Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/ozEKQpICeXkk2-av-rW0I-ZdX10.roa
File: ozEKQpICeXkk2-av-rW0I-ZdX10.roa (raw, json)
Hash identifier: Wgje6a7bQj1JUVOlzZVaQ8BsEN904dAb0tPjqUV4u+g=
Subject key identifier: A3:31:0A:42:92:02:79:79:24:DB:E6:AF:FA:B5:B4:23:E6:5D:5F:5D
Certificate issuer: /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial: 018CFD4F483F7BBD20ADD5EDA186AF9F5BDC
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/ozEKQpICeXkk2-av-rW0I-ZdX10.roa
Signing time: Fri 12 Jan 2024 10:54:40 +0000
ROA not before: Fri 12 Jan 2024 10:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.189.181.0/24 maxlen: 24
185.189.183.0/24 maxlen: 24
185.189.182.0/24 maxlen: 24
2a0b:f380:3e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:4f:48:3f:7b:bd:20:ad:d5:ed:a1:86:af:9f:5b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Validity
Not Before: Jan 12 10:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3310a429202797924dbe6affab5b423e65d5f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:e1:77:ac:35:c1:45:81:17:0b:b8:d5:72:
06:40:eb:b2:e4:1d:5d:6b:f5:69:41:97:c1:b2:ea:
f4:77:9b:cc:93:ef:32:50:07:a0:90:f7:dc:fd:a0:
1c:fb:6a:67:28:f2:b6:b6:d5:ec:95:89:2d:4d:e2:
f0:85:e4:8c:ff:0e:f6:fd:87:7a:ef:e2:dc:d1:6d:
2d:f7:b2:cb:ae:d7:15:c3:a2:e3:8f:47:12:12:11:
da:ce:ec:52:a4:f9:9f:33:63:aa:d3:3b:e7:a9:0c:
c8:76:44:97:22:a0:2f:31:3d:56:2e:2e:db:ad:00:
78:40:4a:3a:e0:9b:d7:a4:70:ea:42:bc:38:e4:df:
62:3c:e4:31:3f:8c:62:70:19:87:64:22:4c:24:f4:
d5:77:70:cb:f5:9b:e1:e3:2f:84:76:db:46:d5:ef:
41:9e:2b:c8:3b:a9:78:69:4f:90:75:b1:86:d4:35:
d1:1e:42:2f:05:f8:da:46:64:ae:a5:97:1c:28:ce:
a5:66:f3:c4:37:7d:b0:8b:c1:cb:04:e6:7e:ef:1c:
3d:1f:2e:c9:58:43:c2:01:8d:97:9b:64:71:ce:dc:
af:5b:05:1e:bd:d4:db:d8:38:fa:b2:8d:6e:c3:25:
73:01:76:df:6d:c9:49:09:20:ed:ca:be:56:ca:02:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:31:0A:42:92:02:79:79:24:DB:E6:AF:FA:B5:B4:23:E6:5D:5F:5D
X509v3 Authority Key Identifier:
keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/ozEKQpICeXkk2-av-rW0I-ZdX10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.181.0-185.189.183.255
IPv6:
2a0b:f380:3e8::/48
Signature Algorithm: sha256WithRSAEncryption
47:ac:47:c9:43:da:6a:6a:64:af:b8:60:03:50:c6:9a:ab:a2:
35:c0:e6:d6:d7:62:8b:eb:5d:9b:d1:d3:9c:18:d4:c3:fb:a1:
e6:42:43:2f:77:8e:56:72:79:87:b3:61:ba:65:79:ae:5d:78:
a4:9d:99:15:fc:23:2f:16:fa:69:49:56:ca:57:c6:b4:fe:69:
47:d1:4f:da:41:27:98:d9:11:0b:b7:47:68:76:ce:2d:ee:5f:
c5:1f:cc:45:4b:4d:96:53:1c:2c:45:a5:54:46:14:6e:9b:bb:
e0:f0:d2:ba:a1:b9:aa:a6:53:52:aa:a5:d5:05:6e:6c:dd:66:
18:7b:d4:bb:90:26:61:24:61:4d:43:e8:be:79:93:7c:5a:f3:
2f:14:77:46:a2:0b:cd:51:7e:49:11:98:df:7c:4c:84:28:a4:
b1:b9:74:37:df:b3:c3:25:14:ba:89:3c:b8:d4:07:99:33:34:
32:ae:80:53:2f:14:0f:7b:0b:a7:72:7c:34:ac:c8:13:2e:f5:
d9:c5:3b:9b:d6:61:4c:cb:6b:1a:93:e9:1e:12:1a:51:fa:a8:
dc:94:ab:41:11:e5:0e:7e:d7:59:0e:ff:b1:92:61:a2:b7:18:
92:97:f4:55:9d:42:e1:e4:62:80:26:66:69:16:30:5c:70:67:
17:2b:10:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYz9T0g/e70grdXtoYavn1vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjQwMTEyMTA1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzMxMGE0MjkyMDI3OTc5MjRkYmU2YWZmYWI1YjQyM2U2NWQ1ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJPhd6w1wUWBFwu41XIGQOuy5B1d
a/VpQZfBsur0d5vMk+8yUAegkPfc/aAc+2pnKPK2ttXslYktTeLwheSM/w72/Yd6
7+Lc0W0t97LLrtcVw6Ljj0cSEhHazuxSpPmfM2Oq0zvnqQzIdkSXIqAvMT1WLi7b
rQB4QEo64JvXpHDqQrw45N9iPOQxP4xicBmHZCJMJPTVd3DL9Zvh4y+EdttG1e9B
nivIO6l4aU+QdbGG1DXRHkIvBfjaRmSupZccKM6lZvPEN32wi8HLBOZ+7xw9Hy7J
WEPCAY2Xm2RxztyvWwUevdTb2Dj6so1uwyVzAXbfbclJCSDtyr5WygLaMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMxCkKSAnl5JNvmr/q1tCPmXV9dMB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvb3pFS1FwSUNlWGtrMi1hdi1yVzBJLVpkWDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC5vbUD
BAO5vbAwDwQCAAIwCQMHACoL84AD6DANBgkqhkiG9w0BAQsFAAOCAQEAR6xHyUPa
ampkr7hgA1DGmquiNcDm1tdii+tdm9HTnBjUw/uh5kJDL3eOVnJ5h7NhumV5rl14
pJ2ZFfwjLxb6aUlWylfGtP5pR9FP2kEnmNkRC7dHaHbOLe5fxR/MRUtNllMcLEWl
VEYUbpu74PDSuqG5qqZTUqql1QVubN1mGHvUu5AmYSRhTUPovnmTfFrzLxR3RqIL
zVF+SRGY33xMhCiksbl0N9+zwyUUuok8uNQHmTM0Mq6AUy8UD3sLp3J8NKzIEy71
2cU7m9ZhTMtrGpPpHhIaUfqo3JSrQRHlDn7XWQ7/sZJhorcYkpf0VZ1C4eRigCZm
aRYwXHBnFysQ6w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:56:59 2024 by rpki-client on console-ams.rpki-client.org