Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/vhhINde8pr6IniUZPu9g1A1HxLI.roa
File: vhhINde8pr6IniUZPu9g1A1HxLI.roa (raw, json)
Hash identifier: /EZkqQztrjHRonhFehIiiH7gCy2pH5kPTbr0oKdPMAc=
Subject key identifier: BE:18:48:35:D7:BC:A6:BE:88:9E:25:19:3E:EF:60:D4:0D:47:C4:B2
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018CC26D02D920B20D62F8F9E26BE3976744
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/vhhINde8pr6IniUZPu9g1A1HxLI.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 185.48.52.0/22 maxlen: 22
43.229.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:d9:20:b2:0d:62:f8:f9:e2:6b:e3:97:67:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be184835d7bca6be889e25193eef60d40d47c4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:5a:40:7c:ed:50:7c:24:34:1b:43:33:12:
b0:2e:44:cd:df:2a:f3:be:6c:cb:0c:42:93:1f:1e:
42:a9:bc:15:75:ec:33:e0:f2:d5:f0:e2:7a:4a:d3:
30:fb:71:55:3a:f6:af:44:18:67:af:68:d2:15:75:
db:84:b9:a1:b5:75:93:fc:57:fa:8a:03:8d:d8:b2:
52:d5:ba:ed:75:10:f5:76:09:f5:16:8c:0a:7d:22:
c8:78:60:7e:f2:93:7e:0c:a2:b1:11:2c:b8:6e:f7:
d5:e4:4c:62:59:a0:8a:98:df:3a:ea:47:1b:2d:10:
ae:fa:49:69:4a:cd:ac:5b:cc:9b:32:b2:85:c3:b1:
61:cc:05:5e:8c:35:85:0b:7a:08:63:8b:6d:2b:dd:
95:24:66:03:67:33:09:d0:cc:a9:40:4f:34:69:a9:
13:95:70:4c:92:69:e5:f0:e4:63:e0:74:fb:70:eb:
fc:59:3a:e1:47:3f:0e:8e:3f:1b:fa:98:ae:51:60:
6c:25:f6:c0:19:88:1f:5d:62:e5:0b:73:63:f8:48:
d3:96:09:d6:1a:ec:26:ab:26:35:36:44:07:64:b9:
b2:90:a6:62:ba:7d:2f:3f:d2:f9:69:f7:66:4d:4f:
81:66:94:b0:15:e4:22:19:c1:9d:dc:93:de:58:23:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:18:48:35:D7:BC:A6:BE:88:9E:25:19:3E:EF:60:D4:0D:47:C4:B2
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/vhhINde8pr6IniUZPu9g1A1HxLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.229.8.0/22
185.48.52.0/22
Signature Algorithm: sha256WithRSAEncryption
96:a8:a1:85:53:4a:37:d0:7c:19:4b:94:aa:85:77:52:fa:6a:
e4:9d:ad:98:59:2a:8b:ef:a6:8d:c8:79:64:57:6f:b4:e1:09:
fb:c9:49:7a:95:7d:46:39:1e:59:53:29:d0:7d:1a:e9:e0:4a:
64:a3:b9:36:a9:aa:86:b1:3a:23:5f:ec:be:29:ae:f0:22:e4:
f1:ba:91:b2:21:89:ce:1a:f5:74:44:d9:60:8e:18:7e:d8:d4:
9d:98:19:da:e9:e0:7d:d9:cd:bc:d5:cb:94:08:ae:6a:86:e5:
46:c0:16:6f:a2:20:9d:d7:21:fd:91:cd:15:66:93:27:b8:7f:
05:3f:7d:29:ac:78:4a:f7:5e:85:2c:fa:29:9d:aa:f6:74:de:
20:c8:78:c5:ce:01:3e:e0:00:72:2f:eb:57:bb:6b:5f:3d:be:
1a:bc:18:bf:95:c0:1a:04:64:d8:d0:13:f4:e2:d1:c9:26:62:
c8:21:26:05:a7:a0:2d:44:7b:7a:4c:5a:7c:e7:6c:c6:b8:f2:
9f:33:25:9b:e4:e8:63:e7:b2:e5:a4:bb:30:46:3a:8a:db:a1:
72:33:13:a0:f5:4c:88:e3:1a:2b:56:f5:a1:34:f6:26:73:0f:
e6:ab:32:74:9f:4a:2a:e9:33:eb:d5:82:0f:24:55:91:05:d0:
8f:c7:fc:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbQLZILINYvj54mvjl2dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE4NDgzNWQ3YmNhNmJlODg5ZTI1MTkzZWVmNjBkNDBkNDdjNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VlaQHztUHwkNBtDMxKwLkTN3yrz
vmzLDEKTHx5CqbwVdewz4PLV8OJ6StMw+3FVOvavRBhnr2jSFXXbhLmhtXWT/Ff6
igON2LJS1brtdRD1dgn1FowKfSLIeGB+8pN+DKKxESy4bvfV5ExiWaCKmN866kcb
LRCu+klpSs2sW8ybMrKFw7FhzAVejDWFC3oIY4ttK92VJGYDZzMJ0MypQE80aakT
lXBMkmnl8ORj4HT7cOv8WTrhRz8Ojj8b+piuUWBsJfbAGYgfXWLlC3Nj+EjTlgnW
GuwmqyY1NkQHZLmykKZiun0vP9L5afdmTU+BZpSwFeQiGcGd3JPeWCNfZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL4YSDXXvKa+iJ4lGT7vYNQNR8SyMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvdmhoSU5kZThwcjZJbmlVWlB1OWcxQTFIeExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCK+UIAwQC
uTA0MA0GCSqGSIb3DQEBCwUAA4IBAQCWqKGFU0o30HwZS5SqhXdS+mrkna2YWSqL
76aNyHlkV2+04Qn7yUl6lX1GOR5ZUynQfRrp4Epko7k2qaqGsTojX+y+Ka7wIuTx
upGyIYnOGvV0RNlgjhh+2NSdmBna6eB92c281cuUCK5qhuVGwBZvoiCd1yH9kc0V
ZpMnuH8FP30prHhK916FLPopnar2dN4gyHjFzgE+4AByL+tXu2tfPb4avBi/lcAa
BGTY0BP04tHJJmLIISYFp6AtRHt6TFp852zGuPKfMyWb5Ohj57LlpLswRjqK26Fy
MxOg9UyI4xorVvWhNPYmcw/mqzJ0n0oq6TPr1YIPJFWRBdCPx/zs
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:16:40 2024 by rpki-client on console-ams.rpki-client.org