Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/vsReOO8tBFjruuoyhiZf8FwacBA.roa
File: vsReOO8tBFjruuoyhiZf8FwacBA.roa (raw, json)
Hash identifier: +0fblfxRsZqAfSQtuaHOOU86PtE/ccNN0R9t/+co4Kw=
Subject key identifier: BE:C4:5E:38:EF:2D:04:58:EB:BA:EA:32:86:26:5F:F0:5C:1A:70:10
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 018CC87154AFAC698FA0025387AF704205E9
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/vsReOO8tBFjruuoyhiZf8FwacBA.roa
Signing time: Tue 02 Jan 2024 04:31:59 +0000
ROA not before: Tue 02 Jan 2024 04:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216127
IP address blocks: 95.181.151.0/24 maxlen: 24
95.181.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:54:af:ac:69:8f:a0:02:53:87:af:70:42:05:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 2 04:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bec45e38ef2d0458ebbaea3286265ff05c1a7010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:57:b5:be:26:22:ea:6c:bf:de:61:2a:67:
c4:d5:f0:73:47:42:65:89:06:8b:d8:98:ca:4a:44:
29:17:aa:1d:b5:65:b6:dc:5f:da:50:a1:b1:57:6c:
9c:44:eb:f3:69:d3:57:5e:0b:3d:e5:fa:9f:51:2f:
32:94:f2:dc:ba:14:0f:1b:71:ae:8e:61:88:a5:b6:
ae:83:54:4e:84:d6:36:35:2f:d7:a7:91:6c:54:0f:
e7:dc:8f:87:ca:4d:c7:6d:d9:10:ab:1b:6e:c4:36:
b6:78:89:62:5a:a9:90:f3:91:44:bd:1c:99:a4:b5:
fa:62:7c:72:66:1d:d0:70:43:cf:87:cf:98:87:87:
a9:36:79:d4:0b:cb:ca:44:c1:4b:c2:d3:e9:4f:b1:
c1:a8:bd:63:0d:f0:fb:39:c0:04:57:57:06:0c:ae:
b1:ac:5e:d8:07:36:69:ce:d1:17:5c:bb:3e:7a:55:
99:34:96:7f:5a:fa:be:32:3f:43:8e:55:c2:45:d8:
a7:89:3a:5a:ba:e5:28:c5:77:35:40:33:2f:9f:8e:
b3:af:26:cb:9e:3c:7f:d8:48:c5:f3:a8:78:13:da:
3f:f3:b6:db:ff:24:65:d6:63:f1:12:0f:76:08:51:
7a:42:65:e9:3e:88:aa:b0:d7:2b:35:0c:89:4c:61:
a2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C4:5E:38:EF:2D:04:58:EB:BA:EA:32:86:26:5F:F0:5C:1A:70:10
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/vsReOO8tBFjruuoyhiZf8FwacBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.151.0/24
95.181.161.0/24
Signature Algorithm: sha256WithRSAEncryption
24:80:33:93:77:89:90:bd:c8:9e:41:8c:be:3d:83:f2:3a:fa:
99:e9:35:d8:03:8b:31:93:63:fc:23:5f:a7:fe:18:52:42:db:
d1:47:b8:60:eb:c0:45:86:ab:80:68:24:e8:ff:f8:5d:fe:6b:
80:ec:db:8b:1e:a4:52:db:b9:4f:29:58:37:70:4b:1a:e2:95:
bc:6e:23:2a:d7:e6:97:27:51:90:49:c0:b8:b8:08:ff:a3:ab:
14:19:35:56:8d:9c:78:f9:25:67:e5:7e:c6:25:c2:b3:70:c9:
d9:0f:c8:9e:ac:97:35:cf:b7:c9:a5:84:bd:4f:bd:8c:81:c2:
e6:6c:36:e8:34:2c:69:8c:60:b7:55:de:cf:6b:4c:dc:b3:17:
0c:74:bd:7c:01:45:08:e2:fb:52:6f:d9:77:d0:1f:2b:a3:c4:
67:5e:cc:fa:1c:9a:74:4e:5b:c5:bb:ae:5a:79:83:40:a3:dd:
65:cc:bc:e8:55:46:bd:b4:2f:77:6b:f8:39:f0:75:40:5d:86:
82:53:eb:97:f0:66:be:15:50:cc:9a:c0:da:a4:f5:75:40:72:
3e:90:36:a7:29:fd:c7:4d:8e:8a:df:e5:f2:9e:2c:2a:db:dd:
6b:77:2f:fe:fa:5f:4a:5e:d6:05:c1:e3:5e:28:69:e0:e0:9f:
6b:3c:54:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcVSvrGmPoAJTh69wQgXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQwMTAyMDQzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWM0NWUzOGVmMmQwNDU4ZWJiYWVhMzI4NjI2NWZmMDVjMWE3MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv5Xtb4mIupsv95hKmfE1fBzR0Jl
iQaL2JjKSkQpF6odtWW23F/aUKGxV2ycROvzadNXXgs95fqfUS8ylPLcuhQPG3Gu
jmGIpbaug1ROhNY2NS/Xp5FsVA/n3I+Hyk3HbdkQqxtuxDa2eIliWqmQ85FEvRyZ
pLX6YnxyZh3QcEPPh8+Yh4epNnnUC8vKRMFLwtPpT7HBqL1jDfD7OcAEV1cGDK6x
rF7YBzZpztEXXLs+elWZNJZ/Wvq+Mj9DjlXCRdiniTpauuUoxXc1QDMvn46zrybL
njx/2EjF86h4E9o/87bb/yRl1mPxEg92CFF6QmXpPoiqsNcrNQyJTGGijwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL7EXjjvLQRY67rqMoYmX/BcGnAQMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvdnNSZU9POHRCRmpydXVveWhpWmY4RndhY0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX7WXAwQA
X7WhMA0GCSqGSIb3DQEBCwUAA4IBAQAkgDOTd4mQvcieQYy+PYPyOvqZ6TXYA4sx
k2P8I1+n/hhSQtvRR7hg68BFhquAaCTo//hd/muA7NuLHqRS27lPKVg3cEsa4pW8
biMq1+aXJ1GQScC4uAj/o6sUGTVWjZx4+SVn5X7GJcKzcMnZD8ierJc1z7fJpYS9
T72MgcLmbDboNCxpjGC3Vd7Pa0zcsxcMdL18AUUI4vtSb9l30B8ro8RnXsz6HJp0
TlvFu65aeYNAo91lzLzoVUa9tC93a/g58HVAXYaCU+uX8Ga+FVDMmsDapPV1QHI+
kDanKf3HTY6K3+Xyniwq291rdy/++l9KXtYFweNeKGng4J9rPFTQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:34 2024 by rpki-client on console-fra.rpki-client.org