Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzEc6zd-bIUrextDHsxp5tqvoxs.roa
File: vzEc6zd-bIUrextDHsxp5tqvoxs.roa (raw, json)
Hash identifier: z4AxptDXXiq8t/BqE8bQ502O4gX2H9xaTB+82HNbtoU=
Subject key identifier: BF:31:1C:EB:37:7E:6C:85:2B:7B:1B:43:1E:CC:69:E6:DA:AF:A3:1B
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01913698E03B1F4D1907AFE78EC36381BED9
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzEc6zd-bIUrextDHsxp5tqvoxs.roa
Signing time: Fri 09 Aug 2024 10:04:34 +0000
ROA not before: Fri 09 Aug 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215623
IP address blocks: 5.42.213.0/24 maxlen: 24
185.248.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:98:e0:3b:1f:4d:19:07:af:e7:8e:c3:63:81:be:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 9 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf311ceb377e6c852b7b1b431ecc69e6daafa31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5b:a4:5e:b8:86:a4:33:59:1a:33:b2:2f:1c:
02:3d:84:bf:29:fa:e4:7c:d5:36:71:00:ba:2b:a0:
5e:2e:4a:6b:98:ff:8a:57:87:3b:a7:f5:fe:62:b4:
ab:10:8b:ed:60:2a:46:c4:92:6d:a4:43:a3:92:ee:
c5:0e:21:01:5b:1f:78:cf:9d:58:0c:8b:96:62:95:
c3:71:a8:a1:66:32:f6:1f:ec:20:72:d6:99:ae:02:
f5:de:82:e0:f1:00:38:1c:b0:08:06:7b:6e:1c:ae:
6a:19:31:21:a6:23:89:21:22:fa:ac:db:d7:db:32:
79:da:3e:39:bc:9a:e7:00:b3:d3:a4:23:b1:82:19:
7e:cf:12:89:01:b6:4b:66:77:2a:83:ae:bf:48:0e:
6f:8a:4b:76:26:fb:e3:c7:1a:3f:9c:5e:3e:66:76:
6f:11:0a:09:2e:a5:53:95:36:58:ee:92:46:ea:cc:
e8:a3:b4:36:52:de:b0:10:7f:92:c1:86:60:5a:ce:
70:9a:e8:76:1c:fe:b5:60:29:b2:6e:2c:1c:4b:72:
1c:79:62:8f:db:c1:ac:67:5c:db:de:95:87:68:34:
8a:75:37:a0:df:6c:35:e3:27:98:db:d7:8f:66:4e:
c3:a0:ae:2d:6a:90:5c:59:2b:52:5d:22:33:00:fb:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:31:1C:EB:37:7E:6C:85:2B:7B:1B:43:1E:CC:69:E6:DA:AF:A3:1B
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzEc6zd-bIUrextDHsxp5tqvoxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.213.0/24
185.248.27.0/24
Signature Algorithm: sha256WithRSAEncryption
26:cc:67:24:a4:4d:2f:12:d6:87:a8:ff:20:a9:f5:e0:7b:1d:
8d:37:4c:ff:72:27:51:f1:43:fe:c6:bf:7f:ec:55:2d:b1:0e:
5e:cf:2d:2f:2e:3e:f9:ad:12:d4:98:a2:69:4f:2f:e7:7b:f3:
ca:4c:ed:72:de:12:41:a6:4c:dd:73:c1:15:63:66:1f:f2:e6:
42:60:b6:e1:33:a7:26:03:a8:74:e6:63:dc:2a:26:93:43:f7:
5d:02:74:0e:d3:aa:56:7c:59:16:cf:d5:9a:8f:82:21:09:68:
2f:00:07:56:4b:01:61:90:1a:0c:42:d4:5c:64:cb:39:95:23:
6f:55:ac:a3:e7:48:7e:86:62:16:42:14:d9:82:0f:5a:ef:f6:
5c:61:82:7a:36:cd:0c:e0:89:93:4d:34:d4:7f:e0:50:56:bd:
c3:68:c1:4e:a8:5b:0f:4b:32:cc:90:47:32:e1:1b:8a:16:b6:
15:04:6b:83:fb:a6:0a:bf:2c:b8:bd:22:d1:ce:0d:4d:75:39:
72:41:ce:e0:bf:fc:0c:f3:82:4d:77:0e:4e:7d:37:ea:f1:cf:
bd:a0:87:9d:a3:5b:22:b0:a7:fb:9f:6d:91:be:fc:6b:ea:c0:
6c:79:93:b5:53:b6:f1:a6:66:57:82:b0:7a:80:b4:03:aa:a6:
ac:a5:7b:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZE2mOA7H00ZB6/njsNjgb7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA5MTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMxMWNlYjM3N2U2Yzg1MmI3YjFiNDMxZWNjNjllNmRhYWZhMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVukXriGpDNZGjOyLxwCPYS/Kfrk
fNU2cQC6K6BeLkprmP+KV4c7p/X+YrSrEIvtYCpGxJJtpEOjku7FDiEBWx94z51Y
DIuWYpXDcaihZjL2H+wgctaZrgL13oLg8QA4HLAIBntuHK5qGTEhpiOJISL6rNvX
2zJ52j45vJrnALPTpCOxghl+zxKJAbZLZncqg66/SA5vikt2Jvvjxxo/nF4+ZnZv
EQoJLqVTlTZY7pJG6szoo7Q2Ut6wEH+SwYZgWs5wmuh2HP61YCmybiwcS3IceWKP
28GsZ1zb3pWHaDSKdTeg32w14yeY29ePZk7DoK4tapBcWStSXSIzAPujWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8xHOs3fmyFK3sbQx7Maebar6MbMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdnpFYzZ6ZC1iSVVyZXh0REhzeHA1dHF2b3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSrVAwQA
ufgbMA0GCSqGSIb3DQEBCwUAA4IBAQAmzGckpE0vEtaHqP8gqfXgex2NN0z/cidR
8UP+xr9/7FUtsQ5ezy0vLj75rRLUmKJpTy/ne/PKTO1y3hJBpkzdc8EVY2Yf8uZC
YLbhM6cmA6h05mPcKiaTQ/ddAnQO06pWfFkWz9Waj4IhCWgvAAdWSwFhkBoMQtRc
ZMs5lSNvVayj50h+hmIWQhTZgg9a7/ZcYYJ6Ns0M4ImTTTTUf+BQVr3DaMFOqFsP
SzLMkEcy4RuKFrYVBGuD+6YKvyy4vSLRzg1NdTlyQc7gv/wM84JNdw5OfTfq8c+9
oIedo1sisKf7n22Rvvxr6sBseZO1U7bxpmZXgrB6gLQDqqaspXs6
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:03 2024 by rpki-client on console-ams.rpki-client.org