Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VFnqHO87mjgtFT3YDKZDcHUiEkc.roa
File: VFnqHO87mjgtFT3YDKZDcHUiEkc.roa (raw, json)
Hash identifier: /ueV0VBDDE66CgQpbJpXiPxLlIeEZ/eeW0HRSrwzGoI=
Subject key identifier: 54:59:EA:1C:EF:3B:9A:38:2D:15:3D:D8:0C:A6:43:70:75:22:12:47
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D87BB44CF4079987FA6D051430A5A1FAF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VFnqHO87mjgtFT3YDKZDcHUiEkc.roa
Signing time: Thu 08 Feb 2024 08:00:13 +0000
ROA not before: Thu 08 Feb 2024 08:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
46.20.212.0/22 maxlen: 23
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:bb:44:cf:40:79:98:7f:a6:d0:51:43:0a:5a:1f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 8 08:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5459ea1cef3b9a382d153dd80ca6437075221247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1a:ec:96:34:b7:21:d8:06:41:ff:25:df:44:
f5:8a:dc:ea:d6:6f:d3:79:86:3d:c2:cb:0a:54:aa:
f2:78:62:23:1a:84:b8:1d:5f:49:91:fe:23:12:7d:
94:1a:f8:18:b1:24:1c:1b:b9:22:63:71:cf:6d:3e:
50:e1:0d:6c:34:54:b2:92:27:56:f0:23:1f:27:85:
c0:70:c1:df:fb:66:7a:0d:1b:ec:fb:cd:9b:2a:cb:
97:2d:4e:3d:c0:97:ec:3d:e0:97:74:29:04:1b:58:
47:8d:9b:3c:c3:a8:a4:d0:81:3e:4d:aa:22:14:4c:
bf:76:6d:6b:29:f0:d2:90:e8:59:9d:6d:6d:0b:89:
e2:45:85:ab:ca:e5:b2:ed:42:95:f8:11:94:7e:73:
6f:37:bc:a0:6e:7a:9b:cf:08:1f:8e:e0:ef:34:f0:
dd:0c:0e:fd:ba:44:75:f5:88:e0:a6:1e:05:6f:f4:
5d:a2:58:a2:58:01:35:e8:46:be:c9:c4:b7:fb:ac:
f1:c5:f4:a7:e0:72:ad:e1:c4:18:63:b0:bf:49:cf:
5b:9e:7b:0b:69:24:a3:80:22:eb:6b:f5:9c:65:06:
51:6c:03:8b:dd:56:fb:f4:3c:43:8e:88:6f:68:4a:
22:33:b3:2a:58:c5:26:c5:00:48:8b:0a:71:05:f5:
df:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:59:EA:1C:EF:3B:9A:38:2D:15:3D:D8:0C:A6:43:70:75:22:12:47
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VFnqHO87mjgtFT3YDKZDcHUiEkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.124.0/22
46.20.212.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
63:ab:a9:79:7e:c7:2b:4b:d1:e3:e2:aa:b9:4a:1a:ef:1e:84:
b1:21:5c:80:70:f4:2a:49:f5:34:b7:bd:fc:cb:f0:be:20:e3:
f8:0e:fe:14:3a:37:26:7c:28:a0:72:76:33:e7:bf:a9:e5:df:
d7:7f:79:e7:c4:fa:68:72:c6:8b:6e:f8:f7:ac:b0:38:ca:ef:
40:17:c5:8a:30:07:36:60:91:4f:01:22:18:f0:25:47:9b:18:
dc:c8:a7:d4:ad:81:03:b8:7d:a6:17:26:9d:cb:f9:78:0e:14:
27:8e:5e:7f:81:09:c1:ec:a2:82:d5:41:04:44:22:12:93:96:
89:f9:31:8d:2c:64:cf:db:59:58:0c:d9:e6:47:6f:b7:27:ee:
36:00:fa:c8:02:88:65:00:ef:23:bc:03:88:4b:0e:73:42:b4:
33:42:51:49:1d:ec:63:e5:37:4d:3b:7d:dd:2e:32:dd:b0:2f:
60:08:b3:ea:d1:66:03:4a:51:be:40:ae:7a:24:74:7e:39:12:
8e:23:75:b9:08:cb:10:72:a2:18:91:f6:d3:ba:6e:d0:ca:24:
3e:a2:ad:d5:2b:44:ac:e6:04:c6:17:a2:4d:e2:0b:27:20:91:
06:43:b0:49:63:47:89:38:9b:26:0a:2d:fb:c5:13:85:35:6a:
28:40:30:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2Hu0TPQHmYf6bQUUMKWh+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjA4MDgwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDU5ZWExY2VmM2I5YTM4MmQxNTNkZDgwY2E2NDM3MDc1MjIxMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhrsljS3IdgGQf8l30T1itzq1m/T
eYY9wssKVKryeGIjGoS4HV9Jkf4jEn2UGvgYsSQcG7kiY3HPbT5Q4Q1sNFSykidW
8CMfJ4XAcMHf+2Z6DRvs+82bKsuXLU49wJfsPeCXdCkEG1hHjZs8w6ik0IE+Taoi
FEy/dm1rKfDSkOhZnW1tC4niRYWryuWy7UKV+BGUfnNvN7ygbnqbzwgfjuDvNPDd
DA79ukR19Yjgph4Fb/RdoliiWAE16Ea+ycS3+6zxxfSn4HKt4cQYY7C/Sc9bnnsL
aSSjgCLra/WcZQZRbAOL3Vb79DxDjohvaEoiM7MqWMUmxQBIiwpxBfXfywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFRZ6hzvO5o4LRU92AymQ3B1IhJHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVkZucUhPODdtamd0RlQzWURLWkRjSFVpRWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWZsAwQC
BWZ8AwQCLhTUAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBjq6l5fscrS9Hj4qq5
ShrvHoSxIVyAcPQqSfU0t738y/C+IOP4Dv4UOjcmfCigcnYz57+p5d/Xf3nnxPpo
csaLbvj3rLA4yu9AF8WKMAc2YJFPASIY8CVHmxjcyKfUrYEDuH2mFyady/l4DhQn
jl5/gQnB7KKC1UEERCISk5aJ+TGNLGTP21lYDNnmR2+3J+42APrIAohlAO8jvAOI
Sw5zQrQzQlFJHexj5TdNO33dLjLdsC9gCLPq0WYDSlG+QK56JHR+ORKOI3W5CMsQ
cqIYkfbTum7QyiQ+oq3VK0Ss5gTGF6JN4gsnIJEGQ7BJY0eJOJsmCi37xROFNWoo
QDCk
-----END CERTIFICATE-----
Generated at Thu May 2 06:49:47 2024 by rpki-client on console-fra.rpki-client.org