Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/tVRByCCFPyjMfM-7tXYPbYx6Kvw.roa
File: tVRByCCFPyjMfM-7tXYPbYx6Kvw.roa (raw, json)
Hash identifier: eIJlu4l7xMgYq5czKvI4r77VN1NlE9O52MR8HgF+L8o=
Subject key identifier: B5:54:41:C8:20:85:3F:28:CC:7C:CF:BB:B5:76:0F:6D:8C:7A:2A:FC
Certificate issuer: /CN=5d7f63401407c1cc797b17034e813d2254f9773e
Certificate serial: 018CC56E5ACB8D6DBE313445894E6156246E
Authority key identifier: 5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/tVRByCCFPyjMfM-7tXYPbYx6Kvw.roa
Signing time: Mon 01 Jan 2024 14:29:52 +0000
ROA not before: Mon 01 Jan 2024 14:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59895
IP address blocks: 194.26.222.0/24 maxlen: 24
185.65.206.0/24 maxlen: 24
185.65.205.0/24 maxlen: 24
185.65.204.0/24 maxlen: 24
185.65.207.0/24 maxlen: 24
2a05:300:1::/48 maxlen: 48
2a05:300:2::/48 maxlen: 48
2a05:300::/48 maxlen: 48
2a05:300:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 14:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:5a:cb:8d:6d:be:31:34:45:89:4e:61:56:24:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7f63401407c1cc797b17034e813d2254f9773e
Validity
Not Before: Jan 1 14:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b55441c820853f28cc7ccfbbb5760f6d8c7a2afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8f:ad:44:ac:13:a5:66:15:56:59:08:5a:06:
37:9b:09:0f:db:db:91:fb:cc:85:97:df:9e:5c:5b:
ad:2c:53:53:bd:58:25:c7:47:35:93:6a:15:36:3d:
96:ce:36:1e:cd:7a:ac:06:d3:40:df:12:e6:af:0e:
26:32:b0:7a:12:cb:42:2a:fb:7f:04:d3:f3:06:87:
c6:9b:98:88:8d:ca:52:c1:d8:af:90:a1:df:d2:da:
e0:24:86:95:9f:01:b6:19:fe:a2:30:26:36:20:58:
48:eb:f0:88:77:e8:c7:23:71:75:f0:a6:b7:3f:91:
40:5b:58:f5:88:a7:ec:81:71:ca:74:0b:db:44:6c:
a4:2f:fd:25:cd:0d:87:9f:a1:7e:2d:d9:9d:17:46:
13:cf:9c:66:63:5f:7e:f9:7b:d1:e0:0e:ec:c4:e7:
15:ce:0a:1f:3f:f5:a3:83:9e:96:d9:1c:d8:24:ed:
6e:89:7a:75:c0:67:ca:1c:1b:e6:a3:ff:02:d5:cd:
3e:5d:00:63:d3:b6:92:87:d1:a4:21:01:92:b0:f8:
ad:65:f9:9f:e0:38:af:77:38:d6:05:aa:5d:27:84:
91:b3:74:d8:26:0c:8b:03:7e:19:bf:8b:8f:09:75:
78:b0:f7:42:74:6a:68:e6:6c:0e:b5:0f:3b:37:1e:
fa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:54:41:C8:20:85:3F:28:CC:7C:CF:BB:B5:76:0F:6D:8C:7A:2A:FC
X509v3 Authority Key Identifier:
keyid:5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/tVRByCCFPyjMfM-7tXYPbYx6Kvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.204.0/22
194.26.222.0/24
IPv6:
2a05:300::/46
Signature Algorithm: sha256WithRSAEncryption
8f:9a:38:1b:36:9d:a0:eb:15:b3:d8:7c:f6:d6:dd:cb:b5:7d:
d0:96:7c:49:91:c4:ed:ec:e2:db:b1:1c:8e:af:88:88:b5:41:
cb:6b:ae:7d:14:d1:ca:b5:c4:f6:6d:34:b1:1b:10:0f:4f:96:
bb:63:0a:cb:91:b8:a3:69:2b:df:62:26:e9:37:7b:b0:07:40:
62:95:df:ef:f0:b1:da:cd:3a:e4:03:1a:a3:da:bf:ad:43:a5:
71:84:e6:9d:27:83:aa:b0:f9:55:1b:f6:52:e8:bd:4d:67:80:
84:5a:37:01:3d:9a:d6:63:61:6c:9c:83:52:28:14:43:23:df:
ef:85:a3:52:27:79:bb:d2:97:d4:35:31:97:6e:f8:6b:c9:ed:
62:1f:78:f3:3d:35:c8:11:2d:b8:72:c7:d3:d7:1e:ac:7d:6a:
04:23:2b:b4:4d:cf:65:19:58:e6:2f:83:2d:5e:3c:be:a9:58:
f2:ea:80:a9:77:a2:56:3f:68:b8:44:19:05:54:41:13:03:b2:
8b:45:2f:a1:d1:7f:f0:81:a0:40:4a:bb:c1:fa:02:be:e1:37:
25:9b:e0:52:95:c3:08:78:0f:e7:a5:8f:9a:36:f2:19:0a:ed:
70:0c:e7:ec:0b:c3:ea:78:e9:3a:be:ac:2e:13:6e:8d:7f:6b:
a0:b0:d0:ce
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFblrLjW2+MTRFiU5hViRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2Y2MzQwMTQwN2MxY2M3OTdiMTcwMzRlODEzZDIyNTRm
OTc3M2UwHhcNMjQwMTAxMTQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU0NDFjODIwODUzZjI4Y2M3Y2NmYmJiNTc2MGY2ZDhjN2EyYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4+tRKwTpWYVVlkIWgY3mwkP29uR
+8yFl9+eXFutLFNTvVglx0c1k2oVNj2WzjYezXqsBtNA3xLmrw4mMrB6EstCKvt/
BNPzBofGm5iIjcpSwdivkKHf0trgJIaVnwG2Gf6iMCY2IFhI6/CId+jHI3F18Ka3
P5FAW1j1iKfsgXHKdAvbRGykL/0lzQ2Hn6F+LdmdF0YTz5xmY19++XvR4A7sxOcV
zgofP/Wjg56W2RzYJO1uiXp1wGfKHBvmo/8C1c0+XQBj07aSh9GkIQGSsPitZfmf
4DivdzjWBapdJ4SRs3TYJgyLA34Zv4uPCXV4sPdCdGpo5mwOtQ87Nx76+wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLVUQcgghT8ozHzPu7V2D22Meir8MB8GA1UdIwQY
MBaAFF1/Y0AUB8HMeXsXA06BPSJU+Xc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMt
MzNmYjE0NTJiYjBhLzEvdFZSQnlDQ0ZQeWpNZk0tN3RYWVBiWXg2S3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMtMzNmYjE0NTJiYjBh
LzEvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUHMAwQA
whreMA8EAgACMAkDBwIqBQMAAAAwDQYJKoZIhvcNAQELBQADggEBAI+aOBs2naDr
FbPYfPbW3cu1fdCWfEmRxO3s4tuxHI6viIi1Qctrrn0U0cq1xPZtNLEbEA9Plrtj
CsuRuKNpK99iJuk3e7AHQGKV3+/wsdrNOuQDGqPav61DpXGE5p0ng6qw+VUb9lLo
vU1ngIRaNwE9mtZjYWycg1IoFEMj3++Fo1InebvSl9Q1MZdu+GvJ7WIfePM9NcgR
Lbhyx9PXHqx9agQjK7RNz2UZWOYvgy1ePL6pWPLqgKl3olY/aLhEGQVUQRMDsotF
L6HRf/CBoEBKu8H6Ar7hNyWb4FKVwwh4D+elj5o28hkK7XAM5+wLw+p46Tq+rC4T
bo1/a6Cw0M4=
-----END CERTIFICATE-----
Generated at Tue Jun 4 21:33:04 2024 by rpki-client on console-ams.rpki-client.org