Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/VZdtk_lwzosLG9Qz5DbpRTXI24I.roa
File: VZdtk_lwzosLG9Qz5DbpRTXI24I.roa (raw, json)
Hash identifier: Pg0myaDyh8Zyl8y9qed2cqvxetLOSoiPun6D1M95ZlI=
Subject key identifier: 55:97:6D:93:F9:70:CE:8B:0B:1B:D4:33:E4:36:E9:45:35:C8:DB:82
Certificate issuer: /CN=9d3b3ff93b833735cacd652ce349fa323402432b
Certificate serial: 018CC9BC0DA1677A4CE45CC7F31159B114F3
Authority key identifier: 9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/VZdtk_lwzosLG9Qz5DbpRTXI24I.roa
Signing time: Tue 02 Jan 2024 10:33:13 +0000
ROA not before: Tue 02 Jan 2024 10:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 217.197.128.0/21 maxlen: 21
88.214.4.0/22 maxlen: 22
2a03:580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:0d:a1:67:7a:4c:e4:5c:c7:f3:11:59:b1:14:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3b3ff93b833735cacd652ce349fa323402432b
Validity
Not Before: Jan 2 10:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55976d93f970ce8b0b1bd433e436e94535c8db82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:43:f0:19:da:ab:ac:91:5c:c6:d0:a7:68:2a:
45:fd:5f:e2:5b:94:89:8b:1d:52:11:ec:49:46:f5:
31:64:9b:2d:7c:c1:40:36:77:71:7e:e9:e5:ce:99:
5a:42:8c:20:9b:29:9c:f0:1d:2b:73:89:e2:77:aa:
bb:2d:8f:c9:54:eb:c2:19:9b:2c:83:2e:14:d4:96:
53:a9:26:56:bd:9f:7b:15:e8:9c:33:51:1b:20:df:
b6:cc:30:9e:fd:27:43:93:41:dd:ec:ad:e6:d6:d7:
12:a4:8e:e1:74:39:00:8e:a3:b7:25:f0:ca:19:10:
1e:e8:4c:ad:5b:8f:73:d5:09:6c:ad:d0:6a:ad:f3:
f3:55:56:69:c8:70:57:e2:19:f0:bb:86:ce:9e:78:
3c:97:6c:c1:33:ab:5d:a1:08:90:40:78:ad:47:42:
56:2e:00:d6:b4:f8:1b:73:6f:17:61:08:16:3d:8b:
d6:48:e4:88:19:44:a8:83:73:f4:af:18:69:66:26:
34:45:c6:0f:62:e3:cf:65:46:31:b5:aa:74:0e:57:
f1:72:7a:47:10:7f:f0:ea:08:f3:95:32:a6:1a:c2:
7a:b8:e5:7f:0a:24:24:98:9d:4c:cd:40:4e:a1:51:
94:49:51:55:b4:b6:d3:9d:c4:7d:16:7d:b2:03:87:
7a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:97:6D:93:F9:70:CE:8B:0B:1B:D4:33:E4:36:E9:45:35:C8:DB:82
X509v3 Authority Key Identifier:
keyid:9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/VZdtk_lwzosLG9Qz5DbpRTXI24I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.4.0/22
217.197.128.0/21
IPv6:
2a03:580::/32
Signature Algorithm: sha256WithRSAEncryption
bc:51:a2:bd:fc:f4:58:4c:d0:e9:cd:d9:dd:c5:22:87:8d:b9:
67:b2:5f:5c:03:8e:1a:7d:a0:58:2f:7d:cc:4a:58:33:33:49:
f0:55:8b:f5:f6:a0:25:3d:0c:aa:9f:18:eb:9c:ab:c3:35:ee:
86:a7:ba:ab:11:aa:53:e2:22:20:80:e4:3d:ec:ff:89:4f:e4:
e4:c9:f3:59:e3:64:a7:f6:8e:8a:a4:29:1b:6e:26:e4:b8:16:
79:22:ba:92:a8:dc:c4:66:af:66:95:fb:1f:cd:59:38:4e:20:
17:e7:72:82:d4:66:ea:bc:f3:a1:3b:64:cf:de:a3:72:d7:81:
d1:0d:19:0b:a1:3f:58:e1:73:66:24:12:ea:1f:1b:c7:01:be:
21:05:2e:2f:3e:b5:b0:67:91:cb:e9:2f:89:07:fc:b1:85:4d:
d5:d5:f2:12:65:d9:a0:a3:56:35:c8:8d:4c:04:f3:9d:92:ed:
40:d4:7b:24:b4:0a:a4:ce:62:e0:b1:79:ac:2c:c3:23:3d:68:
c1:f5:ef:af:2a:48:5b:41:0e:39:14:07:6b:bb:20:33:ab:fa:
9d:1e:51:07:51:a7:da:e4:c5:20:77:39:f4:2f:9b:05:d8:5d:
b1:23:a4:5a:53:b1:a9:50:fd:b8:f3:4a:9f:0a:e2:ce:57:62:
db:4d:7a:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvA2hZ3pM5FzH8xFZsRTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkM2IzZmY5M2I4MzM3MzVjYWNkNjUyY2UzNDlmYTMyMzQw
MjQzMmIwHhcNMjQwMTAyMTAzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTk3NmQ5M2Y5NzBjZThiMGIxYmQ0MzNlNDM2ZTk0NTM1YzhkYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkPwGdqrrJFcxtCnaCpF/V/iW5SJ
ix1SEexJRvUxZJstfMFANndxfunlzplaQowgmymc8B0rc4nid6q7LY/JVOvCGZss
gy4U1JZTqSZWvZ97FeicM1EbIN+2zDCe/SdDk0Hd7K3m1tcSpI7hdDkAjqO3JfDK
GRAe6EytW49z1QlsrdBqrfPzVVZpyHBX4hnwu4bOnng8l2zBM6tdoQiQQHitR0JW
LgDWtPgbc28XYQgWPYvWSOSIGUSog3P0rxhpZiY0RcYPYuPPZUYxtap0DlfxcnpH
EH/w6gjzlTKmGsJ6uOV/CiQkmJ1MzUBOoVGUSVFVtLbTncR9Fn2yA4d6SQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFWXbZP5cM6LCxvUM+Q26UU1yNuCMB8GA1UdIwQY
MBaAFJ07P/k7gzc1ys1lLONJ+jI0AkMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUt
YzhjZWFiOGJjMDUwLzEvVlpkdGtfbHd6b3NMRzlRejVEYnBSVFhJMjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUtYzhjZWFiOGJjMDUw
LzEvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWNYEAwQD
2cWAMA0EAgACMAcDBQAqAwWAMA0GCSqGSIb3DQEBCwUAA4IBAQC8UaK9/PRYTNDp
zdndxSKHjblnsl9cA44afaBYL33MSlgzM0nwVYv19qAlPQyqnxjrnKvDNe6Gp7qr
EapT4iIggOQ97P+JT+TkyfNZ42Sn9o6KpCkbbibkuBZ5IrqSqNzEZq9mlfsfzVk4
TiAX53KC1GbqvPOhO2TP3qNy14HRDRkLoT9Y4XNmJBLqHxvHAb4hBS4vPrWwZ5HL
6S+JB/yxhU3V1fISZdmgo1Y1yI1MBPOdku1A1HsktAqkzmLgsXmsLMMjPWjB9e+v
KkhbQQ45FAdruyAzq/qdHlEHUafa5MUgdzn0L5sF2F2xI6RaU7GpUP2480qfCuLO
V2LbTXpC
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:16:26 2024 by rpki-client on console-ams.rpki-client.org