Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/vEvCJ041PqxQiC2K-IRUIhLIPfY.roa
File: vEvCJ041PqxQiC2K-IRUIhLIPfY.roa (raw, json)
Hash identifier: qIE56ba12nakwsN4RlabWe8o+go5uSJkD6B0ixjjmDw=
Subject key identifier: BC:4B:C2:27:4E:35:3E:AC:50:88:2D:8A:F8:84:54:22:12:C8:3D:F6
Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Certificate serial: 018D73FDD42C968F658CDE57D040D8FBB3DC
Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/vEvCJ041PqxQiC2K-IRUIhLIPfY.roa
Signing time: Sun 04 Feb 2024 12:00:31 +0000
ROA not before: Sun 04 Feb 2024 12:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39602
IP address blocks: 109.71.76.0/24 maxlen: 24
195.210.38.0/23 maxlen: 23
195.210.38.0/24 maxlen: 24
195.210.39.0/24 maxlen: 24
2001:678:900::/48 maxlen: 48
2a0c:3340::/29 maxlen: 29
2a0c:3340:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:fd:d4:2c:96:8f:65:8c:de:57:d0:40:d8:fb:b3:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Validity
Not Before: Feb 4 12:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc4bc2274e353eac50882d8af884542212c83df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8d:d3:5a:06:4d:46:a9:71:3b:93:4c:bf:4d:
26:bc:53:35:28:87:5b:bc:08:ee:e0:bb:10:46:e0:
48:08:23:32:b5:e5:0e:0c:b6:b7:5d:e6:61:9b:72:
13:5d:8e:4d:e6:c1:4a:ad:7e:db:c2:b9:8d:d1:0a:
a8:97:cc:41:65:bf:42:cf:b6:02:48:4d:2b:a5:fb:
e0:79:9d:6e:d3:fb:8b:8f:08:36:0c:77:c6:e8:53:
7f:2b:b6:b1:46:e7:f1:86:3a:d2:f3:a3:2a:2c:6d:
b6:74:48:cb:15:b0:5f:2e:67:16:9f:8f:56:e2:c8:
89:be:a7:cf:00:df:3d:5f:3a:ef:ae:13:b8:00:d3:
96:bf:6f:98:4b:45:2c:a7:96:46:f9:a8:eb:fe:77:
1f:ea:de:98:43:c4:b4:2a:90:3b:c2:2a:da:0d:18:
f4:d2:28:50:d6:ba:e8:f1:17:ae:09:b0:d3:01:78:
72:86:2b:22:db:57:78:e1:6a:19:54:d5:94:3a:6d:
72:29:98:fb:f3:55:4e:f5:b3:4d:79:bc:28:ca:53:
61:60:3e:15:f2:29:3b:6b:f0:6c:66:d3:c9:de:67:
54:90:a0:8e:08:b8:b8:bc:96:e6:c6:75:d6:db:d9:
a0:e4:4f:a2:0c:2c:99:0d:fb:7e:2d:64:12:c9:25:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:4B:C2:27:4E:35:3E:AC:50:88:2D:8A:F8:84:54:22:12:C8:3D:F6
X509v3 Authority Key Identifier:
keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/vEvCJ041PqxQiC2K-IRUIhLIPfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.76.0/24
195.210.38.0/23
IPv6:
2001:678:900::/48
2a0c:3340::/29
Signature Algorithm: sha256WithRSAEncryption
1f:19:ca:e1:71:36:b9:37:8a:47:2a:bb:5f:d3:ec:3b:c4:5a:
20:71:85:d3:08:62:a5:dc:66:2d:7e:2c:ec:9b:6e:2c:67:ea:
be:95:46:85:d5:a1:92:49:5b:45:c1:2a:7c:7b:8a:f7:87:35:
f2:36:ac:43:07:b6:74:60:dc:43:1f:a3:5c:f7:85:18:a0:a7:
c4:b8:f9:04:14:62:93:57:ea:c8:c2:4c:4c:14:02:80:2d:ce:
0d:40:19:8a:ac:29:90:e7:2c:34:f4:29:74:b2:a7:cf:58:79:
1d:73:c9:64:3c:22:36:7e:ce:38:1a:af:b6:59:6e:4b:8d:b9:
a2:70:35:1f:39:78:cd:03:1c:77:f2:cc:d3:29:1f:1a:ea:d6:
98:ac:96:8f:3d:ef:dc:00:41:80:c9:65:40:61:b8:1f:48:c4:
11:83:42:8c:40:be:94:35:4e:04:47:90:b0:db:2b:5b:48:72:
00:a2:67:ad:af:ca:10:0e:7a:7a:f2:83:b9:6a:7d:26:68:4c:
61:5c:be:18:be:52:44:f1:69:e2:da:42:60:b0:72:5f:d0:38:
c8:39:c3:07:b1:e2:e0:5b:81:7c:67:3f:a9:bc:51:01:42:ef:
84:16:49:6a:1b:ac:84:f0:a7:90:86:31:aa:a3:8f:1b:3c:a8:
f1:e7:e2:23
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1z/dQslo9ljN5X0EDY+7PcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOGQ1ODE0YzcxNTY0MjBkZWMzYTNmN2U1MjZlZjBmODMz
M2VlZjYwHhcNMjQwMjA0MTIwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzRiYzIyNzRlMzUzZWFjNTA4ODJkOGFmODg0NTQyMjEyYzgzZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y3TWgZNRqlxO5NMv00mvFM1KIdb
vAju4LsQRuBICCMyteUODLa3XeZhm3ITXY5N5sFKrX7bwrmN0Qqol8xBZb9Cz7YC
SE0rpfvgeZ1u0/uLjwg2DHfG6FN/K7axRufxhjrS86MqLG22dEjLFbBfLmcWn49W
4siJvqfPAN89XzrvrhO4ANOWv2+YS0Usp5ZG+ajr/ncf6t6YQ8S0KpA7wiraDRj0
0ihQ1rro8ReuCbDTAXhyhisi21d44WoZVNWUOm1yKZj781VO9bNNebwoylNhYD4V
8ik7a/BsZtPJ3mdUkKCOCLi4vJbmxnXW29mg5E+iDCyZDft+LWQSySVb5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLxLwidONT6sUIgtiviEVCISyD32MB8GA1UdIwQY
MBaAFFKNWBTHFWQg3sOj9+Um7w+DM+72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgt
NDMxYzM5YmI3YjM4LzEvdkV2Q0owNDFQcXhRaUMySy1JUlVJaExJUGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgtNDMxYzM5YmI3YjM4
LzEvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbUdMAwQB
w9ImMBYEAgACMBADBwAgAQZ4CQADBQMqDDNAMA0GCSqGSIb3DQEBCwUAA4IBAQAf
GcrhcTa5N4pHKrtf0+w7xFogcYXTCGKl3GYtfizsm24sZ+q+lUaF1aGSSVtFwSp8
e4r3hzXyNqxDB7Z0YNxDH6Nc94UYoKfEuPkEFGKTV+rIwkxMFAKALc4NQBmKrCmQ
5yw09Cl0sqfPWHkdc8lkPCI2fs44Gq+2WW5LjbmicDUfOXjNAxx38szTKR8a6taY
rJaPPe/cAEGAyWVAYbgfSMQRg0KMQL6UNU4ER5Cw2ytbSHIAometr8oQDnp68oO5
an0maExhXL4YvlJE8Wni2kJgsHJf0DjIOcMHseLgW4F8Zz+pvFEBQu+EFklqG6yE
8KeQhjGqo48bPKjx5+Ij
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:57:01 2024 by rpki-client on console-ams.rpki-client.org