Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/_VVt4OfdWGBs-jce3dtU-jGfKTY.roa
File: _VVt4OfdWGBs-jce3dtU-jGfKTY.roa (raw, json)
Hash identifier: fEnri8C9TJ4wmIOHMUbqYdb4TUqJNQunbXCa8VppDek=
Subject key identifier: FD:55:6D:E0:E7:DD:58:60:6C:FA:37:1E:DD:DB:54:FA:31:9F:29:36
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 018CC56EBD6886961185FCB5DE10CF9FA8F7
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/_VVt4OfdWGBs-jce3dtU-jGfKTY.roa
Signing time: Mon 01 Jan 2024 14:30:18 +0000
ROA not before: Mon 01 Jan 2024 14:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204296
IP address blocks: 185.254.60.0/23 maxlen: 23
185.254.63.0/24 maxlen: 24
185.254.62.0/24 maxlen: 24
2a0c:4840::/29 maxlen: 29
2a0c:4847:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:bd:68:86:96:11:85:fc:b5:de:10:cf:9f:a8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Jan 1 14:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd556de0e7dd58606cfa371edddb54fa319f2936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ff:1b:62:b9:b5:0e:61:9d:56:16:12:9b:f7:
4a:70:72:6d:10:d3:8b:b1:76:32:c7:0a:12:7e:f7:
e7:a2:1a:dd:81:c0:65:86:14:1c:66:28:86:a6:46:
e1:f2:1e:e2:7d:a0:aa:ab:a4:43:61:77:e2:b8:88:
c7:81:16:3a:fd:f0:6d:1c:1b:2a:7b:9b:c0:14:bd:
bf:33:9f:6f:4d:db:40:d9:19:33:1a:98:d0:06:92:
61:0f:6f:86:58:32:a7:65:18:2b:c9:98:39:fb:e0:
85:61:7e:bc:5d:b3:2e:4d:5b:6d:fe:44:43:e7:56:
fb:11:e8:bb:da:52:9b:1c:85:5f:f7:f8:49:38:fa:
ab:cc:0a:9f:07:b7:6b:a0:68:21:18:be:55:4a:6e:
49:bc:be:45:0b:10:25:be:6c:5d:70:f3:94:c3:f3:
b9:01:4c:95:fd:e5:48:3c:e5:10:be:f1:81:b8:3b:
8c:2f:b9:23:c9:08:07:a5:29:c7:c9:d0:26:d5:8e:
4f:29:33:c3:14:1e:d2:c4:56:59:be:b6:1f:90:d2:
b3:c9:69:92:56:c9:e5:6c:da:40:63:10:ea:6f:34:
a3:73:06:d6:3d:43:e5:cc:ef:e5:82:2b:f8:e9:b3:
54:70:9b:41:38:0d:5d:56:9a:1f:19:72:54:70:4b:
b5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:55:6D:E0:E7:DD:58:60:6C:FA:37:1E:DD:DB:54:FA:31:9F:29:36
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/_VVt4OfdWGBs-jce3dtU-jGfKTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.60.0/22
IPv6:
2a0c:4840::/29
Signature Algorithm: sha256WithRSAEncryption
5c:4f:56:b5:80:09:5a:13:3e:7f:09:bc:e2:57:f8:5a:d1:17:
56:16:02:d4:14:1d:f6:79:1d:dc:16:24:7f:6d:af:2d:70:a3:
94:f7:57:5b:57:c0:72:65:31:41:ab:a3:26:e2:dd:19:d8:fd:
93:02:5b:7a:c3:7c:e2:8a:42:35:ff:6a:49:64:d6:e0:11:cc:
59:79:71:a8:9c:b0:65:98:d2:d4:7c:57:4f:22:88:5c:eb:d3:
6a:6c:0b:09:bc:a7:e7:fa:21:f0:ba:a5:6c:5b:f7:5f:ee:3b:
c8:a9:78:19:8f:55:cc:7f:ee:df:e8:df:c7:91:6d:5c:4f:07:
56:d2:9e:cc:64:b4:02:e7:b1:48:df:c1:03:37:41:6f:2d:8d:
d7:76:35:6d:33:23:e0:60:83:16:8b:6f:70:18:2f:3a:78:b7:
5c:9c:0b:46:2a:9f:f9:f4:a4:5c:1e:82:9b:47:64:43:9d:74:
c0:2e:d7:71:9e:41:55:7e:cc:0f:6c:80:95:07:8d:02:43:b8:
b3:78:a7:60:39:13:d2:1d:4b:53:7a:96:d8:3c:fb:7b:c1:14:
66:d0:c3:31:81:49:a6:de:39:e5:3a:11:b0:66:fb:3f:b1:52:
b2:01:cb:0a:78:f3:ab:47:79:80:40:de:6b:1a:4b:61:e2:f5:
d4:1a:fa:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbr1ohpYRhfy13hDPn6j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjQwMTAxMTQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDU1NmRlMGU3ZGQ1ODYwNmNmYTM3MWVkZGRiNTRmYTMxOWYyOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/8bYrm1DmGdVhYSm/dKcHJtENOL
sXYyxwoSfvfnohrdgcBlhhQcZiiGpkbh8h7ifaCqq6RDYXfiuIjHgRY6/fBtHBsq
e5vAFL2/M59vTdtA2RkzGpjQBpJhD2+GWDKnZRgryZg5++CFYX68XbMuTVtt/kRD
51b7Eei72lKbHIVf9/hJOPqrzAqfB7droGghGL5VSm5JvL5FCxAlvmxdcPOUw/O5
AUyV/eVIPOUQvvGBuDuML7kjyQgHpSnHydAm1Y5PKTPDFB7SxFZZvrYfkNKzyWmS
VsnlbNpAYxDqbzSjcwbWPUPlzO/lgiv46bNUcJtBOA1dVpofGXJUcEu1sQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP1VbeDn3VhgbPo3Ht3bVPoxnyk2MB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvX1ZWdDRPZmRXR0JzLWpjZTNkdFUtakdmS1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf48MA0E
AgACMAcDBQMqDEhAMA0GCSqGSIb3DQEBCwUAA4IBAQBcT1a1gAlaEz5/CbziV/ha
0RdWFgLUFB32eR3cFiR/ba8tcKOU91dbV8ByZTFBq6Mm4t0Z2P2TAlt6w3ziikI1
/2pJZNbgEcxZeXGonLBlmNLUfFdPIohc69NqbAsJvKfn+iHwuqVsW/df7jvIqXgZ
j1XMf+7f6N/HkW1cTwdW0p7MZLQC57FI38EDN0FvLY3XdjVtMyPgYIMWi29wGC86
eLdcnAtGKp/59KRcHoKbR2RDnXTALtdxnkFVfswPbICVB40CQ7izeKdgORPSHUtT
epbYPPt7wRRm0MMxgUmm3jnlOhGwZvs/sVKyAcsKePOrR3mAQN5rGkth4vXUGvoq
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:54 2024 by rpki-client on console-ams.rpki-client.org