Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/VaHoWNMnpGMwmn4oVHEAyLOadw8.roa
File: VaHoWNMnpGMwmn4oVHEAyLOadw8.roa (raw, json)
Hash identifier: mkh2hJZDISBgWXQEc+izV7ecfd1BNRyJ41dpzyMvYwA=
Subject key identifier: 55:A1:E8:58:D3:27:A4:63:30:9A:7E:28:54:71:00:C8:B3:9A:77:0F
Certificate issuer: /CN=b4d7ed14b8d51a20baec7b660f08a80cdcf817bf
Certificate serial: 018CC26D359055176ACAF9C5D4D79A907326
Authority key identifier: B4:D7:ED:14:B8:D5:1A:20:BA:EC:7B:66:0F:08:A8:0C:DC:F8:17:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNftFLjVGiC67HtmDwioDNz4F78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/VaHoWNMnpGMwmn4oVHEAyLOadw8.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28785
IP address blocks: 213.222.192.0/21 maxlen: 21
213.222.192.0/22 maxlen: 22
213.222.196.0/24 maxlen: 24
213.222.196.0/23 maxlen: 23
213.222.201.0/24 maxlen: 24
213.222.204.0/24 maxlen: 24
213.222.200.0/21 maxlen: 21
213.222.205.0/24 maxlen: 24
213.222.206.0/24 maxlen: 24
213.222.210.0/24 maxlen: 24
213.222.211.0/24 maxlen: 24
213.222.212.0/24 maxlen: 24
213.222.207.0/24 maxlen: 24
213.222.208.0/24 maxlen: 24
213.222.208.0/21 maxlen: 24
213.222.216.0/24 maxlen: 24
213.222.217.0/24 maxlen: 24
2a03:7580::/40 maxlen: 40
2a03:7580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/tNftFLjVGiC67HtmDwioDNz4F78.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/tNftFLjVGiC67HtmDwioDNz4F78.mft
rsync://rpki.ripe.net/repository/DEFAULT/tNftFLjVGiC67HtmDwioDNz4F78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:35:90:55:17:6a:ca:f9:c5:d4:d7:9a:90:73:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4d7ed14b8d51a20baec7b660f08a80cdcf817bf
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55a1e858d327a463309a7e28547100c8b39a770f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3f:e8:6a:92:ca:b4:87:21:0c:e4:58:13:64:
de:12:3a:26:67:fa:c4:40:c6:f4:ae:2a:3a:37:83:
21:d4:f5:7a:41:3e:ef:35:32:41:31:52:03:b9:ef:
af:51:27:d4:f4:a9:62:3f:e9:7e:82:1d:73:bd:d2:
ad:3f:56:5e:ef:3e:e5:03:64:d8:7f:43:62:f1:a0:
da:84:40:04:6d:bc:02:ca:31:82:e4:c4:88:a7:ed:
b6:05:a3:15:49:56:7b:d9:c6:ca:67:52:ed:44:05:
1d:81:e2:63:67:26:c6:03:9d:0f:81:c3:e0:f4:89:
d0:2c:7b:6a:b6:fd:6c:85:cc:0d:90:23:04:dc:f9:
9c:e0:0d:35:77:ba:29:98:ea:26:e7:33:dd:86:89:
47:44:29:17:42:34:8b:56:3d:c3:4d:8b:f0:6c:1b:
53:a6:d1:7f:a4:91:68:0f:9d:74:91:c6:77:9c:90:
fe:d2:c9:87:83:e1:91:83:07:34:32:fd:a9:79:90:
81:64:a5:81:fb:9d:81:a2:f3:9b:05:a1:6c:b5:1a:
cd:65:7f:56:16:03:22:15:75:a1:24:e0:7e:c6:27:
bc:9a:f1:ee:3e:f6:35:49:be:b6:5f:32:6a:a9:28:
f6:fa:dc:f6:ee:c8:d6:be:01:32:2c:13:6a:7a:bb:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A1:E8:58:D3:27:A4:63:30:9A:7E:28:54:71:00:C8:B3:9A:77:0F
X509v3 Authority Key Identifier:
keyid:B4:D7:ED:14:B8:D5:1A:20:BA:EC:7B:66:0F:08:A8:0C:DC:F8:17:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNftFLjVGiC67HtmDwioDNz4F78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/VaHoWNMnpGMwmn4oVHEAyLOadw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/tNftFLjVGiC67HtmDwioDNz4F78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.222.192.0-213.222.217.255
IPv6:
2a03:7580::/32
Signature Algorithm: sha256WithRSAEncryption
81:12:50:1d:47:7b:25:01:4f:1d:49:0e:11:60:20:37:34:fa:
b4:f1:f2:87:05:04:4c:a8:a7:bf:d2:da:14:35:07:ff:2e:bc:
d8:e8:b3:58:d4:6f:af:1c:58:85:9c:d4:44:b1:9f:ba:a8:f3:
c7:5b:6c:98:c9:da:08:e0:91:b0:13:e6:36:43:0e:d7:48:08:
87:fb:ee:46:7a:e4:41:b6:61:7f:93:bc:1f:30:e2:ee:d4:6d:
e1:60:c5:36:96:37:4b:e8:80:6d:ce:d0:6f:48:b9:f6:73:b9:
a8:d1:4c:4c:d8:94:8d:ce:34:30:d4:d2:95:8f:ba:10:5d:5d:
ef:70:27:43:e8:9c:28:96:b5:fb:fe:3c:c5:ef:e6:b2:3e:fd:
47:a2:92:56:6d:98:12:84:74:dd:2b:1f:b5:c0:a8:6e:e7:42:
c6:aa:12:fb:95:37:66:fa:a9:ed:61:a6:7d:7e:72:81:85:63:
ab:aa:b7:4a:d5:28:80:aa:86:6d:16:b6:90:20:f4:dd:79:5a:
88:df:a9:d3:aa:f2:ce:c6:35:14:e7:25:16:18:0a:ae:b9:63:
35:be:9b:35:b2:4e:0d:e5:25:a5:03:bc:df:e5:d0:7a:60:20:
c4:e4:d6:3e:97:af:9c:62:50:5c:22:eb:5b:46:82:ec:1e:80:
b1:41:7e:26
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbTWQVRdqyvnF1NeakHMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDdlZDE0YjhkNTFhMjBiYWVjN2I2NjBmMDhhODBjZGNm
ODE3YmYwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWExZTg1OGQzMjdhNDYzMzA5YTdlMjg1NDcxMDBjOGIzOWE3NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT/oapLKtIchDORYE2TeEjomZ/rE
QMb0rio6N4Mh1PV6QT7vNTJBMVIDue+vUSfU9KliP+l+gh1zvdKtP1Ze7z7lA2TY
f0Ni8aDahEAEbbwCyjGC5MSIp+22BaMVSVZ72cbKZ1LtRAUdgeJjZybGA50PgcPg
9InQLHtqtv1shcwNkCME3Pmc4A01d7opmOom5zPdholHRCkXQjSLVj3DTYvwbBtT
ptF/pJFoD510kcZ3nJD+0smHg+GRgwc0Mv2peZCBZKWB+52BovObBaFstRrNZX9W
FgMiFXWhJOB+xie8mvHuPvY1Sb62XzJqqSj2+tz27sjWvgEyLBNqeruzYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFWh6FjTJ6RjMJp+KFRxAMizmncPMB8GA1UdIwQY
MBaAFLTX7RS41Roguux7Zg8IqAzc+Be/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5mdEZMalZHaUM2N0h0bUR3aW9ETno0Rjc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8xMzJiYTgtNzY3Ni00OWY2LWFmY2Mt
N2QwNDIzYmRhNzRjLzEvVmFIb1dOTW5wR013bW40b1ZIRUF5TE9hZHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8xMzJiYTgtNzY3Ni00OWY2LWFmY2MtN2QwNDIzYmRhNzRj
LzEvdE5mdEZMalZHaUM2N0h0bUR3aW9ETno0Rjc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAbV3sAD
BAHV3tgwDQQCAAIwBwMFACoDdYAwDQYJKoZIhvcNAQELBQADggEBAIESUB1HeyUB
Tx1JDhFgIDc0+rTx8ocFBEyop7/S2hQ1B/8uvNjos1jUb68cWIWc1ESxn7qo88db
bJjJ2gjgkbAT5jZDDtdICIf77kZ65EG2YX+TvB8w4u7UbeFgxTaWN0vogG3O0G9I
ufZzuajRTEzYlI3ONDDU0pWPuhBdXe9wJ0PonCiWtfv+PMXv5rI+/UeiklZtmBKE
dN0rH7XAqG7nQsaqEvuVN2b6qe1hpn1+coGFY6uqt0rVKICqhm0WtpAg9N15Wojf
qdOq8s7GNRTnJRYYCq65YzW+mzWyTg3lJaUDvN/l0HpgIMTk1j6Xr5xiUFwi61tG
guwegLFBfiY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:10:34 2024 by rpki-client on console-ams.rpki-client.org