Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/VfVYxNBRyWWIKppPnObH-REgs6o.roa
File: VfVYxNBRyWWIKppPnObH-REgs6o.roa (raw, json)
Hash identifier: 2ztFsf25F0a1Wd0FNzclF/k8A9re9zqxb4Khbk2rvVg=
Subject key identifier: 55:F5:58:C4:D0:51:C9:65:88:2A:9A:4F:9C:E6:C7:F9:11:20:B3:AA
Certificate issuer: /CN=a040f968fa52e6cb2fe657109700fa074c190b85
Certificate serial: 019208EC2D1A856DE2134DDFFB0B89E0C4C2
Authority key identifier: A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/VfVYxNBRyWWIKppPnObH-REgs6o.roa
Signing time: Thu 19 Sep 2024 06:15:48 +0000
ROA not before: Thu 19 Sep 2024 06:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62352
IP address blocks: 86.105.199.0/24 maxlen: 24
93.117.174.0/24 maxlen: 24
109.205.140.0/23 maxlen: 23
109.205.140.0/24 maxlen: 24
109.205.141.0/24 maxlen: 24
109.205.142.0/23 maxlen: 23
109.205.142.0/24 maxlen: 24
109.205.143.0/24 maxlen: 24
176.126.173.0/24 maxlen: 24
185.39.40.0/22 maxlen: 22
185.39.40.0/24 maxlen: 24
185.39.41.0/24 maxlen: 24
185.39.42.0/24 maxlen: 24
185.39.43.0/24 maxlen: 24
188.241.65.0/24 maxlen: 24
213.236.28.0/24 maxlen: 24
213.236.30.0/23 maxlen: 23
213.236.30.0/24 maxlen: 24
213.236.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:08:ec:2d:1a:85:6d:e2:13:4d:df:fb:0b:89:e0:c4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a040f968fa52e6cb2fe657109700fa074c190b85
Validity
Not Before: Sep 19 06:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55f558c4d051c965882a9a4f9ce6c7f91120b3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:eb:d2:ff:31:98:6e:47:9e:78:1c:75:a9:3a:
da:bc:35:76:20:b2:b4:6f:80:27:23:16:9b:a8:43:
0c:cf:21:61:1b:e4:11:b0:78:0d:b5:bf:22:77:eb:
ff:6f:2c:48:b2:8b:03:c8:a0:6e:d6:97:67:24:61:
e7:db:8e:8c:cd:23:12:67:43:e0:5c:7a:34:16:fd:
bc:f3:51:2f:e5:ad:bc:cd:f1:b5:63:bd:12:4e:95:
36:29:22:07:f7:61:39:eb:e1:7b:99:26:32:8e:38:
e2:dc:81:bd:81:1b:5c:b5:d4:76:7d:df:44:33:8b:
16:a7:d0:b8:07:63:c4:7b:5e:fa:80:21:10:a1:79:
93:a2:ca:65:28:57:f0:37:c7:8b:04:75:81:11:5c:
aa:6d:1c:fd:24:95:03:e7:67:85:32:9a:25:e8:fb:
b7:2e:72:2c:c3:e0:68:01:f4:70:80:f0:af:4f:6a:
49:14:e0:d1:7a:f5:07:b5:c4:2c:86:ba:ed:07:e5:
cf:e5:06:da:fe:04:51:39:09:0c:33:fc:ec:94:f3:
f9:c6:ab:76:7e:25:6e:5b:86:b0:b8:1c:40:c9:8d:
4f:f7:76:75:75:9f:e1:3b:a4:4e:38:37:56:d9:7e:
59:5f:51:79:d7:f8:2c:36:96:eb:55:0c:43:87:5b:
04:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F5:58:C4:D0:51:C9:65:88:2A:9A:4F:9C:E6:C7:F9:11:20:B3:AA
X509v3 Authority Key Identifier:
keyid:A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/VfVYxNBRyWWIKppPnObH-REgs6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.199.0/24
93.117.174.0/24
109.205.140.0/22
176.126.173.0/24
185.39.40.0/22
188.241.65.0/24
213.236.28.0/24
213.236.30.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:d9:52:4c:25:c8:48:74:56:c0:61:46:55:b3:c2:5d:17:95:
e3:48:8e:c5:0f:a0:12:a2:e9:09:2a:1c:d8:57:17:e2:d5:2e:
1b:20:8e:89:46:7d:71:38:b0:b7:5b:f7:9e:4b:4b:56:82:6a:
9b:01:c0:14:7f:05:2a:8d:48:86:3b:58:3b:49:97:fc:60:46:
d8:36:fa:18:bb:d6:31:ed:65:3c:9b:a9:53:19:8d:41:f7:7b:
53:52:62:40:67:31:7c:0f:7a:48:38:47:31:bc:ac:7e:0a:96:
6e:18:5b:3e:72:7f:bf:f7:7d:0d:15:d4:13:e1:6f:0e:e7:65:
ed:2e:cc:39:b3:0d:e7:28:a3:60:83:9b:f1:22:d8:82:69:a1:
39:50:51:77:cd:12:e4:49:8b:7e:55:7f:dd:9c:77:ae:06:87:
f1:09:bf:11:e9:cd:c2:6c:f6:61:07:7c:c6:4e:9a:f0:a2:4b:
05:7f:06:3f:c8:04:61:ac:57:a3:6f:f0:92:bc:89:c0:ff:59:
6d:f0:7a:1f:83:93:7f:f8:ab:05:21:65:23:2f:cf:05:ac:0d:
d2:41:1f:3a:a2:ad:7c:fa:d2:d7:c8:41:78:98:41:9c:53:33:
5d:96:e7:b8:a3:d6:fa:b7:0b:69:97:8c:28:0d:be:ec:a0:98:
86:cd:98:b4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZII7C0ahW3iE03f+wuJ4MTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDBmOTY4ZmE1MmU2Y2IyZmU2NTcxMDk3MDBmYTA3NGMx
OTBiODUwHhcNMjQwOTE5MDYxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY1NThjNGQwNTFjOTY1ODgyYTlhNGY5Y2U2YzdmOTExMjBiM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uvS/zGYbkeeeBx1qTravDV2ILK0
b4AnIxabqEMMzyFhG+QRsHgNtb8id+v/byxIsosDyKBu1pdnJGHn246MzSMSZ0Pg
XHo0Fv2881Ev5a28zfG1Y70STpU2KSIH92E56+F7mSYyjjji3IG9gRtctdR2fd9E
M4sWp9C4B2PEe176gCEQoXmTosplKFfwN8eLBHWBEVyqbRz9JJUD52eFMpol6Pu3
LnIsw+BoAfRwgPCvT2pJFODRevUHtcQshrrtB+XP5Qba/gRROQkMM/zslPP5xqt2
fiVuW4awuBxAyY1P93Z1dZ/hO6ROODdW2X5ZX1F51/gsNpbrVQxDh1sEDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFX1WMTQUclliCqaT5zmx/kRILOqMB8GA1UdIwQY
MBaAFKBA+Wj6UubLL+ZXEJcA+gdMGQuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUt
M2I2YjBhNTU1NWVmLzEvVmZWWXhOQlJ5V1dJS3BwUG5PYkgtUkVnczZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUtM2I2YjBhNTU1NWVm
LzEvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVmnHAwQA
XXWuAwQCbc2MAwQAsH6tAwQCuScoAwQAvPFBAwQA1ewcAwQB1eweMA0GCSqGSIb3
DQEBCwUAA4IBAQBd2VJMJchIdFbAYUZVs8JdF5XjSI7FD6ASoukJKhzYVxfi1S4b
II6JRn1xOLC3W/eeS0tWgmqbAcAUfwUqjUiGO1g7SZf8YEbYNvoYu9Yx7WU8m6lT
GY1B93tTUmJAZzF8D3pIOEcxvKx+CpZuGFs+cn+/930NFdQT4W8O52XtLsw5sw3n
KKNgg5vxItiCaaE5UFF3zRLkSYt+VX/dnHeuBofxCb8R6c3CbPZhB3zGTprwoksF
fwY/yARhrFejb/CSvInA/1lt8Hofg5N/+KsFIWUjL88FrA3SQR86oq18+tLXyEF4
mEGcUzNdlue4o9b6twtpl4woDb7soJiGzZi0
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:15 2024 by rpki-client on console-fra.rpki-client.org