Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa
File: Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa (raw, json)
Hash identifier: Vm6gEcAMPfxaiYr6nJ4B7+74KQBTRq8x4yX49QGV7E0=
Subject key identifier: 55:EE:EA:4D:27:D2:BB:25:33:0B:72:9A:D4:C7:59:87:49:3F:D9:5A
Certificate issuer: /CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Certificate serial: 018CC5DC2AF7DFB06F30492B4B169BD7A4BB
Authority key identifier: 90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60157
IP address blocks: 185.54.171.0/24 maxlen: 24
185.54.168.0/24 maxlen: 24
185.54.168.0/22 maxlen: 22
185.54.168.0/23 maxlen: 23
185.54.170.0/24 maxlen: 24
185.54.169.0/24 maxlen: 24
2a02:4560::/32 maxlen: 32
2a02:4560::/48 maxlen: 48
2a02:4560:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2a:f7:df:b0:6f:30:49:2b:4b:16:9b:d7:a4:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55eeea4d27d2bb25330b729ad4c75987493fd95a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4b:24:68:2d:76:3e:d8:fd:98:87:e4:c9:0b:
97:cd:f8:c9:90:be:42:cc:5f:10:bd:ba:14:2d:96:
64:7e:9c:73:8b:29:4b:2f:fc:d3:70:66:3b:f6:54:
ab:25:3e:3c:42:79:f2:e0:8f:d4:bc:9d:d7:26:e3:
5d:8a:74:4b:d5:36:23:53:5c:ed:de:a8:07:17:fe:
14:ec:27:8d:ca:e0:9a:b1:75:2c:17:31:d7:c4:0f:
bf:85:c0:b3:2f:dc:29:55:f1:f7:ff:c1:80:f7:5e:
31:36:4e:a2:e3:21:45:47:70:aa:32:25:ae:f7:f7:
50:2a:8a:4d:a9:f8:18:03:f9:64:ed:dd:ac:af:da:
02:e5:7a:8d:ef:ec:a6:d3:a3:50:74:7d:16:a6:b3:
76:3e:7b:ed:71:ac:0c:6d:dd:c6:02:6f:6c:62:01:
fc:6f:4c:83:99:b6:14:15:5b:a3:29:99:42:ea:9d:
de:54:2c:f1:19:47:f4:9b:3f:d9:b5:71:00:20:39:
15:9f:a8:67:de:45:d1:1f:19:4c:6d:7a:2a:3b:fb:
df:f4:9f:b5:da:63:d1:2f:63:b0:13:68:0b:28:3f:
f1:b2:95:b8:54:b7:8a:c8:a6:07:e9:86:0f:a9:e1:
32:a8:4a:40:3d:e0:dc:2f:4f:37:74:1a:a6:9a:89:
00:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:EE:EA:4D:27:D2:BB:25:33:0B:72:9A:D4:C7:59:87:49:3F:D9:5A
X509v3 Authority Key Identifier:
keyid:90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/Ve7qTSfSuyUzC3Ka1MdZh0k_2Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.168.0/22
IPv6:
2a02:4560::/32
Signature Algorithm: sha256WithRSAEncryption
ae:88:8e:50:5d:39:1f:65:7d:34:21:f9:d6:a9:01:b2:30:90:
ea:bf:08:e1:e2:e8:77:17:5b:df:93:e8:36:10:2e:83:cf:96:
3d:74:17:54:14:32:1c:16:4e:e0:73:e8:2d:d4:c9:dd:24:59:
b5:f2:7b:ec:5a:37:c9:61:a4:70:4a:75:55:dc:1e:8a:89:de:
ba:e1:78:25:7a:52:83:87:39:83:fa:b2:22:fc:7a:53:97:1d:
63:4f:b6:6f:b5:49:d0:44:dd:24:69:cb:8b:a5:c2:69:b2:e6:
d6:9a:6b:13:0b:e3:e3:f0:99:2a:4d:e1:bb:62:7b:cf:38:62:
7a:22:11:4f:33:d9:b3:f3:b7:18:97:ee:55:51:0e:81:d5:ad:
ee:76:8e:d6:7e:13:59:f3:5f:e2:1a:ee:e9:4a:b4:f9:22:03:
f5:fc:63:1e:85:67:de:14:e3:aa:23:70:e8:8f:34:36:65:06:
28:13:34:89:d5:95:5e:c6:29:98:43:72:bd:73:8d:8a:85:73:
7a:7e:ce:c9:53:54:63:9a:e4:5a:ec:4c:0d:70:26:25:df:b2:
2f:1c:53:db:b2:82:95:ce:d7:83:06:7b:e2:a3:e2:12:cc:93:
f2:93:61:18:2b:32:d5:c5:a6:2f:88:97:ed:58:f2:f2:14:89:
d4:79:80:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3Cr337BvMEkrSxab16S7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTA2NWVlZjQwZGMwMTZhMWJlN2YyOGQ2ZTY2Y2E3YTg3
ZTdmZTUwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWVlZWE0ZDI3ZDJiYjI1MzMwYjcyOWFkNGM3NTk4NzQ5M2ZkOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kskaC12Ptj9mIfkyQuXzfjJkL5C
zF8QvboULZZkfpxziylLL/zTcGY79lSrJT48Qnny4I/UvJ3XJuNdinRL1TYjU1zt
3qgHF/4U7CeNyuCasXUsFzHXxA+/hcCzL9wpVfH3/8GA914xNk6i4yFFR3CqMiWu
9/dQKopNqfgYA/lk7d2sr9oC5XqN7+ym06NQdH0WprN2PnvtcawMbd3GAm9sYgH8
b0yDmbYUFVujKZlC6p3eVCzxGUf0mz/ZtXEAIDkVn6hn3kXRHxlMbXoqO/vf9J+1
2mPRL2OwE2gLKD/xspW4VLeKyKYH6YYPqeEyqEpAPeDcL083dBqmmokA1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFXu6k0n0rslMwtymtTHWYdJP9laMB8GA1UdIwQY
MBaAFJCgZe70DcAWob5/KNbmbKeofn/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQt
OTI0Y2RmMjc2ZDhkLzEvVmU3cVRTZlN1eVV6QzNLYTFNZFpoMGtfMlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQtOTI0Y2RmMjc2ZDhk
LzEva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTaoMA0E
AgACMAcDBQAqAkVgMA0GCSqGSIb3DQEBCwUAA4IBAQCuiI5QXTkfZX00IfnWqQGy
MJDqvwjh4uh3F1vfk+g2EC6Dz5Y9dBdUFDIcFk7gc+gt1MndJFm18nvsWjfJYaRw
SnVV3B6Kid664XglelKDhzmD+rIi/HpTlx1jT7ZvtUnQRN0kacuLpcJpsubWmmsT
C+Pj8JkqTeG7YnvPOGJ6IhFPM9mz87cYl+5VUQ6B1a3udo7WfhNZ81/iGu7pSrT5
IgP1/GMehWfeFOOqI3DojzQ2ZQYoEzSJ1ZVeximYQ3K9c42KhXN6fs7JU1RjmuRa
7EwNcCYl37IvHFPbsoKVzteDBnvio+ISzJPyk2EYKzLVxaYviJftWPLyFInUeYCZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:46:25 2024 by rpki-client on console-fra.rpki-client.org