Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VjZ2mC_xsBYkxvkqhcakXaVt9lw.roa
File: VjZ2mC_xsBYkxvkqhcakXaVt9lw.roa (raw, json)
Hash identifier: NDwuG9LmCqZZTgHqT9KV5eqDziIe0gTDvK0RM6TtLyw=
Subject key identifier: 56:36:76:98:2F:F1:B0:16:24:C6:F9:2A:85:C6:A4:5D:A5:6D:F6:5C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019324F0EF6D1E5F9456E3EF142DE2C2618F
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VjZ2mC_xsBYkxvkqhcakXaVt9lw.roa
Signing time: Wed 13 Nov 2024 09:53:09 +0000
ROA not before: Wed 13 Nov 2024 09:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 79.172.220.0/24 maxlen: 24
87.229.14.0/24 maxlen: 24
87.229.22.0/24 maxlen: 24
87.229.71.0/24 maxlen: 24
87.229.79.0/24 maxlen: 24
213.181.201.0/24 maxlen: 24
217.144.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:f0:ef:6d:1e:5f:94:56:e3:ef:14:2d:e2:c2:61:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Nov 13 09:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=563676982ff1b01624c6f92a85c6a45da56df65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:98:87:2e:c4:36:9c:ce:1e:bf:e7:64:b2:8d:
3d:2e:23:ce:04:69:d6:7a:55:68:d5:76:28:58:07:
20:70:ed:36:75:d8:b8:90:a8:70:48:06:24:17:02:
55:42:29:e9:f6:54:b0:ab:f1:21:6e:5e:62:8e:42:
1d:ff:54:fa:fd:f9:9a:99:6a:24:8a:a4:1b:c8:44:
3a:1b:c6:26:d7:5c:bd:a5:19:c9:90:34:0c:64:21:
56:36:85:82:b0:17:1f:1c:7c:43:51:2c:fc:78:62:
11:2a:3d:c5:cd:9c:e5:11:87:f9:2c:d1:0e:3c:f5:
37:fc:4a:fe:6f:b9:e0:81:0a:97:3d:0f:8e:de:b9:
98:f7:52:86:42:9c:0a:61:f2:cd:79:b6:78:66:a9:
46:b3:46:9f:05:52:bb:2e:46:65:d2:bc:40:2a:4f:
4f:a2:5a:b0:2e:61:4c:3f:cf:e0:1d:e8:fc:be:ea:
4b:77:ea:48:26:61:c4:a8:fc:f3:5b:fb:20:6f:44:
d2:db:ab:83:76:7c:9f:72:b1:39:87:60:f4:04:c6:
94:9e:07:7e:f2:fa:e8:41:8c:e2:c1:e1:bf:47:48:
4a:b5:78:e4:b1:ad:d5:ab:04:a2:26:e0:84:c0:55:
2d:bb:12:4c:89:8e:09:12:39:a3:2c:f1:29:af:13:
86:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:36:76:98:2F:F1:B0:16:24:C6:F9:2A:85:C6:A4:5D:A5:6D:F6:5C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VjZ2mC_xsBYkxvkqhcakXaVt9lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.220.0/24
87.229.14.0/24
87.229.22.0/24
87.229.71.0/24
87.229.79.0/24
213.181.201.0/24
217.144.62.0/24
Signature Algorithm: sha256WithRSAEncryption
10:2b:60:b2:f3:5d:86:48:d6:de:a0:26:3e:75:d7:0e:2a:08:
56:05:0c:54:41:d1:dd:6e:15:3a:b1:34:9b:e6:dc:11:17:7e:
74:f1:9d:bf:07:7b:85:dd:f7:58:2e:c4:de:41:47:e4:e9:ca:
f0:fd:bd:0c:5e:f4:91:08:15:41:7f:c2:cf:b9:ea:0b:e2:88:
e3:5c:14:ff:94:dd:98:3b:a3:a6:c5:de:fa:c8:e8:e7:fd:67:
7b:b6:22:b2:d4:74:ec:4b:99:ff:20:3d:b5:7f:50:09:66:44:
15:34:6d:02:db:52:2a:6b:94:e2:73:20:0c:a4:ce:93:ea:60:
78:a2:74:e2:fd:1c:78:52:f2:da:b8:19:7e:d2:dc:3b:32:f6:
6d:4d:ba:3d:fd:e3:25:d6:22:e3:05:15:7c:3d:45:f3:4e:ca:
c5:d2:36:38:5a:ff:d2:2e:71:b0:f4:79:a2:d9:8d:a2:55:db:
0f:cb:05:4c:24:60:a7:43:40:f8:f0:2f:ee:5d:80:ac:64:70:
6f:99:e6:9f:48:58:c4:aa:ff:03:9c:15:a2:e0:8d:15:fa:00:
5c:bd:72:61:aa:7f:f8:25:f6:72:46:e9:af:8a:8d:49:6a:ab:
ec:ff:cf:52:6b:28:03:89:99:07:7b:cb:e3:94:3f:08:c6:82:
ac:6b:6a:63
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZMk8O9tHl+UVuPvFC3iwmGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQxMTEzMDk1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjM2NzY5ODJmZjFiMDE2MjRjNmY5MmE4NWM2YTQ1ZGE1NmRmNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZiHLsQ2nM4ev+dkso09LiPOBGnW
elVo1XYoWAcgcO02ddi4kKhwSAYkFwJVQinp9lSwq/Ehbl5ijkId/1T6/fmamWok
iqQbyEQ6G8Ym11y9pRnJkDQMZCFWNoWCsBcfHHxDUSz8eGIRKj3FzZzlEYf5LNEO
PPU3/Er+b7nggQqXPQ+O3rmY91KGQpwKYfLNebZ4ZqlGs0afBVK7LkZl0rxAKk9P
olqwLmFMP8/gHej8vupLd+pIJmHEqPzzW/sgb0TS26uDdnyfcrE5h2D0BMaUngd+
8vroQYziweG/R0hKtXjksa3VqwSiJuCEwFUtuxJMiY4JEjmjLPEprxOGiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFY2dpgv8bAWJMb5KoXGpF2lbfZcMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvVmpaMm1DX3hzQllreHZrcWhjYWtYYVZ0OWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT6zcAwQA
V+UOAwQAV+UWAwQAV+VHAwQAV+VPAwQA1bXJAwQA2ZA+MA0GCSqGSIb3DQEBCwUA
A4IBAQAQK2Cy812GSNbeoCY+ddcOKghWBQxUQdHdbhU6sTSb5twRF3508Z2/B3uF
3fdYLsTeQUfk6crw/b0MXvSRCBVBf8LPueoL4ojjXBT/lN2YO6Omxd76yOjn/Wd7
tiKy1HTsS5n/ID21f1AJZkQVNG0C21Iqa5TicyAMpM6T6mB4onTi/Rx4UvLauBl+
0tw7MvZtTbo9/eMl1iLjBRV8PUXzTsrF0jY4Wv/SLnGw9Hmi2Y2iVdsPywVMJGCn
Q0D48C/uXYCsZHBvmeafSFjEqv8DnBWi4I0V+gBcvXJhqn/4JfZyRumvio1Jaqvs
/89SaygDiZkHe8vjlD8IxoKsa2pj
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:20 2024 by rpki-client on console-ams.rpki-client.org