Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/VM0I6erBLNxMNLJxZWPG5VOcRg8.roa
File: VM0I6erBLNxMNLJxZWPG5VOcRg8.roa (raw, json)
Hash identifier: KnelRYEtRD1772lOpbE+dkS2hrFm+vLF9kbD3TBfvdI=
Subject key identifier: 54:CD:08:E9:EA:C1:2C:DC:4C:34:B2:71:65:63:C6:E5:53:9C:46:0F
Certificate issuer: /CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Certificate serial: 018CC64B37C96084B5EE33AB008DA5276CD6
Authority key identifier: C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/VM0I6erBLNxMNLJxZWPG5VOcRg8.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198725
IP address blocks: 185.21.196.0/22 maxlen: 22
91.220.201.0/24 maxlen: 24
2a02:c280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.mft
rsync://rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:03:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:37:c9:60:84:b5:ee:33:ab:00:8d:a5:27:6c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54cd08e9eac12cdc4c34b2716563c6e5539c460f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:e9:f0:f1:98:a5:eb:89:96:89:fa:20:98:a7:
4e:e4:85:b1:ec:65:62:0f:71:4a:b9:b1:51:66:27:
8e:3d:7e:a4:6e:ca:c0:b2:46:2a:9b:94:f0:60:90:
b2:61:41:dd:57:1a:53:42:2b:58:57:a8:92:d4:ae:
fe:b0:40:91:58:71:51:0b:1d:73:68:c4:a1:71:d4:
6c:d4:85:50:1a:76:63:1d:4a:64:c0:f5:22:4d:33:
56:ba:25:0f:7e:63:08:0e:a9:f9:de:b1:1d:ed:e2:
ea:e4:51:56:92:61:b9:e8:3b:49:d8:ce:a3:3a:3b:
8c:2f:92:00:12:b9:7d:2c:12:1c:91:ad:cf:02:d5:
d1:a4:90:fd:9f:1f:31:c9:c5:1f:e3:7b:84:ed:dc:
0c:08:e5:f4:4b:e1:26:cb:c8:d2:10:43:47:d7:84:
04:d0:b1:46:16:e3:b2:46:d7:40:d7:b6:e3:0b:60:
86:71:b6:93:4a:bc:0d:13:1c:4d:21:09:f7:0b:fe:
25:88:9f:cd:b7:7a:a1:b9:87:f1:3d:3f:3b:fd:63:
21:60:e6:b6:da:d1:7c:e1:f3:59:09:aa:e1:b5:cd:
03:60:a4:2d:fb:95:be:4e:03:d4:80:ec:a6:a1:1f:
8d:ec:ef:9c:46:f1:d2:b7:36:b7:1c:ad:d6:75:90:
d2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CD:08:E9:EA:C1:2C:DC:4C:34:B2:71:65:63:C6:E5:53:9C:46:0F
X509v3 Authority Key Identifier:
keyid:C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/VM0I6erBLNxMNLJxZWPG5VOcRg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.201.0/24
185.21.196.0/22
IPv6:
2a02:c280::/29
Signature Algorithm: sha256WithRSAEncryption
4d:0f:3b:8a:25:70:44:1a:f8:7d:86:70:32:d9:83:1f:ad:71:
d2:f9:87:ef:ea:82:ef:0f:10:c3:bc:dd:da:5c:e0:6f:88:49:
90:01:e7:62:08:84:0e:26:b8:9d:10:2f:18:d5:79:18:88:10:
2c:27:82:94:b8:25:cb:90:97:73:84:cb:87:90:88:0e:93:21:
64:af:ff:9c:de:8d:56:e8:e5:b2:a9:45:83:60:ea:61:4e:c9:
fe:77:47:83:a6:cf:d1:8c:19:a3:1d:fd:29:53:68:82:90:81:
0f:a3:40:4e:9d:ac:19:5a:55:3a:8e:bf:af:33:22:2d:bb:e8:
83:d3:de:96:58:e4:19:2e:7b:7c:51:8e:79:6c:fc:21:bc:44:
3f:20:ed:59:6c:5d:a2:dd:bb:d0:aa:42:f9:49:67:ca:df:cb:
31:3c:ba:09:7c:5a:63:e0:21:35:c3:f5:e3:89:e9:dd:41:05:
21:60:19:b6:37:4b:24:dd:3d:2b:76:27:b2:6f:b4:e3:bc:11:
bc:90:c5:53:eb:02:df:3d:69:30:af:cc:8e:e3:f0:0a:14:ec:
0f:05:88:f2:f1:4c:1d:e8:ff:d3:6b:c6:b1:3d:07:99:f3:74:
6c:cd:6a:7f:4d:63:f0:cf:6f:fa:13:95:6d:60:a8:fd:83:22:
66:93:5e:9b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSzfJYIS17jOrAI2lJ2zWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGQ0MjI0MzE5Nzg2NGJiNDgxNjQ2MWQ0ZDA2NTNhYjBi
YTMyYmEwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGNkMDhlOWVhYzEyY2RjNGMzNGIyNzE2NTYzYzZlNTUzOWM0NjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9enw8Zil64mWifogmKdO5IWx7GVi
D3FKubFRZieOPX6kbsrAskYqm5TwYJCyYUHdVxpTQitYV6iS1K7+sECRWHFRCx1z
aMShcdRs1IVQGnZjHUpkwPUiTTNWuiUPfmMIDqn53rEd7eLq5FFWkmG56DtJ2M6j
OjuML5IAErl9LBIcka3PAtXRpJD9nx8xycUf43uE7dwMCOX0S+Emy8jSEENH14QE
0LFGFuOyRtdA17bjC2CGcbaTSrwNExxNIQn3C/4liJ/Nt3qhuYfxPT87/WMhYOa2
2tF84fNZCarhtc0DYKQt+5W+TgPUgOymoR+N7O+cRvHStza3HK3WdZDSCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFTNCOnqwSzcTDSycWVjxuVTnEYPMB8GA1UdIwQY
MBaAFMndQiQxl4ZLtIFkYdTQZTqwujK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWQxQ0pER1hoa3UwZ1dSaDFOQmxPckM2TXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZGExNWEtOTdhMC00YTc3LTliY2Et
NjRhNzE1YTVmNjliLzEvVk0wSTZlckJMTnhNTkxKeFpXUEc1Vk9jUmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZGExNWEtOTdhMC00YTc3LTliY2EtNjRhNzE1YTVmNjli
LzEveWQxQ0pER1hoa3UwZ1dSaDFOQmxPckM2TXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9zJAwQC
uRXEMA0EAgACMAcDBQMqAsKAMA0GCSqGSIb3DQEBCwUAA4IBAQBNDzuKJXBEGvh9
hnAy2YMfrXHS+Yfv6oLvDxDDvN3aXOBviEmQAediCIQOJridEC8Y1XkYiBAsJ4KU
uCXLkJdzhMuHkIgOkyFkr/+c3o1W6OWyqUWDYOphTsn+d0eDps/RjBmjHf0pU2iC
kIEPo0BOnawZWlU6jr+vMyItu+iD096WWOQZLnt8UY55bPwhvEQ/IO1ZbF2i3bvQ
qkL5SWfK38sxPLoJfFpj4CE1w/XjiendQQUhYBm2N0sk3T0rdieyb7TjvBG8kMVT
6wLfPWkwr8yO4/AKFOwPBYjy8Uwd6P/Ta8axPQeZ83RszWp/TWPwz2/6E5VtYKj9
gyJmk16b
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:25:25 2024 by rpki-client on console-ams.rpki-client.org