Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/VGMWV2nECypFMlpP4cKGFBwQCJY.roa
File: VGMWV2nECypFMlpP4cKGFBwQCJY.roa (raw, json)
Hash identifier: xH/XLHNHUODsYFgRTWgQOS7/siMzY0o9iUDicjB0VVA=
Subject key identifier: 54:63:16:57:69:C4:0B:2A:45:32:5A:4F:E1:C2:86:14:1C:10:08:96
Certificate issuer: /CN=458b6759c1a0cf5ad82da5c393bcd0fff7c7e2f0
Certificate serial: 018CC72707594A2955CDA3D2AC651A464735
Authority key identifier: 45:8B:67:59:C1:A0:CF:5A:D8:2D:A5:C3:93:BC:D0:FF:F7:C7:E2:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYtnWcGgz1rYLaXDk7zQ__fH4vA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/VGMWV2nECypFMlpP4cKGFBwQCJY.roa
Signing time: Mon 01 Jan 2024 22:31:12 +0000
ROA not before: Mon 01 Jan 2024 22:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42698
IP address blocks: 195.248.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/RYtnWcGgz1rYLaXDk7zQ__fH4vA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/RYtnWcGgz1rYLaXDk7zQ__fH4vA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RYtnWcGgz1rYLaXDk7zQ__fH4vA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:07:59:4a:29:55:cd:a3:d2:ac:65:1a:46:47:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458b6759c1a0cf5ad82da5c393bcd0fff7c7e2f0
Validity
Not Before: Jan 1 22:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5463165769c40b2a45325a4fe1c286141c100896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:48:2a:c4:ca:3c:db:c4:6c:a3:7c:c8:2a:8d:
52:dc:7e:53:1a:e8:bd:5b:c0:42:72:0b:c9:f3:58:
51:fa:cd:50:bc:35:ad:a0:8f:67:32:d4:64:1f:54:
0f:f3:b0:4b:1c:7d:80:1f:8e:8d:95:b1:43:b2:0c:
81:97:94:b9:ea:97:ce:2f:3f:bb:36:33:f8:76:6d:
a7:a4:46:19:56:6c:ad:75:c5:71:f5:e5:78:1d:bb:
5c:47:e8:74:ca:cf:8b:9a:3c:b5:93:47:90:94:1f:
71:30:38:a3:3e:4c:70:88:ec:5b:d2:14:61:2f:59:
12:14:4a:e9:88:df:e8:5f:1a:1b:44:cc:6e:9f:6e:
ac:ee:38:ea:a4:1d:4c:79:26:92:68:87:ad:42:8e:
9c:c6:7b:50:e8:f2:b7:83:8b:02:e5:64:bd:60:f5:
df:07:70:59:1a:e6:15:0e:57:27:54:ab:ad:6b:11:
c3:26:be:da:8d:73:e6:85:06:9c:ad:45:f4:6d:6d:
36:d3:20:50:d5:31:d8:72:94:6f:6b:f8:56:2d:e1:
4f:d9:6f:9c:72:6a:1b:15:d4:bc:ab:33:df:31:dc:
58:71:dc:fa:b3:2f:93:f3:ab:ec:c0:d8:65:80:ea:
20:2b:37:23:84:06:33:56:cf:bc:96:42:a8:3b:dc:
5a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:63:16:57:69:C4:0B:2A:45:32:5A:4F:E1:C2:86:14:1C:10:08:96
X509v3 Authority Key Identifier:
keyid:45:8B:67:59:C1:A0:CF:5A:D8:2D:A5:C3:93:BC:D0:FF:F7:C7:E2:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYtnWcGgz1rYLaXDk7zQ__fH4vA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/VGMWV2nECypFMlpP4cKGFBwQCJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/01a285-fc81-4b06-80b2-00c913cb0557/1/RYtnWcGgz1rYLaXDk7zQ__fH4vA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.252.0/23
Signature Algorithm: sha256WithRSAEncryption
88:04:62:8d:08:93:ed:05:cc:0d:1a:77:c7:3b:eb:4f:55:cd:
fe:19:a5:50:da:8f:f4:cb:b8:4a:af:3f:07:03:c9:85:6c:2c:
51:f6:4e:b1:23:e2:e6:19:8c:ec:0e:8a:88:8d:06:b3:c8:ac:
8e:57:2c:66:30:07:41:ee:9d:59:74:ee:8d:61:4f:58:92:c5:
67:dc:97:81:04:5d:02:b0:be:b3:a6:1d:ea:07:b5:50:5b:ec:
72:91:bf:15:0c:30:3a:d4:b4:74:f1:b4:51:15:03:ed:6a:87:
36:2c:d8:dd:56:ff:86:17:aa:44:f4:e4:9b:37:47:6e:3d:d4:
14:a2:63:a9:05:7f:45:7b:46:a5:8a:23:24:6e:db:ac:9d:e8:
70:90:01:57:26:b6:c1:d1:6a:72:53:88:93:0f:f7:96:3a:fc:
48:b5:6d:21:9c:02:46:7f:18:53:21:09:24:73:1b:95:dc:e7:
ab:5c:3d:14:72:a9:04:ed:c1:20:13:4c:18:64:16:1e:a3:71:
83:e9:14:ea:71:44:4e:fc:bf:05:e4:c2:76:14:d6:d1:c4:2d:
ed:77:ae:65:ed:0c:d7:21:27:80:59:7c:a1:4f:a5:4b:3c:44:
5e:d5:ca:05:f0:a7:ed:a0:ec:e9:0e:63:dd:cc:5a:4b:3f:58:
13:e3:a0:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJwdZSilVzaPSrGUaRkc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGI2NzU5YzFhMGNmNWFkODJkYTVjMzkzYmNkMGZmZjdj
N2UyZjAwHhcNMjQwMTAxMjIzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDYzMTY1NzY5YzQwYjJhNDUzMjVhNGZlMWMyODYxNDFjMTAwODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEgqxMo828Rso3zIKo1S3H5TGui9
W8BCcgvJ81hR+s1QvDWtoI9nMtRkH1QP87BLHH2AH46NlbFDsgyBl5S56pfOLz+7
NjP4dm2npEYZVmytdcVx9eV4HbtcR+h0ys+Lmjy1k0eQlB9xMDijPkxwiOxb0hRh
L1kSFErpiN/oXxobRMxun26s7jjqpB1MeSaSaIetQo6cxntQ6PK3g4sC5WS9YPXf
B3BZGuYVDlcnVKutaxHDJr7ajXPmhQacrUX0bW020yBQ1THYcpRva/hWLeFP2W+c
cmobFdS8qzPfMdxYcdz6sy+T86vswNhlgOogKzcjhAYzVs+8lkKoO9xaKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRjFldpxAsqRTJaT+HChhQcEAiWMB8GA1UdIwQY
MBaAFEWLZ1nBoM9a2C2lw5O80P/3x+LwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUll0bldjR2d6MXJZTGFYRGs3elFfX2ZINHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wMWEyODUtZmM4MS00YjA2LTgwYjIt
MDBjOTEzY2IwNTU3LzEvVkdNV1YybkVDeXBGTWxwUDRjS0dGQndRQ0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wMWEyODUtZmM4MS00YjA2LTgwYjItMDBjOTEzY2IwNTU3
LzEvUll0bldjR2d6MXJZTGFYRGs3elFfX2ZINHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/j8MA0G
CSqGSIb3DQEBCwUAA4IBAQCIBGKNCJPtBcwNGnfHO+tPVc3+GaVQ2o/0y7hKrz8H
A8mFbCxR9k6xI+LmGYzsDoqIjQazyKyOVyxmMAdB7p1ZdO6NYU9YksVn3JeBBF0C
sL6zph3qB7VQW+xykb8VDDA61LR08bRRFQPtaoc2LNjdVv+GF6pE9OSbN0duPdQU
omOpBX9Fe0aliiMkbtusnehwkAFXJrbB0WpyU4iTD/eWOvxItW0hnAJGfxhTIQkk
cxuV3OerXD0UcqkE7cEgE0wYZBYeo3GD6RTqcURO/L8F5MJ2FNbRxC3td65l7QzX
ISeAWXyhT6VLPERe1coF8KftoOzpDmPdzFpLP1gT46AS
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:42:43 2024 by rpki-client on console-ams.rpki-client.org