Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/VnxZp18lTx-zfggj9PB6wfxzpiE.roa
File: VnxZp18lTx-zfggj9PB6wfxzpiE.roa (raw, json)
Hash identifier: T+14gpSkmj8LQ+6+29C9T4UTIQcTFyhm08dPRS1Y1RY=
Subject key identifier: 56:7C:59:A7:5F:25:4F:1F:B3:7E:08:23:F4:F0:7A:C1:FC:73:A6:21
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018CC94E1DBC2511C03320589D04E7520EF8
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/VnxZp18lTx-zfggj9PB6wfxzpiE.roa
Signing time: Tue 02 Jan 2024 08:33:09 +0000
ROA not before: Tue 02 Jan 2024 08:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1d:bc:25:11:c0:33:20:58:9d:04:e7:52:0e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jan 2 08:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=567c59a75f254f1fb37e0823f4f07ac1fc73a621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ae:a0:dc:10:a6:32:53:ab:e5:95:0e:31:05:
92:9e:0d:46:ff:0b:bd:da:a0:db:60:5f:1e:d3:e6:
c0:5a:55:9c:20:3d:83:3c:02:b4:81:6e:1f:61:2a:
8f:f9:2d:90:5a:5f:8f:5a:9f:97:55:a4:eb:98:0b:
08:ca:84:3d:c6:b4:e2:cd:22:a2:4c:1a:2d:88:54:
39:1f:25:34:74:94:f0:89:9a:2d:f9:63:82:98:18:
2a:30:8b:96:e1:0a:a2:6e:b2:6b:83:10:48:92:ee:
7d:87:d6:0c:8f:72:bb:3f:33:7a:2f:55:33:03:83:
cc:93:e5:ac:e0:2f:bb:62:c3:53:3f:19:1d:85:75:
87:ab:dc:73:04:b7:55:db:0c:0b:8e:25:53:ea:37:
95:6a:d7:39:01:50:01:1c:2b:48:e6:8a:8b:ef:b9:
db:7e:94:53:88:43:00:f1:ff:73:a3:56:b5:92:c9:
50:6b:c9:20:c8:62:e6:30:5c:b6:0c:11:59:5b:8d:
bf:58:ce:fc:0a:ab:8e:d5:6b:3f:ea:22:f8:76:2a:
35:2a:2e:05:d5:ce:ee:39:63:0b:3e:b3:95:6a:05:
0c:68:38:a1:f4:f1:e8:cd:28:8d:21:97:8e:bc:6f:
fc:df:3a:88:82:be:25:4e:67:79:bd:ab:26:0e:cf:
0b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7C:59:A7:5F:25:4F:1F:B3:7E:08:23:F4:F0:7A:C1:FC:73:A6:21
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/VnxZp18lTx-zfggj9PB6wfxzpiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.88.0/21
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:62:fc:a1:ee:bf:83:b8:29:78:85:35:bf:55:2a:72:4c:9b:
28:10:be:69:81:ac:9f:6c:98:ee:fe:6d:72:31:b7:2b:57:21:
2e:d1:42:09:33:bc:68:02:9a:d1:08:09:14:1d:c0:a8:99:96:
8a:b2:45:fc:d6:64:50:5a:1f:0c:77:a9:a6:f6:84:98:3f:1d:
81:65:b5:8d:4f:0f:54:5c:1d:a0:b5:6e:05:8f:d6:91:44:73:
e5:84:90:a2:18:0d:9d:86:93:1c:d6:19:c9:d4:c3:64:86:27:
e7:ce:36:6c:ef:39:9c:3f:5f:41:af:0f:5f:11:76:fe:cb:b9:
5a:f8:68:36:e3:a0:4c:16:dd:c6:3a:d2:85:8a:a9:e1:4d:bc:
9d:7f:f8:65:88:2b:15:27:e7:ee:96:d3:85:c8:1e:1e:9e:a6:
64:9e:d9:40:5f:c2:4c:ba:9c:c1:30:b5:90:4b:c9:e3:62:61:
ae:31:14:24:6f:a9:92:8e:63:4e:d7:61:fc:cd:6f:46:0f:4f:
75:ea:c8:56:e3:b3:a9:50:9c:d1:49:8d:1f:3b:3e:4d:cf:4d:
77:5c:1b:b8:21:57:f2:44:f0:60:53:e0:0d:04:fb:66:e1:2f:
0b:ae:20:72:14:a3:cd:f4:79:11:18:9a:b5:e5:44:a4:d7:dc:
3f:53:4c:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTh28JRHAMyBYnQTnUg74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjQwMTAyMDgzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdjNTlhNzVmMjU0ZjFmYjM3ZTA4MjNmNGYwN2FjMWZjNzNhNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK6g3BCmMlOr5ZUOMQWSng1G/wu9
2qDbYF8e0+bAWlWcID2DPAK0gW4fYSqP+S2QWl+PWp+XVaTrmAsIyoQ9xrTizSKi
TBotiFQ5HyU0dJTwiZot+WOCmBgqMIuW4QqibrJrgxBIku59h9YMj3K7PzN6L1Uz
A4PMk+Ws4C+7YsNTPxkdhXWHq9xzBLdV2wwLjiVT6jeVatc5AVABHCtI5oqL77nb
fpRTiEMA8f9zo1a1kslQa8kgyGLmMFy2DBFZW42/WM78CquO1Ws/6iL4dio1Ki4F
1c7uOWMLPrOVagUMaDih9PHozSiNIZeOvG/83zqIgr4lTmd5vasmDs8LxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFZ8WadfJU8fs34II/TwesH8c6YhMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvVm54WnAxOGxUeC16ZmdnajlQQjZ3Znh6cGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLv1YMA0E
AgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQCyYvyh7r+DuCl4hTW/VSpy
TJsoEL5pgayfbJju/m1yMbcrVyEu0UIJM7xoAprRCAkUHcComZaKskX81mRQWh8M
d6mm9oSYPx2BZbWNTw9UXB2gtW4Fj9aRRHPlhJCiGA2dhpMc1hnJ1MNkhifnzjZs
7zmcP19Brw9fEXb+y7la+Gg246BMFt3GOtKFiqnhTbydf/hliCsVJ+fultOFyB4e
nqZkntlAX8JMupzBMLWQS8njYmGuMRQkb6mSjmNO12H8zW9GD0916shW47OpUJzR
SY0fOz5Nz013XBu4IVfyRPBgU+ANBPtm4S8LriByFKPN9HkRGJq15USk19w/U0yY
-----END CERTIFICATE-----
Generated at Wed May 22 10:54:02 2024 by rpki-client on console-ams.rpki-client.org