Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/VQamT0iyBz3VkK4a4wmNc7lHViI.roa
File: VQamT0iyBz3VkK4a4wmNc7lHViI.roa (raw, json)
Hash identifier: S2QkzzizjzFGkKfXjpCZoWtXBmu9Y+aZSOPmIGKJXCQ=
Subject key identifier: 55:06:A6:4F:48:B2:07:3D:D5:90:AE:1A:E3:09:8D:73:B9:47:56:22
Certificate issuer: /CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Certificate serial: 018CC5DC76B1108282059B6D61A80E0A9F95
Authority key identifier: 64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/VQamT0iyBz3VkK4a4wmNc7lHViI.roa
Signing time: Mon 01 Jan 2024 16:30:08 +0000
ROA not before: Mon 01 Jan 2024 16:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 195.190.135.0/24 maxlen: 24
194.37.255.0/24 maxlen: 24
91.198.224.0/24 maxlen: 24
194.145.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:76:b1:10:82:82:05:9b:6d:61:a8:0e:0a:9f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Validity
Not Before: Jan 1 16:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5506a64f48b2073dd590ae1ae3098d73b9475622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:56:09:a0:63:6d:e6:4d:03:eb:34:0a:5f:8b:
44:18:54:22:7f:5e:ee:07:66:dc:4e:35:e2:9d:3e:
c0:79:73:f9:fb:6a:9d:ef:c6:d1:ec:a6:37:6f:7c:
90:45:0e:14:9b:6c:d9:c5:fa:c9:e1:83:1e:6e:8a:
9b:bb:83:fa:f5:a2:41:1b:99:57:5e:86:e4:c6:10:
86:7e:5a:85:eb:03:16:84:a8:1c:2a:49:53:ad:8b:
c2:e2:de:99:f6:00:37:6e:40:16:b7:8b:6d:a8:37:
ff:e9:7a:e2:2e:d9:e5:74:a6:13:13:6c:15:ec:2e:
c6:01:90:de:0e:f3:37:f4:16:41:16:eb:a9:ee:5b:
f8:75:52:04:3f:e7:af:62:6f:53:22:48:1a:92:7f:
dc:b0:7f:92:db:88:d4:4e:03:3c:53:70:d1:d7:8c:
91:da:9c:ab:eb:1b:37:2e:1a:0f:a5:43:05:bd:65:
b3:dc:e0:b9:95:f9:db:45:2a:b0:1d:21:12:41:c7:
1e:00:a5:5d:33:13:ac:78:e6:b5:fa:55:44:10:22:
d1:2e:d0:95:72:87:25:4e:2c:3e:ce:ef:b1:2f:2b:
db:f4:f1:0b:9b:d2:d6:3d:70:c4:86:b3:9d:57:4f:
cc:3f:f3:24:4b:da:4f:8e:54:83:c7:8a:da:1c:3b:
a2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:06:A6:4F:48:B2:07:3D:D5:90:AE:1A:E3:09:8D:73:B9:47:56:22
X509v3 Authority Key Identifier:
keyid:64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/VQamT0iyBz3VkK4a4wmNc7lHViI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.224.0/24
194.37.255.0/24
194.145.224.0/24
195.190.135.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d4:87:12:19:e0:e3:dc:5a:c9:d8:ed:85:95:23:88:21:ee:
c9:22:d3:ce:0a:9d:0f:74:ef:3a:de:33:33:f4:b4:62:67:0e:
9e:6c:45:c9:45:73:43:c4:96:5f:d9:b3:55:fe:f8:60:be:54:
e9:d7:70:b4:1e:27:2c:cc:b1:21:4c:fb:f7:94:70:0c:00:43:
53:77:b4:0a:84:29:cf:8d:b0:d6:86:c9:a7:64:83:fb:b6:40:
4a:8b:96:04:84:91:28:6a:29:10:4d:97:6c:85:87:7b:d5:1b:
b8:a5:d1:06:eb:27:9a:d6:ce:cb:a8:3e:5e:ee:97:df:2a:ec:
34:fa:7e:7b:f2:51:bb:0f:4f:5d:5d:84:fe:a7:fc:bc:83:2d:
2f:ed:e5:33:86:b1:31:4b:5f:3a:07:6e:e4:35:1b:94:1d:2a:
e4:78:cd:46:42:44:59:eb:e5:fa:3e:84:13:df:ec:f3:ca:c1:
31:3e:be:d0:e0:96:cb:21:43:0c:07:d8:1e:3f:8b:5e:6c:59:
51:c3:ca:a3:7d:d2:b3:97:10:5e:4f:a0:ba:4f:24:4d:27:21:
6d:63:ed:09:db:86:05:d6:61:bf:73:66:64:a5:a8:21:d9:a5:
22:f8:20:d1:37:15:24:62:a6:e3:e8:bd:df:0b:3e:7d:e6:b8:
08:62:f2:95
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3HaxEIKCBZttYagOCp+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Zjg3M2FkYjZhMWYzZTgxYjMzNDNjNzQ5OTg5NDc1MjZj
NDNkY2YwHhcNMjQwMTAxMTYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA2YTY0ZjQ4YjIwNzNkZDU5MGFlMWFlMzA5OGQ3M2I5NDc1NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVYJoGNt5k0D6zQKX4tEGFQif17u
B2bcTjXinT7AeXP5+2qd78bR7KY3b3yQRQ4Um2zZxfrJ4YMeboqbu4P69aJBG5lX
XobkxhCGflqF6wMWhKgcKklTrYvC4t6Z9gA3bkAWt4ttqDf/6XriLtnldKYTE2wV
7C7GAZDeDvM39BZBFuup7lv4dVIEP+evYm9TIkgakn/csH+S24jUTgM8U3DR14yR
2pyr6xs3LhoPpUMFvWWz3OC5lfnbRSqwHSESQcceAKVdMxOseOa1+lVEECLRLtCV
coclTiw+zu+xLyvb9PELm9LWPXDEhrOdV0/MP/MkS9pPjlSDx4raHDuiyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFUGpk9Isgc91ZCuGuMJjXO5R1YiMB8GA1UdIwQY
MBaAFGT4c622ofPoGzNDx0mYlHUmxD3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2Ut
Mzk3ZjM2YzkxOTgyLzEvVlFhbVQwaXlCejNWa0s0YTR3bU5jN2xIVmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2UtMzk3ZjM2YzkxOTgy
LzEvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8bgAwQA
wiX/AwQAwpHgAwQAw76HMA0GCSqGSIb3DQEBCwUAA4IBAQAS1IcSGeDj3FrJ2O2F
lSOIIe7JItPOCp0PdO863jMz9LRiZw6ebEXJRXNDxJZf2bNV/vhgvlTp13C0Hics
zLEhTPv3lHAMAENTd7QKhCnPjbDWhsmnZIP7tkBKi5YEhJEoaikQTZdshYd71Ru4
pdEG6yea1s7LqD5e7pffKuw0+n578lG7D09dXYT+p/y8gy0v7eUzhrExS186B27k
NRuUHSrkeM1GQkRZ6+X6PoQT3+zzysExPr7Q4JbLIUMMB9geP4tebFlRw8qjfdKz
lxBeT6C6TyRNJyFtY+0J24YF1mG/c2Zkpagh2aUi+CDRNxUkYqbj6L3fCz595rgI
YvKV
-----END CERTIFICATE-----
Generated at Tue Nov 26 07:58:12 2024 by rpki-client on console-fra.rpki-client.org