Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/VHOT8N1rUACnd-kE_874qgzDAIA.roa
File: VHOT8N1rUACnd-kE_874qgzDAIA.roa (raw, json)
Hash identifier: jYp8EGieeq/8hSMQgI30vpx/6oGR3Q2FPKtYxnXjXGE=
Subject key identifier: 54:73:93:F0:DD:6B:50:00:A7:77:E9:04:FF:CE:F8:AA:0C:C3:00:80
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01918E9CBE221B71AB2A3AB1C2469C947711
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/VHOT8N1rUACnd-kE_874qgzDAIA.roa
Signing time: Mon 26 Aug 2024 12:15:22 +0000
ROA not before: Mon 26 Aug 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 107.150.169.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
185.203.149.0/24 maxlen: 24
185.203.150.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Sep 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:9c:be:22:1b:71:ab:2a:3a:b1:c2:46:9c:94:77:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 26 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=547393f0dd6b5000a777e904ffcef8aa0cc30080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f7:89:2c:ad:6e:6a:87:c1:64:36:e1:14:40:
84:00:99:34:b5:b5:96:2a:3c:67:a2:e3:e5:70:0d:
20:68:05:c7:9a:bc:b8:1b:5e:5a:bf:3a:81:39:0c:
0e:da:98:91:fd:cc:d6:ee:d5:dd:14:d3:67:a7:5a:
9d:7e:93:ba:c9:0f:29:b0:80:62:dc:31:c5:46:e8:
d0:2b:43:47:26:c0:42:39:57:34:36:7c:82:b4:1f:
c4:47:0a:a8:78:99:39:32:be:64:0e:7c:95:ed:b9:
6a:60:37:e7:e3:08:ab:f7:6f:d6:28:64:ae:55:08:
c3:17:f9:62:af:74:f1:54:e7:29:03:62:9e:3e:29:
7e:8f:31:07:df:f5:9e:5d:67:55:61:eb:94:4e:2f:
15:db:93:30:4c:09:82:34:32:f1:c3:af:e1:36:f1:
b6:1a:a2:5e:33:0b:12:b0:81:10:1d:2f:45:47:5b:
33:e0:4d:39:57:c7:1a:f2:fa:36:f9:2f:5e:d3:65:
0b:51:31:ee:7d:25:7b:0b:19:5c:ff:61:ad:60:dd:
e8:45:dd:bd:78:f9:0a:f3:8a:73:f2:04:21:9e:f7:
ee:fa:4c:3f:a3:63:d2:94:fc:7e:2d:4e:f9:2b:a3:
43:7a:5d:e0:76:67:16:68:79:80:28:6e:33:ea:15:
b9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:73:93:F0:DD:6B:50:00:A7:77:E9:04:FF:CE:F8:AA:0C:C3:00:80
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/VHOT8N1rUACnd-kE_874qgzDAIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.169.0/24
107.150.173.0/24
162.218.177.0-162.218.178.255
167.160.1.0-167.160.2.255
185.192.213.0-185.192.214.255
185.203.149.0-185.203.150.255
185.212.173.0-185.212.174.255
Signature Algorithm: sha256WithRSAEncryption
00:52:bc:18:5a:73:4f:27:44:dc:c2:b2:9e:6b:18:e3:a9:17:
01:4c:50:16:ab:74:13:f0:9d:ac:96:26:c3:2d:b8:20:5e:e1:
37:a4:ec:86:04:05:98:98:f3:68:05:79:c7:b4:4e:98:fe:e6:
a3:74:8f:5c:d9:7f:a7:6c:81:f8:9f:5f:8d:f8:56:fa:3c:2f:
1f:1e:36:f7:b3:b5:cb:f4:7e:75:42:3a:db:0e:f6:e7:ad:71:
99:78:d2:20:cf:3c:3d:e9:05:9d:30:a2:fd:15:ce:f4:7c:57:
5f:66:e5:cc:aa:ef:21:9c:da:31:b5:c8:45:aa:84:30:4a:8c:
1f:c1:61:a7:2f:a6:eb:1b:46:49:ca:24:7d:3c:7b:22:d6:24:
1d:6f:78:46:8f:be:bf:47:86:81:d4:2e:0a:cb:ef:20:02:31:
89:4d:78:9b:56:60:6b:51:0d:b6:35:7c:7f:c5:26:4a:07:bf:
dc:96:1c:f2:aa:fe:be:84:4c:2c:c4:a9:a3:43:8b:d8:9b:9d:
43:84:b0:37:6c:ad:ea:ee:09:4c:45:43:e9:94:a5:ab:12:9c:
1a:21:e5:d5:52:2e:20:e9:22:62:8a:e5:fa:6e:f6:6d:70:c9:
5a:97:43:73:5f:dd:e4:49:13:1e:76:56:f1:b3:55:d6:8d:16:
9c:db:cb:1c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZGOnL4iG3GrKjqxwkaclHcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwODI2MTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDczOTNmMGRkNmI1MDAwYTc3N2U5MDRmZmNlZjhhYTBjYzMwMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/eJLK1uaofBZDbhFECEAJk0tbWW
KjxnouPlcA0gaAXHmry4G15avzqBOQwO2piR/czW7tXdFNNnp1qdfpO6yQ8psIBi
3DHFRujQK0NHJsBCOVc0NnyCtB/ERwqoeJk5Mr5kDnyV7blqYDfn4wir92/WKGSu
VQjDF/lir3TxVOcpA2KePil+jzEH3/WeXWdVYeuUTi8V25MwTAmCNDLxw6/hNvG2
GqJeMwsSsIEQHS9FR1sz4E05V8ca8vo2+S9e02ULUTHufSV7Cxlc/2GtYN3oRd29
ePkK84pz8gQhnvfu+kw/o2PSlPx+LU75K6NDel3gdmcWaHmAKG4z6hW5FQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFRzk/Dda1AAp3fpBP/O+KoMwwCAMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvVkhPVDhOMXJVQUNuZC1rRV84NzRxZ3pEQUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAa5apAwQA
a5atMAwDBACi2rEDBACi2rIwDAMEAKegAQMEAKegAjAMAwQAucDVAwQAucDWMAwD
BAC5y5UDBAC5y5YwDAMEALnUrQMEALnUrjANBgkqhkiG9w0BAQsFAAOCAQEAAFK8
GFpzTydE3MKynmsY46kXAUxQFqt0E/CdrJYmwy24IF7hN6TshgQFmJjzaAV5x7RO
mP7mo3SPXNl/p2yB+J9fjfhW+jwvHx4297O1y/R+dUI62w72561xmXjSIM88PekF
nTCi/RXO9HxXX2blzKrvIZzaMbXIRaqEMEqMH8Fhpy+m6xtGScokfTx7ItYkHW94
Ro++v0eGgdQuCsvvIAIxiU14m1Zga1ENtjV8f8UmSge/3JYc8qr+voRMLMSpo0OL
2JudQ4SwN2yt6u4JTEVD6ZSlqxKcGiHl1VIuIOkiYorl+m72bXDJWpdDc1/d5EkT
HnZW8bNV1o0WnNvLHA==
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:31:44 2024 by rpki-client on console-ams.rpki-client.org