Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa
File: 1vfr_TuykbLGgu0C62__Dps6UNc.roa (raw, json)
Hash identifier: RsKcXmCzO4BTTGKdVz5RRSrMeVNF2udM/PKjSaWvwB4=
Subject key identifier: D6:F7:EB:FD:3B:B2:91:B2:C6:82:ED:02:EB:6F:FF:0E:9B:3A:50:D7
Certificate issuer: /CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Certificate serial: 018E3D81434E6D8EB3BD620C4DB29F73AC87
Authority key identifier: D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa
Signing time: Thu 14 Mar 2024 15:07:45 +0000
ROA not before: Thu 14 Mar 2024 15:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12480
IP address blocks: 185.149.156.0/22 maxlen: 24
194.45.22.0/24 maxlen: 24
212.86.192.0/19 maxlen: 24
2a00:1970::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:81:43:4e:6d:8e:b3:bd:62:0c:4d:b2:9f:73:ac:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Validity
Not Before: Mar 14 15:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6f7ebfd3bb291b2c682ed02eb6fff0e9b3a50d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e6:4c:a6:e6:2a:fe:87:7d:e6:45:e0:51:6e:
fb:f9:c1:68:2d:08:2b:ad:08:ca:f2:fb:81:38:d4:
7d:ba:05:37:f1:83:bd:53:dd:52:3e:4a:27:0d:54:
2e:9f:fc:c4:be:9e:9a:e3:3c:50:9f:d6:4a:9e:ef:
92:27:2d:ba:7b:4d:b0:ce:d4:c3:1a:7a:b1:24:a4:
9d:9c:9c:2f:ba:65:6e:ec:03:4f:7e:15:45:6a:c9:
79:bd:6a:c1:ae:ab:d0:49:e9:76:86:d4:67:ee:9a:
48:36:e4:36:4a:0e:de:1c:ca:9d:6e:96:5c:26:4e:
92:0c:7e:86:c0:96:4b:08:75:52:10:6c:47:3f:77:
6f:e9:a2:51:45:bb:8f:4f:e7:c4:66:b3:6f:86:1b:
b6:de:9c:93:29:44:a2:50:fd:38:bd:16:c9:17:8e:
8d:2d:92:23:63:be:51:06:ae:e4:f9:39:31:22:19:
e6:6f:b2:cf:a1:86:b0:f9:c0:64:1a:a2:b0:a2:3c:
97:4c:8c:89:a1:5e:5b:39:aa:4d:df:4f:e2:49:c8:
a0:1e:20:b4:e2:a6:64:dc:ec:61:09:6b:6d:18:02:
9a:f3:91:66:f5:19:c2:45:69:46:fc:28:a5:dc:4f:
63:37:46:f6:e3:85:8c:38:4e:82:79:8b:c2:99:eb:
a6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F7:EB:FD:3B:B2:91:B2:C6:82:ED:02:EB:6F:FF:0E:9B:3A:50:D7
X509v3 Authority Key Identifier:
keyid:D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.156.0/22
194.45.22.0/24
212.86.192.0/19
IPv6:
2a00:1970::/32
Signature Algorithm: sha256WithRSAEncryption
68:53:f7:7f:74:7d:7c:bb:72:0c:c3:62:0f:6b:34:0f:2b:9d:
4f:c8:75:78:b2:5a:ff:2b:f3:96:24:f7:8d:1f:1c:ec:f5:31:
35:b5:59:e8:5e:9a:2e:ba:47:25:81:51:4b:8f:32:8b:f1:38:
0f:55:78:e9:36:95:9c:d2:b3:e4:d9:05:98:65:39:bd:ab:da:
43:f8:be:3a:60:36:c5:f8:4d:c1:be:f3:b8:da:48:05:1c:c7:
d2:f9:2f:e7:4f:9c:ad:56:60:3d:de:5b:a1:d0:5a:e1:1f:d2:
c7:d1:f3:d2:62:d7:e3:ca:d5:d8:5c:1a:64:51:51:19:77:39:
a1:62:96:01:2a:b9:d9:54:11:52:9a:4c:c2:c2:c2:d4:3c:41:
1f:07:9c:bf:b8:2a:d0:07:88:df:b8:76:fb:d4:6c:e2:f9:21:
85:c4:b8:84:a0:f9:82:58:c9:32:55:8e:40:ee:fe:76:0f:b0:
90:2a:28:71:ea:d5:b7:9c:84:91:07:3a:fc:64:3b:46:9e:40:
39:ce:05:70:b1:88:93:13:ee:07:29:dc:90:d8:a9:af:c5:3b:
18:5d:60:37:6b:f6:a3:21:66:6b:54:fb:6a:3a:7d:f0:09:fc:
93:47:38:38:3a:f1:4f:7d:c6:46:71:bf:3e:48:fe:b2:be:e4:
59:c7:55:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY49gUNObY6zvWIMTbKfc6yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzI2OWY5ZTkzYjBmYjhiYzRiMWM5NDdhYmM1YjIxZjIx
ZjIzMDUwHhcNMjQwMzE0MTUwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY3ZWJmZDNiYjI5MWIyYzY4MmVkMDJlYjZmZmYwZTliM2E1MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOZMpuYq/od95kXgUW77+cFoLQgr
rQjK8vuBONR9ugU38YO9U91SPkonDVQun/zEvp6a4zxQn9ZKnu+SJy26e02wztTD
GnqxJKSdnJwvumVu7ANPfhVFasl5vWrBrqvQSel2htRn7ppINuQ2Sg7eHMqdbpZc
Jk6SDH6GwJZLCHVSEGxHP3dv6aJRRbuPT+fEZrNvhhu23pyTKUSiUP04vRbJF46N
LZIjY75RBq7k+TkxIhnmb7LPoYaw+cBkGqKwojyXTIyJoV5bOapN30/iScigHiC0
4qZk3OxhCWttGAKa85Fm9RnCRWlG/Cil3E9jN0b244WMOE6CeYvCmeumCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNb36/07spGyxoLtAutv/w6bOlDXMB8GA1UdIwQY
MBaAFNbCafnpOw+4vEsclHq8WyHyHyMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEt
Yjc5Y2ZjMjRkM2I3LzEvMXZmcl9UdXlrYkxHZ3UwQzYyX19EcHM2VU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEtYjc5Y2ZjMjRkM2I3
LzEvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZWcAwQA
wi0WAwQF1FbAMA0EAgACMAcDBQAqABlwMA0GCSqGSIb3DQEBCwUAA4IBAQBoU/d/
dH18u3IMw2IPazQPK51PyHV4slr/K/OWJPeNHxzs9TE1tVnoXpouukclgVFLjzKL
8TgPVXjpNpWc0rPk2QWYZTm9q9pD+L46YDbF+E3BvvO42kgFHMfS+S/nT5ytVmA9
3luh0FrhH9LH0fPSYtfjytXYXBpkUVEZdzmhYpYBKrnZVBFSmkzCwsLUPEEfB5y/
uCrQB4jfuHb71Gzi+SGFxLiEoPmCWMkyVY5A7v52D7CQKihx6tW3nISRBzr8ZDtG
nkA5zgVwsYiTE+4HKdyQ2KmvxTsYXWA3a/ajIWZrVPtqOn3wCfyTRzg4OvFPfcZG
cb8+SP6yvuRZx1Xy
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:17:46 2024 by rpki-client on console-ams.rpki-client.org