Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/VNy43vtzAuGW5P07oir-v6eIzjM.roa
File: VNy43vtzAuGW5P07oir-v6eIzjM.roa (raw, json)
Hash identifier: 1l36bgIJUN9nhddRmt8INs0C9mpYu7OP6vMtcJzJRtE=
Subject key identifier: 54:DC:B8:DE:FB:73:02:E1:96:E4:FD:3B:A2:2A:FE:BF:A7:88:CE:33
Certificate issuer: /CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Certificate serial: 018ECCB8CC4395562B7E83637167B84AC70F
Authority key identifier: 5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/VNy43vtzAuGW5P07oir-v6eIzjM.roa
Signing time: Thu 11 Apr 2024 10:34:06 +0000
ROA not before: Thu 11 Apr 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207467
IP address blocks: 185.65.72.0/22 maxlen: 24
185.65.74.0/24 maxlen: 24
185.65.75.0/24 maxlen: 24
2a03:1a20::/48 maxlen: 48
2a03:1a20:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:b8:cc:43:95:56:2b:7e:83:63:71:67:b8:4a:c7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Validity
Not Before: Apr 11 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54dcb8defb7302e196e4fd3ba22afebfa788ce33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:07:e4:4a:be:ed:7a:a8:c0:fa:f3:c8:c8:e9:
6d:62:12:84:b3:07:a8:4c:1d:8b:72:72:46:4a:ca:
60:50:7e:bb:9e:93:74:0e:78:fb:e4:ed:57:36:59:
78:b8:c7:3f:d9:e7:c4:6e:1a:bb:a4:11:ec:1a:48:
2d:cb:2b:7c:ff:b4:ca:ca:2c:5b:3b:21:a3:cf:28:
df:af:99:5a:c6:c3:75:04:71:a9:bb:25:5e:ce:db:
57:be:66:a8:5f:90:81:9b:67:28:d8:8c:31:09:52:
3d:05:99:3f:44:5d:d5:33:55:5a:8c:23:46:aa:e4:
8a:f1:27:50:33:ea:b8:a2:f4:be:1d:cd:c0:27:ef:
b7:b2:04:b6:54:02:de:16:e3:1e:4c:fe:9a:ae:6e:
2a:9e:8c:34:a3:53:94:ff:75:31:60:53:96:af:44:
4d:a4:41:09:ca:bb:99:a8:ef:2e:6f:2d:c1:18:55:
c0:a4:d9:56:6e:ef:e0:8c:cf:2a:dd:bf:d5:e0:21:
f9:76:ea:88:7a:92:78:8c:63:5d:00:42:92:0b:20:
b2:a1:22:c5:55:c4:05:95:c1:93:2d:cd:9b:fb:08:
e7:f3:44:a3:a2:54:a6:1c:9b:6f:fe:0e:07:21:93:
a6:70:d5:02:c6:c1:64:5e:1b:99:52:62:72:42:14:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DC:B8:DE:FB:73:02:E1:96:E4:FD:3B:A2:2A:FE:BF:A7:88:CE:33
X509v3 Authority Key Identifier:
keyid:5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/VNy43vtzAuGW5P07oir-v6eIzjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.72.0/22
IPv6:
2a03:1a20::/48
2a03:1a20:10::/48
Signature Algorithm: sha256WithRSAEncryption
7b:8c:d0:73:db:e6:9f:ac:3f:a1:a5:2b:24:9e:0c:b2:23:92:
22:4a:9d:7f:e5:8d:be:30:10:76:b7:57:63:1a:5a:11:2c:d0:
25:84:09:8b:f2:a5:f6:a8:6b:5c:f9:1f:3b:61:87:ca:e9:7c:
03:d9:76:da:8f:40:da:a6:6b:1c:9b:6b:ff:e4:9d:15:d7:d7:
28:6c:f6:a0:bf:7b:36:c7:b9:c0:12:12:5d:94:ba:ea:6a:d6:
14:62:2b:c3:fb:a2:93:84:5f:1b:c9:b1:b6:38:bc:e5:f2:c5:
2b:07:92:d1:b7:19:23:02:fa:8a:1b:67:f7:c8:a6:d4:82:31:
e1:e1:3b:b3:22:7d:fe:c7:87:4d:0d:87:cb:b4:0b:a1:8a:fc:
aa:86:cf:92:ad:29:92:18:7c:79:51:cb:83:fc:19:b2:ed:59:
0e:05:90:a1:32:7c:d2:c1:68:10:c1:52:60:6b:75:e2:8e:d4:
57:76:0b:31:34:9b:bb:c5:45:8d:09:f1:2e:51:f0:c0:1b:ef:
e4:a7:82:a9:ef:fb:71:4a:0b:fc:33:34:25:82:99:39:73:dd:
c2:ad:f6:46:a7:7f:f9:fe:c1:53:dd:e3:fd:32:de:c8:10:5c:
6d:df:09:82:47:16:43:24:11:74:78:22:72:9f:2c:89:9e:e7:
d0:38:ef:fa
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY7MuMxDlVYrfoNjcWe4SscPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2JiODQ4OTE2NTFmMjAzOWNkODFiMGI2MDkxMmY3YzBl
NWNmOTYwHhcNMjQwNDExMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRjYjhkZWZiNzMwMmUxOTZlNGZkM2JhMjJhZmViZmE3ODhjZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAfkSr7teqjA+vPIyOltYhKEsweo
TB2LcnJGSspgUH67npN0Dnj75O1XNll4uMc/2efEbhq7pBHsGkgtyyt8/7TKyixb
OyGjzyjfr5laxsN1BHGpuyVezttXvmaoX5CBm2co2IwxCVI9BZk/RF3VM1VajCNG
quSK8SdQM+q4ovS+Hc3AJ++3sgS2VALeFuMeTP6arm4qnow0o1OU/3UxYFOWr0RN
pEEJyruZqO8uby3BGFXApNlWbu/gjM8q3b/V4CH5duqIepJ4jGNdAEKSCyCyoSLF
VcQFlcGTLc2b+wjn80SjolSmHJtv/g4HIZOmcNUCxsFkXhuZUmJyQhQi9QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFTcuN77cwLhluT9O6Iq/r+niM4zMB8GA1UdIwQY
MBaAFF07uEiRZR8gOc2BsLYJEvfA5c+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4Njkt
NGY4YzYzOGE3MmUxLzEvVk55NDN2dHpBdUdXNVAwN29pci12NmVJempNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4NjktNGY4YzYzOGE3MmUx
LzEvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuUFIMBgE
AgACMBIDBwAqAxogAAADBwAqAxogABAwDQYJKoZIhvcNAQELBQADggEBAHuM0HPb
5p+sP6GlKySeDLIjkiJKnX/ljb4wEHa3V2MaWhEs0CWECYvypfaoa1z5Hzthh8rp
fAPZdtqPQNqmaxyba//knRXX1yhs9qC/ezbHucASEl2Uuupq1hRiK8P7opOEXxvJ
sbY4vOXyxSsHktG3GSMC+oobZ/fIptSCMeHhO7Miff7Hh00Nh8u0C6GK/KqGz5Kt
KZIYfHlRy4P8GbLtWQ4FkKEyfNLBaBDBUmBrdeKO1Fd2CzE0m7vFRY0J8S5R8MAb
7+Sngqnv+3FKC/wzNCWCmTlz3cKt9kanf/n+wVPd4/0y3sgQXG3fCYJHFkMkEXR4
InKfLIme59A47/o=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:04:33 2024 by rpki-client on console-fra.rpki-client.org