Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/VmEta49eJU5gaDHzNkRhMSaqvZs.roa
File: VmEta49eJU5gaDHzNkRhMSaqvZs.roa (raw, json)
Hash identifier: NG985Z4ZHj9JV/d3GkG6GUK6PTmJJWMadSfthzW+cQw=
Subject key identifier: 56:61:2D:6B:8F:5E:25:4E:60:68:31:F3:36:44:61:31:26:AA:BD:9B
Certificate issuer: /CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Certificate serial: 018CC649DB98CF73E346EDEAF58DC862CA99
Authority key identifier: 61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/VmEta49eJU5gaDHzNkRhMSaqvZs.roa
Signing time: Mon 01 Jan 2024 18:29:38 +0000
ROA not before: Mon 01 Jan 2024 18:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211186
IP address blocks: 91.218.22.0/24 maxlen: 24
185.14.96.0/24 maxlen: 24
195.95.189.0/24 maxlen: 24
2a0c:2580:1000::/36 maxlen: 36
2a0c:2580::/36 maxlen: 36
2a0c:2580:2000::/36 maxlen: 36
2a0c:2580::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.mft
rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:db:98:cf:73:e3:46:ed:ea:f5:8d:c8:62:ca:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Validity
Not Before: Jan 1 18:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56612d6b8f5e254e606831f33644613126aabd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:69:80:91:1c:9e:21:86:a0:e9:6a:0a:8c:2c:
26:e7:6d:78:3d:56:15:c1:00:a5:ea:81:c3:7b:34:
bc:bf:03:7f:6a:7c:e1:f9:b4:52:dd:62:3c:b2:40:
83:15:2a:ee:6d:21:f2:7e:2f:e2:33:d3:67:77:67:
ce:f9:12:7a:41:02:8e:2b:aa:77:09:91:b9:e4:01:
1d:c6:d3:37:90:44:85:3c:17:10:d8:dc:c6:fe:12:
23:9f:31:58:1b:3c:d6:8a:80:bb:a6:23:47:21:82:
43:d4:73:b5:be:4a:89:96:6a:04:0c:d3:c2:85:54:
80:58:cd:b2:97:18:36:1f:b5:ee:97:aa:a0:3c:2f:
51:16:aa:94:db:f2:81:74:ef:25:d7:3b:c8:1e:37:
16:f3:56:d6:fd:43:01:a7:a9:ed:32:38:72:e9:2c:
b7:35:f2:28:2f:4f:66:1f:d3:f3:3b:72:f3:4a:04:
62:2a:54:6d:1f:cf:04:82:1e:a6:d5:f2:de:03:24:
09:55:fe:48:99:2b:dd:67:01:0f:2a:6f:ff:be:ab:
1e:93:76:35:e4:9f:20:f0:c6:83:fc:fb:65:aa:0e:
3d:dd:bc:83:67:67:7b:f2:5a:0c:5e:13:23:41:ec:
6c:50:a5:7b:34:e8:f2:10:bf:f1:4e:67:cd:7e:05:
71:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:61:2D:6B:8F:5E:25:4E:60:68:31:F3:36:44:61:31:26:AA:BD:9B
X509v3 Authority Key Identifier:
keyid:61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/VmEta49eJU5gaDHzNkRhMSaqvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.22.0/24
185.14.96.0/24
195.95.189.0/24
IPv6:
2a0c:2580::/30
Signature Algorithm: sha256WithRSAEncryption
3b:87:b5:f0:de:13:66:0d:6f:de:ee:97:ab:77:c9:fc:a1:03:
b1:c9:7a:a1:af:0e:99:9f:23:95:6b:be:b5:79:42:84:17:f3:
33:6d:4e:4a:d8:27:81:6d:db:80:c7:a9:e4:66:db:c2:71:ba:
31:86:b4:17:81:b6:e1:23:47:af:2c:cd:0f:b8:5b:00:dc:6d:
31:51:77:bc:63:f8:21:75:73:f6:49:54:73:d9:16:44:d7:bd:
66:a3:bd:83:05:b2:d3:de:7a:6b:e6:cc:6c:49:c6:93:5f:1f:
12:23:a7:ae:90:1c:02:73:4c:16:7d:74:6d:53:8f:d9:40:99:
3c:25:af:42:db:36:66:78:04:66:a5:12:c3:6c:dc:e7:07:54:
eb:b2:86:96:27:85:af:36:46:ad:6b:4f:ac:0f:c7:64:05:5e:
81:2d:6d:f3:78:c5:b2:0f:02:ef:cf:88:bb:ca:80:42:ff:33:
7b:2f:20:95:c6:df:e2:93:4f:3e:41:1d:fc:e7:25:7f:1b:b5:
c6:0e:3f:db:44:fa:61:96:7b:40:85:7d:7b:ca:c5:5c:e9:41:
2f:cb:fe:e5:be:da:04:c3:ed:8d:88:52:aa:13:a9:27:8d:6a:
f7:df:9c:d8:cf:b2:08:62:3c:4b:c1:2a:dc:73:a3:bf:7b:30:
38:7a:6b:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSduYz3PjRu3q9Y3IYsqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTU2NTU2MmQzZTNmNTY1ZTljMGE0MTk0NmVhNTNkNDVk
NWQ2NTcwHhcNMjQwMTAxMTgyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYxMmQ2YjhmNWUyNTRlNjA2ODMxZjMzNjQ0NjEzMTI2YWFiZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAommAkRyeIYag6WoKjCwm5214PVYV
wQCl6oHDezS8vwN/anzh+bRS3WI8skCDFSrubSHyfi/iM9Nnd2fO+RJ6QQKOK6p3
CZG55AEdxtM3kESFPBcQ2NzG/hIjnzFYGzzWioC7piNHIYJD1HO1vkqJlmoEDNPC
hVSAWM2ylxg2H7Xul6qgPC9RFqqU2/KBdO8l1zvIHjcW81bW/UMBp6ntMjhy6Sy3
NfIoL09mH9PzO3LzSgRiKlRtH88Egh6m1fLeAyQJVf5ImSvdZwEPKm//vqsek3Y1
5J8g8MaD/Ptlqg493byDZ2d78loMXhMjQexsUKV7NOjyEL/xTmfNfgVxcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFZhLWuPXiVOYGgx8zZEYTEmqr2bMB8GA1UdIwQY
MBaAFGHlZVYtPj9WXpwKQZRupT1F1dZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYt
ZjRjYmQ2YmE2YzBmLzEvVm1FdGE0OWVKVTVnYURIek5rUmhNU2FxdlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYtZjRjYmQ2YmE2YzBm
LzEvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oWAwQA
uQ5gAwQAw1+9MA0EAgACMAcDBQIqDCWAMA0GCSqGSIb3DQEBCwUAA4IBAQA7h7Xw
3hNmDW/e7perd8n8oQOxyXqhrw6ZnyOVa761eUKEF/MzbU5K2CeBbduAx6nkZtvC
cboxhrQXgbbhI0evLM0PuFsA3G0xUXe8Y/ghdXP2SVRz2RZE171mo72DBbLT3npr
5sxsScaTXx8SI6eukBwCc0wWfXRtU4/ZQJk8Ja9C2zZmeARmpRLDbNznB1TrsoaW
J4WvNkata0+sD8dkBV6BLW3zeMWyDwLvz4i7yoBC/zN7LyCVxt/ik08+QR385yV/
G7XGDj/bRPphlntAhX17ysVc6UEvy/7lvtoEw+2NiFKqE6knjWr335zYz7IIYjxL
wSrcc6O/ezA4emu9
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:01:23 2024 by rpki-client on console-fra.rpki-client.org