Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/vmi1thlOdV2lF8FwbNRVLhG7LJE.roa
File: vmi1thlOdV2lF8FwbNRVLhG7LJE.roa (raw, json)
Hash identifier: 5Jn5GbEodak3I4+nwasD9NvbQ8GjnAqGyeKp0KGsp+8=
Subject key identifier: BE:68:B5:B6:19:4E:75:5D:A5:17:C1:70:6C:D4:55:2E:11:BB:2C:91
Certificate issuer: /CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Certificate serial: 018CFFAF323549B42CCAE89A133CC9804E42
Authority key identifier: 6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/vmi1thlOdV2lF8FwbNRVLhG7LJE.roa
Signing time: Fri 12 Jan 2024 21:58:40 +0000
ROA not before: Fri 12 Jan 2024 21:58:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200318
IP address blocks: 194.169.62.0/24 maxlen: 24
194.169.60.0/22 maxlen: 22
194.169.61.0/24 maxlen: 24
194.169.63.0/24 maxlen: 24
194.169.60.0/24 maxlen: 24
2a0d:d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ff:af:32:35:49:b4:2c:ca:e8:9a:13:3c:c9:80:4e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Validity
Not Before: Jan 12 21:58:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be68b5b6194e755da517c1706cd4552e11bb2c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:50:6b:52:7a:f4:f7:93:1e:19:eb:d9:72:ff:
62:6a:88:56:5d:ab:38:41:24:2b:5a:3a:a3:89:7b:
c4:77:9f:31:72:c6:37:7d:c7:33:d1:93:7b:8b:41:
58:03:6f:c5:76:3f:5f:ec:a0:bd:31:1e:1b:1a:57:
a4:95:d4:e3:db:ef:ac:74:0b:69:7a:1c:fb:66:61:
f9:b5:b7:44:92:05:d8:48:4c:d8:38:d0:fd:2a:68:
96:76:25:2f:a2:b1:e2:fe:cf:f6:21:68:f6:77:c5:
0a:94:db:b6:f1:9a:15:b8:93:01:75:57:be:8b:54:
e2:1b:5a:d2:ad:25:0f:ff:b8:11:8c:13:08:cd:0b:
aa:d0:12:5d:f7:86:37:23:ea:b3:9d:d5:5b:5b:32:
5c:9b:8a:00:da:57:5f:96:ab:0c:c2:9d:f1:9e:8e:
de:fc:71:1a:07:74:7f:6f:07:a4:24:9b:63:9e:78:
c5:84:e8:6b:39:1b:e1:13:89:15:68:89:4e:b2:3b:
e3:1b:3c:90:8c:ce:b5:9d:be:2e:8f:76:ce:c1:21:
f6:ed:78:d5:a7:e3:16:97:bc:8c:7d:9b:4f:09:26:
4a:b4:06:c3:bf:cb:1f:22:cf:6b:2c:03:b6:aa:e8:
01:8f:76:af:53:34:de:1d:06:fa:e9:33:4e:00:e2:
2c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:68:B5:B6:19:4E:75:5D:A5:17:C1:70:6C:D4:55:2E:11:BB:2C:91
X509v3 Authority Key Identifier:
keyid:6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/vmi1thlOdV2lF8FwbNRVLhG7LJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.60.0/22
IPv6:
2a0d:d40::/32
Signature Algorithm: sha256WithRSAEncryption
07:e9:37:30:ce:bb:0e:19:80:04:1f:d3:51:b3:50:68:ad:b3:
df:22:64:ac:93:fa:86:9f:26:5f:5e:66:d0:17:19:15:d1:1b:
00:97:58:08:c8:e8:be:66:09:07:07:f2:7b:d7:f7:e4:a7:73:
d6:13:a4:c1:66:63:7f:56:75:ad:f2:cd:f0:bd:2f:bd:ce:77:
ba:a7:11:f5:af:08:ce:aa:7c:21:12:75:d3:2d:dd:64:70:e1:
f3:ab:48:e4:71:42:5c:da:46:a0:14:fd:31:88:7e:9e:11:25:
f6:f8:62:fc:5d:d2:a8:3e:bc:dc:78:65:22:c7:43:59:83:60:
44:ec:2f:79:3b:5a:fa:0f:98:fa:56:61:75:8c:38:8d:2c:6e:
30:7f:b8:7d:db:60:83:0d:fb:07:b6:8b:00:d4:92:2d:f1:ab:
cc:43:14:9c:e6:b9:9c:21:d0:97:b2:1f:aa:9a:7a:ba:72:55:
3d:6a:bf:20:a1:65:2b:1e:e9:ef:19:54:dd:f2:cf:d6:15:e9:
64:2a:cc:22:e2:85:8d:2e:ed:7d:af:ef:fb:69:bc:fe:97:38:
da:11:7c:1d:0b:9d:48:4e:cd:50:be:30:a3:1a:be:49:e7:b3:
0e:36:2e:f6:78:35:81:ca:40:a7:1f:85:f1:b0:65:1f:8b:1f:
fb:0d:b0:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYz/rzI1SbQsyuiaEzzJgE5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDk0NmMwODFiMzJiZTg0OGNiMDBkOGQ5MzJlOGMxZjcx
Nzk2NjgwHhcNMjQwMTEyMjE1ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY4YjViNjE5NGU3NTVkYTUxN2MxNzA2Y2Q0NTUyZTExYmIyYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlBrUnr095MeGevZcv9iaohWXas4
QSQrWjqjiXvEd58xcsY3fccz0ZN7i0FYA2/Fdj9f7KC9MR4bGlekldTj2++sdAtp
ehz7ZmH5tbdEkgXYSEzYOND9KmiWdiUvorHi/s/2IWj2d8UKlNu28ZoVuJMBdVe+
i1TiG1rSrSUP/7gRjBMIzQuq0BJd94Y3I+qzndVbWzJcm4oA2ldflqsMwp3xno7e
/HEaB3R/bwekJJtjnnjFhOhrORvhE4kVaIlOsjvjGzyQjM61nb4uj3bOwSH27XjV
p+MWl7yMfZtPCSZKtAbDv8sfIs9rLAO2qugBj3avUzTeHQb66TNOAOIsoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL5otbYZTnVdpRfBcGzUVS4RuyyRMB8GA1UdIwQY
MBaAFGwJRsCBsyvoSMsA2Nky6MH3F5ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMt
ZGYyYmJjOWQwNDczLzEvdm1pMXRobE9kVjJsRjhGd2JOUlZMaEc3TEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMtZGYyYmJjOWQwNDcz
LzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwqk8MA0E
AgACMAcDBQAqDQ1AMA0GCSqGSIb3DQEBCwUAA4IBAQAH6TcwzrsOGYAEH9NRs1Bo
rbPfImSsk/qGnyZfXmbQFxkV0RsAl1gIyOi+ZgkHB/J71/fkp3PWE6TBZmN/VnWt
8s3wvS+9zne6pxH1rwjOqnwhEnXTLd1kcOHzq0jkcUJc2kagFP0xiH6eESX2+GL8
XdKoPrzceGUix0NZg2BE7C95O1r6D5j6VmF1jDiNLG4wf7h922CDDfsHtosA1JIt
8avMQxSc5rmcIdCXsh+qmnq6clU9ar8goWUrHunvGVTd8s/WFelkKswi4oWNLu19
r+/7abz+lzjaEXwdC51ITs1QvjCjGr5J57MONi72eDWBykCnH4XxsGUfix/7DbCg
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:07:36 2024 by rpki-client on console-fra.rpki-client.org