Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/VRQ4PinBEDNLT-pfsEGxa28NSpw.roa
File: VRQ4PinBEDNLT-pfsEGxa28NSpw.roa (raw, json)
Hash identifier: UqvkLcy1aPLkeDt+lPoVDiuE9PXhcKRNAC1RRtan+4s=
Subject key identifier: 55:14:38:3E:29:C1:10:33:4B:4F:EA:5F:B0:41:B1:6B:6F:0D:4A:9C
Certificate issuer: /CN=61a5d217759e861696fc77ed9aa63b94edb3be7d
Certificate serial: 018CC64B1C434422781701D751F932310E27
Authority key identifier: 61:A5:D2:17:75:9E:86:16:96:FC:77:ED:9A:A6:3B:94:ED:B3:BE:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YaXSF3WehhaW_HftmqY7lO2zvn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/VRQ4PinBEDNLT-pfsEGxa28NSpw.roa
Signing time: Mon 01 Jan 2024 18:30:59 +0000
ROA not before: Mon 01 Jan 2024 18:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 185.27.249.0/24 maxlen: 24
185.27.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/YaXSF3WehhaW_HftmqY7lO2zvn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/YaXSF3WehhaW_HftmqY7lO2zvn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YaXSF3WehhaW_HftmqY7lO2zvn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1c:43:44:22:78:17:01:d7:51:f9:32:31:0e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61a5d217759e861696fc77ed9aa63b94edb3be7d
Validity
Not Before: Jan 1 18:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5514383e29c110334b4fea5fb041b16b6f0d4a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:6f:52:9c:54:3a:e2:68:39:e7:8c:d4:7f:
f4:08:b4:83:b8:0a:19:c9:3e:82:f0:27:c7:8c:83:
33:70:c3:90:ea:e8:a4:d3:e3:35:46:b4:98:ee:df:
23:08:a6:28:9e:15:2c:29:78:93:ae:cf:f2:b8:0a:
db:09:7e:c4:93:03:b1:d5:1b:0d:67:94:99:f6:e3:
48:4b:5d:ab:f7:c3:cf:5c:a4:62:7e:a9:28:46:ac:
79:e5:f5:5b:f1:05:3a:bd:87:db:16:b3:25:54:3c:
5c:e7:48:0d:77:bb:04:f8:6e:ac:34:8e:a2:48:37:
87:2c:ed:b9:24:43:6b:53:4e:de:0c:18:a5:95:45:
84:08:d2:52:20:5b:d1:ad:b6:b3:98:be:38:30:df:
bd:27:be:9b:0c:84:6e:62:1d:34:59:9a:1b:98:e7:
e3:7b:3c:be:a9:02:1c:c5:ca:97:41:33:b0:c7:c8:
49:84:d1:74:73:23:c1:09:c3:43:0b:b8:63:ff:37:
60:93:81:f0:29:19:e5:a4:b7:1b:e0:dd:6b:b2:44:
f1:f4:a5:a1:22:21:82:ac:41:59:4b:78:07:77:c7:
9b:af:69:f0:20:7e:36:6e:ef:a5:73:f4:a9:42:ce:
76:5f:9a:5c:f8:c4:85:f1:32:ac:e0:43:6c:59:ce:
42:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:14:38:3E:29:C1:10:33:4B:4F:EA:5F:B0:41:B1:6B:6F:0D:4A:9C
X509v3 Authority Key Identifier:
keyid:61:A5:D2:17:75:9E:86:16:96:FC:77:ED:9A:A6:3B:94:ED:B3:BE:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YaXSF3WehhaW_HftmqY7lO2zvn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/VRQ4PinBEDNLT-pfsEGxa28NSpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/YaXSF3WehhaW_HftmqY7lO2zvn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.249.0/24
185.27.251.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:30:48:90:b6:b0:34:14:5b:e0:67:c4:5d:b9:2a:19:99:58:
0c:f2:cb:28:12:e6:ce:65:f4:3f:12:cb:7b:9b:b6:e8:c5:9a:
51:9e:d4:75:16:cd:84:28:a9:3f:40:98:95:78:1d:1d:b1:c1:
c3:2d:aa:3a:49:e4:52:bd:25:ab:40:d6:0c:58:f0:35:3a:37:
96:78:22:4f:12:d4:db:e3:39:cf:6a:96:bb:07:16:3b:87:c4:
de:1c:5f:88:57:8d:c6:d5:03:08:ec:37:19:ba:68:aa:05:ef:
90:9d:fa:f7:d4:61:1b:f0:cd:09:f8:3f:5f:c3:f4:a3:bf:b1:
ee:75:43:f0:a8:9c:83:7b:ea:23:34:44:56:cd:39:36:4c:b2:
f9:7a:4e:75:35:53:01:45:fc:fb:cd:f5:dc:ee:28:7f:9a:7c:
b7:75:19:11:9a:78:ac:e2:fe:3d:63:51:9d:49:fa:0c:0a:61:
03:d1:a0:c4:7f:58:aa:03:15:4c:e8:3b:32:28:78:1d:4d:ea:
34:9c:ca:58:96:71:17:0f:b6:99:e3:22:6b:2c:a6:d8:35:6d:
a7:3f:07:d1:0d:29:cf:96:23:31:da:02:b5:39:f8:64:61:02:
3e:90:da:ef:58:8a:28:b1:93:ef:58:36:80:0c:28:8d:01:7f:
5b:92:12:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSxxDRCJ4FwHXUfkyMQ4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYTVkMjE3NzU5ZTg2MTY5NmZjNzdlZDlhYTYzYjk0ZWRi
M2JlN2QwHhcNMjQwMTAxMTgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE0MzgzZTI5YzExMDMzNGI0ZmVhNWZiMDQxYjE2YjZmMGQ0YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRvUpxUOuJoOeeM1H/0CLSDuAoZ
yT6C8CfHjIMzcMOQ6uik0+M1RrSY7t8jCKYonhUsKXiTrs/yuArbCX7EkwOx1RsN
Z5SZ9uNIS12r98PPXKRifqkoRqx55fVb8QU6vYfbFrMlVDxc50gNd7sE+G6sNI6i
SDeHLO25JENrU07eDBillUWECNJSIFvRrbazmL44MN+9J76bDIRuYh00WZobmOfj
ezy+qQIcxcqXQTOwx8hJhNF0cyPBCcNDC7hj/zdgk4HwKRnlpLcb4N1rskTx9KWh
IiGCrEFZS3gHd8ebr2nwIH42bu+lc/SpQs52X5pc+MSF8TKs4ENsWc5CGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUUOD4pwRAzS0/qX7BBsWtvDUqcMB8GA1UdIwQY
MBaAFGGl0hd1noYWlvx37ZqmO5Tts759MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWFYU0YzV2VoaGFXX0hmdG1xWTdsTzJ6dm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83MmY2Y2YtOWJkNC00NjdhLWE5MmEt
NWE2NGE1ZmM4YTY0LzEvVlJRNFBpbkJFRE5MVC1wZnNFR3hhMjhOU3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83MmY2Y2YtOWJkNC00NjdhLWE5MmEtNWE2NGE1ZmM4YTY0
LzEvWWFYU0YzV2VoaGFXX0hmdG1xWTdsTzJ6dm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRv5AwQA
uRv7MA0GCSqGSIb3DQEBCwUAA4IBAQANMEiQtrA0FFvgZ8RduSoZmVgM8ssoEubO
ZfQ/Est7m7boxZpRntR1Fs2EKKk/QJiVeB0dscHDLao6SeRSvSWrQNYMWPA1OjeW
eCJPEtTb4znPapa7BxY7h8TeHF+IV43G1QMI7DcZumiqBe+Qnfr31GEb8M0J+D9f
w/Sjv7HudUPwqJyDe+ojNERWzTk2TLL5ek51NVMBRfz7zfXc7ih/mny3dRkRmnis
4v49Y1GdSfoMCmED0aDEf1iqAxVM6DsyKHgdTeo0nMpYlnEXD7aZ4yJrLKbYNW2n
PwfRDSnPliMx2gK1OfhkYQI+kNrvWIoosZPvWDaADCiNAX9bkhL0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:33:22 2024 by rpki-client on console-fra.rpki-client.org