Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/dVOST6O78KqzBnGjM-NS0hfiJXw.roa
File: dVOST6O78KqzBnGjM-NS0hfiJXw.roa (raw, json)
Hash identifier: /T/OjMqxk41z+ZqWRGzZDhWGnahYhgVZvfs02azLeZY=
Subject key identifier: 75:53:92:4F:A3:BB:F0:AA:B3:06:71:A3:33:E3:52:D2:17:E2:25:7C
Certificate issuer: /CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Certificate serial: 018CC56EB529997E4BD1A02256B3DE8E8731
Authority key identifier: B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/dVOST6O78KqzBnGjM-NS0hfiJXw.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9085
IP address blocks: 212.180.128.0/17 maxlen: 17
185.53.124.0/22 maxlen: 22
212.75.96.0/19 maxlen: 19
2001:4c30::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.mft
rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b5:29:99:7e:4b:d1:a0:22:56:b3:de:8e:87:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7553924fa3bbf0aab30671a333e352d217e2257c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:86:bb:9c:c5:76:38:ec:25:14:2c:07:e9:6b:
ee:25:63:24:66:57:0a:59:95:8d:39:be:97:18:1d:
c9:6a:ff:dc:45:a4:37:49:d3:ee:95:16:73:3f:e5:
44:13:e4:16:0e:7d:a5:aa:19:12:eb:e4:f4:4c:2b:
53:4a:41:04:81:62:0f:2e:9f:9a:eb:f7:a1:56:ee:
79:7b:71:46:43:8c:24:10:ab:f1:49:b3:ba:8b:d4:
01:ca:0f:62:3b:ca:f9:ba:1f:ce:76:2d:f8:f8:07:
07:82:77:3a:ec:dd:8b:62:a9:66:1e:95:14:8b:62:
cb:81:b5:49:e9:b4:90:86:88:58:46:e7:01:67:8d:
9a:f6:35:8d:08:26:3c:27:1e:2f:36:11:2c:1c:0d:
a7:e9:ad:eb:ff:dd:cc:6a:5f:66:05:8c:eb:13:a4:
2c:29:95:42:c3:76:f6:7c:2b:81:22:1d:9a:d8:4f:
79:d0:ca:26:b7:b9:fa:f0:ae:d2:bd:8b:b6:4d:10:
96:fb:e4:ad:ed:6d:22:a9:67:04:e7:89:ee:11:63:
9f:63:e0:ed:91:d4:73:92:b6:89:53:ae:91:ac:65:
b4:71:6c:ce:fd:de:f2:70:cb:db:28:bb:6f:a1:1f:
e0:01:23:cd:eb:f4:9e:42:39:5e:ff:63:82:b6:10:
bf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:53:92:4F:A3:BB:F0:AA:B3:06:71:A3:33:E3:52:D2:17:E2:25:7C
X509v3 Authority Key Identifier:
keyid:B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/dVOST6O78KqzBnGjM-NS0hfiJXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.124.0/22
212.75.96.0/19
212.180.128.0/17
IPv6:
2001:4c30::/32
Signature Algorithm: sha256WithRSAEncryption
13:6e:a6:d2:2d:76:34:d3:e7:bb:e3:c0:f2:b6:8b:d5:25:dd:
ce:39:a7:80:e0:6b:0d:2c:b8:cd:c3:fe:6b:26:98:19:33:dc:
4d:a2:16:96:75:ee:66:39:b2:d1:04:16:a8:98:5d:96:2f:04:
b5:85:85:04:f7:46:72:62:f8:83:90:ea:63:55:9f:c8:21:08:
b5:d3:5e:0b:6a:67:f4:8b:82:98:98:fa:06:2a:6b:90:55:1a:
fd:f5:46:b0:63:3d:27:0e:3c:5d:73:1a:7f:4e:6b:14:d0:63:
8c:8e:c5:01:2b:f3:ab:63:bc:9f:62:76:87:fe:b2:93:d7:d7:
f4:6a:69:55:32:3e:e0:6d:b5:00:0c:5a:29:59:af:06:a4:c8:
87:96:14:11:aa:d7:38:17:63:77:ae:59:5f:ef:50:65:1f:c6:
ab:9f:4b:a6:22:9f:7c:6b:de:96:0b:b3:8a:34:7e:31:b3:4b:
50:07:3f:6b:f9:d5:9c:f8:99:52:2a:0b:01:6c:15:8f:de:2d:
31:a7:49:9b:3a:0e:1f:81:0c:ca:5e:77:38:c8:3d:eb:29:10:
64:e9:5e:23:da:40:77:39:37:37:36:98:c8:d1:c9:b6:11:b2:
d8:fb:a8:c0:f7:81:77:8a:d4:e3:f6:c1:d5:97:ed:6b:bd:c4:
ba:4e:d4:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbrUpmX5L0aAiVrPejocxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZjI3OTUzYWQ0NjkwYzA2OGZiNDBmOWYzNTYwMDMzNzli
YjYzZjgwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUzOTI0ZmEzYmJmMGFhYjMwNjcxYTMzM2UzNTJkMjE3ZTIyNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYa7nMV2OOwlFCwH6WvuJWMkZlcK
WZWNOb6XGB3Jav/cRaQ3SdPulRZzP+VEE+QWDn2lqhkS6+T0TCtTSkEEgWIPLp+a
6/ehVu55e3FGQ4wkEKvxSbO6i9QByg9iO8r5uh/Odi34+AcHgnc67N2LYqlmHpUU
i2LLgbVJ6bSQhohYRucBZ42a9jWNCCY8Jx4vNhEsHA2n6a3r/93Mal9mBYzrE6Qs
KZVCw3b2fCuBIh2a2E950Momt7n68K7SvYu2TRCW++St7W0iqWcE54nuEWOfY+Dt
kdRzkraJU66RrGW0cWzO/d7ycMvbKLtvoR/gASPN6/SeQjle/2OCthC/3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHVTkk+ju/CqswZxozPjUtIX4iV8MB8GA1UdIwQY
MBaAFLLyeVOtRpDAaPtA+fNWADN5u2P4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAt
ZmI0Y2YxMzdjMWU5LzEvZFZPU1Q2Tzc4S3F6Qm5Hak0tTlMwaGZpSlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAtZmI0Y2YxMzdjMWU5
LzEvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTV8AwQF
1EtgAwQH1LSAMA0EAgACMAcDBQAgAUwwMA0GCSqGSIb3DQEBCwUAA4IBAQATbqbS
LXY00+e748DytovVJd3OOaeA4GsNLLjNw/5rJpgZM9xNohaWde5mObLRBBaomF2W
LwS1hYUE90ZyYviDkOpjVZ/IIQi1014Lamf0i4KYmPoGKmuQVRr99UawYz0nDjxd
cxp/TmsU0GOMjsUBK/OrY7yfYnaH/rKT19f0amlVMj7gbbUADFopWa8GpMiHlhQR
qtc4F2N3rllf71BlH8arn0umIp98a96WC7OKNH4xs0tQBz9r+dWc+JlSKgsBbBWP
3i0xp0mbOg4fgQzKXnc4yD3rKRBk6V4j2kB3OTc3NpjI0cm2EbLY+6jA94F3itTj
9sHVl+1rvcS6TtSp
-----END CERTIFICATE-----
Generated at Mon Jun 3 01:36:13 2024 by rpki-client on console-fra.rpki-client.org