Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/vPTRsd9teKzc-Jp8pONz8RpDtfU.roa
File: vPTRsd9teKzc-Jp8pONz8RpDtfU.roa (raw, json)
Hash identifier: Hair8uSLGSar0YCOZt0EX1kQcY4jxDWEiIsJ8wSbw/A=
Subject key identifier: BC:F4:D1:B1:DF:6D:78:AC:DC:F8:9A:7C:A4:E3:73:F1:1A:43:B5:F5
Certificate issuer: /CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
Certificate serial: 018CC5DC21199812FB32464545B20BEF99C5
Authority key identifier: 2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/vPTRsd9teKzc-Jp8pONz8RpDtfU.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209626
IP address blocks: 89.106.200.0/24 maxlen: 24
2a12:5240::/48 maxlen: 48
2a12:5240::/47 maxlen: 47
2a12:5240:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:21:19:98:12:fb:32:46:45:45:b2:0b:ef:99:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcf4d1b1df6d78acdcf89a7ca4e373f11a43b5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:d3:70:bc:21:b9:7b:63:3d:1b:8f:02:91:
ee:63:0f:47:10:1f:a4:7d:4a:c1:46:c5:29:51:fa:
7f:a8:00:63:bc:6b:b6:58:71:77:0f:d5:3f:9c:5b:
6c:78:a6:a9:7f:04:16:31:f8:17:18:01:8d:1e:1d:
e6:65:a6:44:73:be:d4:74:ed:0b:d3:f7:22:aa:aa:
0c:6b:01:e5:8b:74:04:2f:0f:e3:f8:ca:58:9b:f7:
69:3b:c2:2b:9b:ce:c2:c2:43:ea:47:62:11:e3:5b:
bf:de:d6:ad:a9:db:16:8c:cd:7c:e1:24:db:4d:e5:
52:d6:c1:38:92:8a:17:b6:cb:80:27:65:0a:fe:60:
74:47:40:28:0e:06:2b:79:cf:82:ca:50:12:a1:5d:
09:19:ca:5c:77:25:5d:06:fd:49:9e:33:62:05:96:
fa:68:ae:1d:a8:d2:b8:54:af:d3:f5:a9:56:a0:c4:
b7:d2:2e:bd:18:4e:bd:09:ba:a2:e7:55:53:3e:ca:
ef:94:f8:cd:33:61:9e:1d:77:10:62:be:e7:6a:d9:
48:2b:8d:70:5a:c3:4e:e1:19:72:dc:29:9f:a2:ac:
6d:97:91:f0:ca:be:0d:89:74:64:7d:73:49:da:7d:
48:03:4c:09:84:a3:e2:73:0b:ad:73:a6:9e:47:78:
b3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F4:D1:B1:DF:6D:78:AC:DC:F8:9A:7C:A4:E3:73:F1:1A:43:B5:F5
X509v3 Authority Key Identifier:
keyid:2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/vPTRsd9teKzc-Jp8pONz8RpDtfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.200.0/24
IPv6:
2a12:5240::/47
Signature Algorithm: sha256WithRSAEncryption
05:08:ba:c4:19:8f:84:a9:69:9e:6f:e0:b5:9d:e4:b1:06:31:
bd:9f:10:72:7a:75:4c:93:06:cd:b3:3a:3b:64:48:12:81:87:
bd:50:7c:ab:81:c3:50:de:08:b5:0e:fe:fb:90:f9:02:c3:8f:
28:6a:d6:77:bd:25:57:99:92:72:54:d0:4a:81:0f:89:43:b6:
5b:1a:7c:c4:6c:c1:7f:c4:34:31:f4:16:2f:32:64:09:a5:ff:
71:f2:c6:a9:05:53:fc:82:aa:27:d8:c9:66:eb:83:8f:01:df:
1b:ac:93:43:15:1d:20:93:11:9f:15:6a:63:d3:b3:a3:82:b1:
55:ad:cc:5c:77:68:a8:3b:c4:7d:f2:3d:eb:cd:aa:a6:b0:f2:
fa:ea:04:ca:4e:a3:8f:17:f8:53:cf:ba:45:bd:e6:a6:92:95:
b7:9b:34:8e:5f:fb:78:ee:c6:ca:8c:5d:ad:7a:f6:ca:b9:1f:
79:d7:25:95:66:49:f4:89:8c:db:59:a8:89:04:a7:9b:19:ef:
fd:64:b5:73:c8:11:a3:ef:7d:1f:39:02:81:98:31:9b:47:d6:
ad:b1:01:ad:70:ba:4f:4a:cd:e7:e5:7a:e4:26:0b:d6:e8:5c:
50:14:eb:fe:57:7e:4f:ed:10:ee:51:9f:74:ac:c7:89:7f:19:
0b:c4:d0:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3CEZmBL7MkZFRbIL75nFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYzU3NDk5NTQ2YzRlZmQ3MzBmZjg3MWRmM2JkMWFmYmYz
YjlmMDEwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y0ZDFiMWRmNmQ3OGFjZGNmODlhN2NhNGUzNzNmMTFhNDNiNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkjTcLwhuXtjPRuPApHuYw9HEB+k
fUrBRsUpUfp/qABjvGu2WHF3D9U/nFtseKapfwQWMfgXGAGNHh3mZaZEc77UdO0L
0/ciqqoMawHli3QELw/j+MpYm/dpO8Irm87CwkPqR2IR41u/3tatqdsWjM184STb
TeVS1sE4kooXtsuAJ2UK/mB0R0AoDgYrec+CylASoV0JGcpcdyVdBv1JnjNiBZb6
aK4dqNK4VK/T9alWoMS30i69GE69Cbqi51VTPsrvlPjNM2GeHXcQYr7natlIK41w
WsNO4Rly3Cmfoqxtl5Hwyr4NiXRkfXNJ2n1IA0wJhKPicwutc6aeR3iz8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLz00bHfbXis3PiafKTjc/EaQ7X1MB8GA1UdIwQY
MBaAFCzFdJlUbE79cw/4cd870a+/O58BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmIt
YjUyOWIwY2Y1NDExLzEvdlBUUnNkOXRlS3pjLUpwOHBPTno4UnBEdGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmItYjUyOWIwY2Y1NDEx
LzEvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWWrIMA8E
AgACMAkDBwEqElJAAAAwDQYJKoZIhvcNAQELBQADggEBAAUIusQZj4SpaZ5v4LWd
5LEGMb2fEHJ6dUyTBs2zOjtkSBKBh71QfKuBw1DeCLUO/vuQ+QLDjyhq1ne9JVeZ
knJU0EqBD4lDtlsafMRswX/ENDH0Fi8yZAml/3HyxqkFU/yCqifYyWbrg48B3xus
k0MVHSCTEZ8VamPTs6OCsVWtzFx3aKg7xH3yPevNqqaw8vrqBMpOo48X+FPPukW9
5qaSlbebNI5f+3juxsqMXa169sq5H3nXJZVmSfSJjNtZqIkEp5sZ7/1ktXPIEaPv
fR85AoGYMZtH1q2xAa1wuk9KzefleuQmC9boXFAU6/5Xfk/tEO5Rn3Ssx4l/GQvE
0Bg=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:32:12 2024 by rpki-client on console-ams.rpki-client.org