Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vSki5H5xYPnND3laqcWNYmQeSwY.roa
File: vSki5H5xYPnND3laqcWNYmQeSwY.roa (raw, json)
Hash identifier: AhuH4VJgFtbfomd7/AjjUCKF+gk/CH+YVdW6WNtfHiA=
Subject key identifier: BD:29:22:E4:7E:71:60:F9:CD:0F:79:5A:A9:C5:8D:62:64:1E:4B:06
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018D2D73AC903A4F344FD927CDD5723E138C
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vSki5H5xYPnND3laqcWNYmQeSwY.roa
Signing time: Sun 21 Jan 2024 19:16:11 +0000
ROA not before: Sun 21 Jan 2024 19:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2647
IP address blocks: 57.68.0.0/15 maxlen: 32
57.68.10.0/24 maxlen: 24
57.70.0.0/16 maxlen: 32
57.74.29.0/24 maxlen: 24
57.77.0.0/16 maxlen: 32
57.100.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ac:90:3a:4f:34:4f:d9:27:cd:d5:72:3e:13:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 21 19:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd2922e47e7160f9cd0f795aa9c58d62641e4b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:8e:a6:6a:a5:cd:f2:bf:33:f7:43:84:ba:
4c:80:a5:d7:ad:c0:48:53:29:0c:bd:34:a6:e5:a8:
d8:ee:6f:31:95:78:92:e2:25:cf:d5:d4:87:8b:8c:
57:86:6b:28:2b:57:ba:78:91:26:a1:54:e1:bd:32:
a1:f1:63:b4:41:c9:86:b6:7e:64:e1:da:ed:d3:6c:
da:01:23:43:7a:ed:01:94:d8:85:1d:61:56:fc:eb:
65:98:41:fd:ca:a4:35:0d:ea:41:9e:92:4f:4e:a6:
e3:a2:fc:3c:b4:59:18:a3:31:2e:08:e3:26:c4:25:
23:c5:c8:58:a9:68:43:d6:85:be:f8:02:85:97:aa:
2b:4e:d5:5e:29:4f:a4:17:8c:42:5a:f1:2e:07:2e:
97:7d:7f:8c:34:71:49:b2:82:a3:4c:df:85:2e:11:
3d:10:07:b1:a3:81:df:92:1f:d1:c2:b0:18:4c:45:
4b:bf:0b:4b:34:f5:a6:70:b8:60:cb:66:84:6d:06:
35:4c:60:e6:ff:be:bf:1c:9a:21:53:23:33:0c:7f:
5b:2f:b8:e9:dc:a6:53:98:1b:1d:6a:69:e6:8e:6b:
08:b6:a9:ad:fc:71:dc:96:77:9a:f3:e6:5f:17:1c:
c1:ba:fe:9f:74:88:c6:ba:69:a3:a0:13:5a:fd:4a:
5c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:29:22:E4:7E:71:60:F9:CD:0F:79:5A:A9:C5:8D:62:64:1E:4B:06
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/vSki5H5xYPnND3laqcWNYmQeSwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.74.29.0/24
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:e1:78:16:9d:2c:7d:07:c3:c8:c4:74:d9:15:f7:fe:77:6c:
42:8a:3c:87:ff:5d:d5:af:ad:09:4f:bf:e4:32:ea:1d:dc:ed:
2e:52:45:88:44:3d:c1:2d:1b:cb:a9:cc:91:f7:0a:6c:c3:39:
54:4d:49:9e:98:84:f6:b7:9d:98:8d:fb:9e:5d:0c:59:af:64:
dd:ec:62:51:fd:22:b7:a0:4a:04:b0:f4:5f:e7:18:36:35:21:
8c:8f:d8:44:7d:b5:2c:f3:81:9a:22:8c:22:8e:7b:b0:8e:65:
7e:4e:c0:9b:5b:5d:01:c0:73:a4:a2:1a:25:bd:43:60:83:ec:
c1:44:de:74:09:fb:7d:d9:4c:38:1f:7a:75:4d:ad:67:cb:c0:
1b:49:31:81:bc:c1:c2:05:7f:3d:9a:d0:05:9b:7d:60:93:f0:
97:34:0f:98:ac:9c:a1:cf:ca:ee:34:35:f1:7a:d6:69:02:2a:
e5:da:7e:13:5e:57:7c:69:a5:f4:a5:14:38:6d:e5:25:8e:03:
8a:14:6c:00:6b:20:30:e3:0e:10:ff:8f:8a:58:49:d1:9c:3e:
9b:7a:51:f8:48:8d:98:b6:97:ef:d0:b4:df:a2:75:11:12:c3:
84:43:1a:08:c5:de:38:35:ff:75:d6:b0:92:2f:0e:b8:97:75:
9f:d2:9c:e4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY0tc6yQOk80T9knzdVyPhOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTIxMTkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI5MjJlNDdlNzE2MGY5Y2QwZjc5NWFhOWM1OGQ2MjY0MWU0YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0OOpmqlzfK/M/dDhLpMgKXXrcBI
UykMvTSm5ajY7m8xlXiS4iXP1dSHi4xXhmsoK1e6eJEmoVThvTKh8WO0QcmGtn5k
4drt02zaASNDeu0BlNiFHWFW/OtlmEH9yqQ1DepBnpJPTqbjovw8tFkYozEuCOMm
xCUjxchYqWhD1oW++AKFl6orTtVeKU+kF4xCWvEuBy6XfX+MNHFJsoKjTN+FLhE9
EAexo4Hfkh/RwrAYTEVLvwtLNPWmcLhgy2aEbQY1TGDm/76/HJohUyMzDH9bL7jp
3KZTmBsdamnmjmsItqmt/HHclnea8+ZfFxzBuv6fdIjGummjoBNa/UpcGwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFL0pIuR+cWD5zQ95WqnFjWJkHksGMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvdlNraTVINXhZUG5ORDNsYXFjV05ZbVFlU3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAoDAwI5RAMD
ADlGAwQAOUodAwMAOU0DAwA5ZDANBgkqhkiG9w0BAQsFAAOCAQEAteF4Fp0sfQfD
yMR02RX3/ndsQoo8h/9d1a+tCU+/5DLqHdztLlJFiEQ9wS0by6nMkfcKbMM5VE1J
npiE9redmI37nl0MWa9k3exiUf0it6BKBLD0X+cYNjUhjI/YRH21LPOBmiKMIo57
sI5lfk7Am1tdAcBzpKIaJb1DYIPswUTedAn7fdlMOB96dU2tZ8vAG0kxgbzBwgV/
PZrQBZt9YJPwlzQPmKycoc/K7jQ18XrWaQIq5dp+E15XfGml9KUUOG3lJY4DihRs
AGsgMOMOEP+PilhJ0Zw+m3pR+EiNmLaX79C036J1ERLDhEMaCMXeODX/ddawki8O
uJd1n9Kc5A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:13 2024 by rpki-client on console-fra.rpki-client.org