:52:f0:8f:41:ea:
ec:8a:51:c8:97:32:ef:b3:ee:a2:96:aa:49:9a:31:
66:86:33:5d:fe:67:4c:2b:f0:84:9d:8d:9c:7a:13:
84:ac:74:ee:04:ae:22:3d:6c:d1:6f:a0:a7:f4:ce:
33:e3:24:15:2f:af:d8:52:ef:dc:b2:bd:4e:d5:fe:
ec:b3:19:b9:53:ae:ba:94:34:82:78:7c:a7:a9:fc:
72:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F8:2F:03:DE:C2:08:59:F9:70:EE:5E:48:CD:B4:CE:F8:24:21:0B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VPgvA97CCFn5cO5eSM20zvgkIQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.228.0/22
45.15.244.0/22
45.128.20.0/22
45.151.196.0/22
89.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f4:27:a1:c2:0a:f1:e2:64:e6:0c:c5:f0:d9:9f:2a:4e:7f:
0a:b2:37:ea:05:77:83:59:07:5a:c5:9d:f4:13:70:f9:75:32:
0c:e7:e9:02:ea:1b:a0:28:47:2e:a9:97:05:9d:99:7b:81:c5:
30:16:ea:26:d9:39:2f:e8:81:5f:54:f8:0b:2e:f0:15:5c:39:
6e:e2:ae:aa:54:62:c4:d7:5e:c5:6d:c2:e6:5e:c1:90:53:f7:
ea:48:97:fc:2e:db:b2:33:ff:16:01:59:ff:16:5f:28:b4:1f:
60:a1:78:81:10:1a:eb:f7:e4:96:42:37:70:42:c3:8a:a9:51:
a4:db:a3:ad:81:cb:78:7a:de:2c:fa:1e:9d:27:c3:71:b1:77:
4c:90:30:80:2f:31:2d:f2:09:0d:49:48:55:0c:dc:3d:c2:0c:
0c:2f:f4:b4:e0:b3:2c:ec:59:1d:c5:d0:e3:c4:c3:21:e8:01:
56:67:a3:bb:15:30:1d:74:48:07:31:02:11:6c:91:ae:66:6b:
09:85:27:b2:37:a8:4c:6d:1d:92:c3:9f:f6:8c:45:94:23:d4:
ae:b0:91:56:9a:38:d8:2f:e7:c1:9b:96:e1:76:96:17:19:07:
4f:52:6a:32:14:1a:e5:f3:bf:df:ff:b9:87:80:02:20:16:1d:
08:d9:61:33
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCmh8feJWRkqrMTex7s9upIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNzEyMTA0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY4MmYwM2RlYzIwODU5Zjk3MGVlNWU0OGNkYjRjZWY4MjQyMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSXyTX9DepFYuGt0/hxTvRnmfkr+
L8URQz+z9RWPu/LztJ67sn83cAPgo1nIU7ZG960gz/hVcu6EhidPGKWfneQEecN7
u+2UvSqhsyoopLMGFdqFMZt9qe0DgplJRLRYPAFMzzM/A0B5QF4F50lRVzf90ZWH
FDqdzDsRzqIAZWoh4T79UrMEiHFOW5D1MBM14MW8yiskG8G8KbiBjETrBHDm8Abu
8FqO2rtoz7kEUvCPQersilHIlzLvs+6ilqpJmjFmhjNd/mdMK/CEnY2cehOErHTu
BK4iPWzRb6Cn9M4z4yQVL6/YUu/csr1O1f7ssxm5U666lDSCeHynqfxyZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFT4LwPewghZ+XDuXkjNtM74JCELMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVlBndkE5N0NDRm41Y081ZVNNMjB6dmdrSVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBf3kAwQC
LQ/0AwQCLYAUAwQCLZfEAwQAWSB+MA0GCSqGSIb3DQEBCwUAA4IBAQAn9Cehwgrx
4mTmDMXw2Z8qTn8KsjfqBXeDWQdaxZ30E3D5dTIM5+kC6hugKEcuqZcFnZl7gcUw
Fuom2Tkv6IFfVPgLLvAVXDlu4q6qVGLE117FbcLmXsGQU/fqSJf8LtuyM/8WAVn/
Fl8otB9goXiBEBrr9+SWQjdwQsOKqVGk26Otgct4et4s+h6dJ8NxsXdMkDCALzEt
8gkNSUhVDNw9wgwML/S04LMs7FkdxdDjxMMh6AFWZ6O7FTAddEgHMQIRbJGuZmsJ
hSeyN6hMbR2Sw5/2jEWUI9SusJFWmjjYL+fBm5bhdpYXGQdPUmoyFBrl87/f/7mH
gAIgFh0I2WEz
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:30 2024 by rpki-client on console-fra.rpki-client.org