Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/VGhUqu3l3G0eqwjlWPljA6Z83Xs.roa
File: VGhUqu3l3G0eqwjlWPljA6Z83Xs.roa (raw, json)
Hash identifier: I5VQ8TMSfLs3BOwYan1JS4NcGuBoiZLqtqOk2RokXjo=
Subject key identifier: 54:68:54:AA:ED:E5:DC:6D:1E:AB:08:E5:58:F9:63:03:A6:7C:DD:7B
Certificate issuer: /CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Certificate serial: 018CC4931D90460F1F8227E388E4EEA53739
Authority key identifier: 91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/VGhUqu3l3G0eqwjlWPljA6Z83Xs.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34224
IP address blocks: 82.112.171.0/24 maxlen: 24
82.112.175.0/24 maxlen: 24
82.112.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1d:90:46:0f:1f:82:27:e3:88:e4:ee:a5:37:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=546854aaede5dc6d1eab08e558f96303a67cdd7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:20:b2:a1:07:34:37:01:1a:b6:3b:17:2b:4a:
24:64:8e:d7:20:39:ec:fa:f9:25:d2:76:68:fe:be:
7f:9f:87:bb:fb:a7:ac:2d:62:0b:7f:2e:37:2e:5f:
7c:29:c8:6d:56:fd:b5:b2:96:95:2c:92:e7:82:81:
e1:53:3f:f4:09:71:2d:75:a7:c2:0d:a1:a7:9e:a4:
22:94:93:e0:30:2e:30:c9:cf:f7:c0:16:99:9a:96:
e8:30:64:c1:f0:14:be:eb:5e:6c:f3:8b:00:20:12:
80:37:52:d5:71:7b:06:e5:47:65:0a:65:dd:2a:66:
d8:e1:6a:99:f4:5a:ca:13:2b:e1:07:8e:40:db:60:
88:9b:60:d1:f2:eb:2f:7f:cd:96:f2:23:32:91:7f:
1b:d8:c0:8c:04:e2:99:2e:b5:34:5c:e8:95:1b:59:
b6:10:67:15:e0:e0:f9:e2:69:67:20:ca:66:fa:d7:
a0:de:ec:e3:5c:10:53:cf:aa:be:70:13:d3:20:15:
72:53:98:f1:e8:2a:84:6e:c6:3e:67:b1:61:b8:a9:
bc:65:23:10:7a:2b:d5:36:c4:9b:a9:45:03:47:be:
c5:4a:c4:a8:1d:c5:bd:3d:6c:88:2f:45:00:85:fe:
e7:5c:ca:7b:be:e3:a6:0f:a0:51:68:88:9e:9d:d7:
ab:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:68:54:AA:ED:E5:DC:6D:1E:AB:08:E5:58:F9:63:03:A6:7C:DD:7B
X509v3 Authority Key Identifier:
keyid:91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/VGhUqu3l3G0eqwjlWPljA6Z83Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.171.0/24
82.112.174.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:a0:43:9a:c6:2a:24:3a:f2:9c:ed:02:53:7b:80:75:6a:71:
a4:e6:e4:29:f9:71:7a:18:d0:7f:4c:b9:6f:80:42:4c:c9:d1:
0d:ad:9e:98:9d:93:fc:0c:70:03:31:ca:a3:f7:29:a4:4e:f9:
2c:76:9a:43:27:29:8a:89:3b:bb:93:f4:59:54:33:be:58:a6:
46:10:ae:9b:8c:b9:a8:c9:4b:eb:ba:a2:db:cd:94:00:bb:32:
08:33:33:aa:8d:2b:b2:b2:ba:d3:de:a6:a5:98:4d:5f:78:64:
b6:bc:d6:51:6a:18:d1:ad:22:f2:83:c2:17:6f:ca:79:10:dc:
00:6e:4e:58:7f:e9:f9:8a:9f:76:ee:87:86:be:55:02:f3:4e:
fd:30:89:ad:6f:08:f3:f6:1b:23:99:a0:0f:68:11:32:66:61:
f0:6c:42:db:1c:62:53:f2:3e:94:4f:df:f4:bb:13:b9:1f:07:
5f:eb:4a:b1:84:46:5c:27:f1:27:15:95:66:5c:69:bf:36:94:
9d:d1:24:3e:9b:fb:96:25:76:8e:d7:ec:78:8c:2a:ff:eb:7a:
d7:30:c4:64:66:ef:2b:9b:94:a7:f1:79:c4:5f:85:eb:44:d7:
e4:7e:b0:0f:89:35:d1:bd:c1:b2:5d:2f:ce:11:83:e5:dc:db:
a2:37:c3:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkx2QRg8fgifjiOTupTc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgxYmM5NjlkZTZhZGMzZDFkZGMwZWI4OWJkZWVhY2U5
ODA1Y2QwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDY4NTRhYWVkZTVkYzZkMWVhYjA4ZTU1OGY5NjMwM2E2N2NkZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiCyoQc0NwEatjsXK0okZI7XIDns
+vkl0nZo/r5/n4e7+6esLWILfy43Ll98KchtVv21spaVLJLngoHhUz/0CXEtdafC
DaGnnqQilJPgMC4wyc/3wBaZmpboMGTB8BS+615s84sAIBKAN1LVcXsG5UdlCmXd
KmbY4WqZ9FrKEyvhB45A22CIm2DR8usvf82W8iMykX8b2MCMBOKZLrU0XOiVG1m2
EGcV4OD54mlnIMpm+teg3uzjXBBTz6q+cBPTIBVyU5jx6CqEbsY+Z7FhuKm8ZSMQ
eivVNsSbqUUDR77FSsSoHcW9PWyIL0UAhf7nXMp7vuOmD6BRaIienderFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFRoVKrt5dxtHqsI5Vj5YwOmfN17MB8GA1UdIwQY
MBaAFJE4G8lp3mrcPR3cDrib3urOmAXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMt
MjU2ZGE5NWQxMzQ1LzEvVkdoVXF1M2wzRzBlcXdqbFdQbGpBNlo4M1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMtMjU2ZGE5NWQxMzQ1
LzEva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUnCrAwQB
UnCuMA0GCSqGSIb3DQEBCwUAA4IBAQB6oEOaxiokOvKc7QJTe4B1anGk5uQp+XF6
GNB/TLlvgEJMydENrZ6YnZP8DHADMcqj9ymkTvksdppDJymKiTu7k/RZVDO+WKZG
EK6bjLmoyUvruqLbzZQAuzIIMzOqjSuysrrT3qalmE1feGS2vNZRahjRrSLyg8IX
b8p5ENwAbk5Yf+n5ip927oeGvlUC8079MImtbwjz9hsjmaAPaBEyZmHwbELbHGJT
8j6UT9/0uxO5Hwdf60qxhEZcJ/EnFZVmXGm/NpSd0SQ+m/uWJXaO1+x4jCr/63rX
MMRkZu8rm5Sn8XnEX4XrRNfkfrAPiTXRvcGyXS/OEYPl3NuiN8My
-----END CERTIFICATE-----
Generated at Mon May 13 07:53:34 2024 by rpki-client on console-fra.rpki-client.org