Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/wVZGK_X7kwzwnIKV5OlKEXqJgeY.roa
File: wVZGK_X7kwzwnIKV5OlKEXqJgeY.roa (raw, json)
Hash identifier: vEYLJCWoWxn1+YpiZ6ZTRAJJpLrZT/rXKmHg2k3s3c0=
Subject key identifier: C1:56:46:2B:F5:FB:93:0C:F0:9C:82:95:E4:E9:4A:11:7A:89:81:E6
Certificate issuer: /CN=aed6ef17e6f95181890e54d000a2ac8ff2d2499b
Certificate serial: 018CC56DF1A0ABF82CA6799C407D2D90C77E
Authority key identifier: AE:D6:EF:17:E6:F9:51:81:89:0E:54:D0:00:A2:AC:8F:F2:D2:49:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtbvF-b5UYGJDlTQAKKsj_LSSZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/wVZGK_X7kwzwnIKV5OlKEXqJgeY.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28792
IP address blocks: 195.46.60.0/22 maxlen: 24
80.82.240.0/20 maxlen: 24
195.85.245.0/24 maxlen: 24
185.58.176.0/22 maxlen: 24
2a01:248::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/rtbvF-b5UYGJDlTQAKKsj_LSSZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/rtbvF-b5UYGJDlTQAKKsj_LSSZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtbvF-b5UYGJDlTQAKKsj_LSSZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f1:a0:ab:f8:2c:a6:79:9c:40:7d:2d:90:c7:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aed6ef17e6f95181890e54d000a2ac8ff2d2499b
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c156462bf5fb930cf09c8295e4e94a117a8981e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f6:43:98:99:69:12:e3:ca:ee:89:64:2b:00:
66:8c:2c:cb:9c:87:46:56:1a:4f:a4:74:71:b1:55:
77:82:ed:e8:5c:1b:64:36:5b:76:93:7b:e5:1a:ae:
88:c3:5a:04:d2:71:da:73:84:c9:f4:f0:05:40:44:
50:b2:74:d3:b6:c4:c2:73:61:a1:52:11:b2:a7:17:
d2:b5:a9:4a:b8:b1:19:34:d8:db:d2:ff:d4:0e:a7:
3c:c9:c3:71:c0:d7:e7:98:47:97:79:39:06:86:02:
25:c4:36:80:6b:01:1b:9f:1b:4b:7e:c9:ba:3f:82:
02:56:44:b6:80:85:c5:81:e4:1c:bc:22:6f:62:bc:
25:f9:b8:6a:d7:e3:62:56:43:60:38:38:64:2b:37:
e9:da:2a:80:23:ea:be:53:a6:65:4a:b6:74:ea:1a:
07:6a:53:e5:10:a3:94:76:10:57:3f:37:5b:eb:ae:
11:f8:3c:97:2a:e7:89:17:20:c0:1d:fa:e9:2c:8c:
fb:e9:15:89:b1:a5:76:0c:9d:6c:a0:a1:4b:44:40:
a2:49:ec:b5:b1:2d:f9:a3:66:d7:22:6d:dc:d9:55:
0b:4e:27:30:3b:07:b6:08:ca:59:f3:24:70:50:f4:
ff:ce:66:12:b3:cc:29:f3:00:91:92:c0:aa:f8:54:
25:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:56:46:2B:F5:FB:93:0C:F0:9C:82:95:E4:E9:4A:11:7A:89:81:E6
X509v3 Authority Key Identifier:
keyid:AE:D6:EF:17:E6:F9:51:81:89:0E:54:D0:00:A2:AC:8F:F2:D2:49:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtbvF-b5UYGJDlTQAKKsj_LSSZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/wVZGK_X7kwzwnIKV5OlKEXqJgeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/rtbvF-b5UYGJDlTQAKKsj_LSSZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.240.0/20
185.58.176.0/22
195.46.60.0/22
195.85.245.0/24
IPv6:
2a01:248::/32
Signature Algorithm: sha256WithRSAEncryption
02:02:ce:df:63:d8:64:59:c2:09:45:08:da:d9:9c:9f:27:4a:
65:0f:d1:f1:77:5c:e4:65:da:ad:c8:b4:4a:d3:6e:c4:1a:e8:
16:93:96:ae:54:e7:fa:64:53:90:32:10:c2:bb:0d:3a:cc:6d:
42:d3:80:7e:81:54:50:c3:44:04:a2:5e:df:9f:1c:1b:ef:ec:
82:cb:71:db:b1:18:3d:8c:79:8f:f3:56:2c:84:6f:12:8d:34:
54:4e:05:29:15:0a:f4:7b:36:99:91:49:fb:e2:f4:bf:2e:82:
ba:05:45:85:24:df:f9:c0:fc:8f:e3:ac:fc:f2:ba:97:61:5a:
6c:44:52:47:44:96:83:47:82:58:e6:f7:d1:c5:88:cf:0a:91:
ee:38:de:ca:ee:35:1d:cb:74:a2:b5:84:36:1a:61:bd:b5:43:
d9:52:bd:1c:80:c0:02:a5:26:25:a8:6a:7e:99:a5:98:ae:10:
7b:8b:2f:7d:a6:46:e1:dd:3b:85:3c:55:0f:fd:1b:3b:52:20:
1b:ac:e0:b5:79:f4:07:a9:9c:5e:d1:67:29:b0:07:34:a7:8b:
c7:e2:fd:0f:e5:71:97:d2:34:b1:1b:ce:66:a2:97:27:29:50:
43:28:d2:8f:63:9c:53:1e:11:6c:44:24:71:3b:d5:0a:ed:fa:
65:d3:61:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbfGgq/gspnmcQH0tkMd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZDZlZjE3ZTZmOTUxODE4OTBlNTRkMDAwYTJhYzhmZjJk
MjQ5OWIwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTU2NDYyYmY1ZmI5MzBjZjA5YzgyOTVlNGU5NGExMTdhODk4MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPZDmJlpEuPK7olkKwBmjCzLnIdG
VhpPpHRxsVV3gu3oXBtkNlt2k3vlGq6Iw1oE0nHac4TJ9PAFQERQsnTTtsTCc2Gh
UhGypxfStalKuLEZNNjb0v/UDqc8ycNxwNfnmEeXeTkGhgIlxDaAawEbnxtLfsm6
P4ICVkS2gIXFgeQcvCJvYrwl+bhq1+NiVkNgODhkKzfp2iqAI+q+U6ZlSrZ06hoH
alPlEKOUdhBXPzdb664R+DyXKueJFyDAHfrpLIz76RWJsaV2DJ1soKFLRECiSey1
sS35o2bXIm3c2VULTicwOwe2CMpZ8yRwUPT/zmYSs8wp8wCRksCq+FQl0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMFWRiv1+5MM8JyCleTpShF6iYHmMB8GA1UdIwQY
MBaAFK7W7xfm+VGBiQ5U0ACirI/y0kmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRidkYtYjVVWUdKRGxUUUFLS3NqX0xTU1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jN2VhMWYtYWEyNy00YWM4LThjYTct
MGFlMGYxYWNjZGE0LzEvd1ZaR0tfWDdrd3p3bklLVjVPbEtFWHFKZ2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jN2VhMWYtYWEyNy00YWM4LThjYTctMGFlMGYxYWNjZGE0
LzEvcnRidkYtYjVVWUdKRGxUUUFLS3NqX0xTU1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFLwAwQC
uTqwAwQCwy48AwQAw1X1MA0EAgACMAcDBQAqAQJIMA0GCSqGSIb3DQEBCwUAA4IB
AQACAs7fY9hkWcIJRQja2ZyfJ0plD9Hxd1zkZdqtyLRK027EGugWk5auVOf6ZFOQ
MhDCuw06zG1C04B+gVRQw0QEol7fnxwb7+yCy3HbsRg9jHmP81YshG8SjTRUTgUp
FQr0ezaZkUn74vS/LoK6BUWFJN/5wPyP46z88rqXYVpsRFJHRJaDR4JY5vfRxYjP
CpHuON7K7jUdy3SitYQ2GmG9tUPZUr0cgMACpSYlqGp+maWYrhB7iy99pkbh3TuF
PFUP/Rs7UiAbrOC1efQHqZxe0WcpsAc0p4vH4v0P5XGX0jSxG85mopcnKVBDKNKP
Y5xTHhFsRCRxO9UK7fpl02FM
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:36 2024 by rpki-client on console-fra.rpki-client.org