Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/VcJ2Kgn-JXs45Lai3k_Nn6BKelY.roa
File: VcJ2Kgn-JXs45Lai3k_Nn6BKelY.roa (raw, json)
Hash identifier: BimJ7H6En08y1r+L3jMzwsa8J0FtFJkF8igD2hfgaEc=
Subject key identifier: 55:C2:76:2A:09:FE:25:7B:38:E4:B6:A2:DE:4F:CD:9F:A0:4A:7A:56
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 018CC8DEDAFE324E6E25B7741AEDC1EE289F
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/VcJ2Kgn-JXs45Lai3k_Nn6BKelY.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209307
IP address blocks: 192.54.76.0/23 maxlen: 24
192.54.186.0/23 maxlen: 24
95.183.42.0/24 maxlen: 24
95.183.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:da:fe:32:4e:6e:25:b7:74:1a:ed:c1:ee:28:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55c2762a09fe257b38e4b6a2de4fcd9fa04a7a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:63:9b:6e:b1:e9:20:4f:ce:7c:1b:f9:d8:0d:
75:6a:a6:c0:d7:b3:e4:9e:7e:67:32:80:89:17:ea:
fe:0a:21:5b:48:9b:fd:40:5e:37:66:0a:7e:a1:d4:
6d:b8:52:b2:11:0a:a0:07:31:48:e0:65:02:c6:5d:
37:ac:b4:f6:9c:62:a5:27:dd:7d:09:00:60:42:92:
46:3c:30:3a:0e:75:c1:89:23:e8:03:4b:c3:02:94:
3f:7e:51:66:3e:d7:af:f0:54:82:e6:d6:23:66:0a:
cb:d7:41:16:2c:40:c5:51:cf:b7:f4:8a:b7:b9:2e:
5e:f3:79:df:35:c2:99:92:ab:11:07:16:a3:e8:91:
06:96:d6:0f:12:86:c1:e4:cc:cc:88:bb:7c:8b:ee:
e0:0e:bd:03:0c:0e:22:62:73:1d:65:4d:3b:5e:39:
a6:b4:0a:52:58:0a:8c:7b:24:d3:61:07:8c:99:9c:
54:55:89:68:e5:81:ae:94:1a:2f:24:99:0d:f0:f1:
6a:a3:3f:2f:67:25:b2:ee:26:82:93:1d:c2:03:26:
fa:0f:ff:6f:7b:aa:f2:d9:37:93:49:ad:61:bd:be:
0c:ae:5b:10:ad:ff:15:4f:84:21:8d:a7:63:37:b1:
c8:b0:57:e2:21:53:c3:70:f5:73:f5:96:72:22:a2:
94:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C2:76:2A:09:FE:25:7B:38:E4:B6:A2:DE:4F:CD:9F:A0:4A:7A:56
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/VcJ2Kgn-JXs45Lai3k_Nn6BKelY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.42.0/23
192.54.76.0/23
192.54.186.0/23
Signature Algorithm: sha256WithRSAEncryption
74:19:b9:a7:2b:af:e4:41:98:76:1e:e1:55:72:a5:05:c7:ba:
f6:5e:fb:bb:1e:44:6f:d4:d3:54:f2:aa:5a:91:02:b6:ae:d7:
0f:66:d1:6c:e3:ab:8b:d0:c1:58:a4:d0:79:99:9e:17:f5:a2:
c7:f3:03:f9:d0:85:05:59:27:76:db:88:dc:c3:82:1c:bd:aa:
be:3a:e6:80:d9:ba:82:e6:f0:d1:55:c7:8d:79:79:c9:50:c0:
77:11:20:0c:ec:8f:2b:42:fd:7e:87:76:0b:6a:e3:b0:99:25:
54:17:dc:1d:d1:08:6a:6a:ea:65:e7:1b:46:3b:eb:96:f7:60:
58:e0:6f:4c:8a:e8:ec:02:06:1b:92:18:5a:35:ce:54:98:3c:
0c:83:2e:b6:d1:cb:5d:e4:08:a8:09:e1:41:cf:2e:d4:bc:6b:
af:d7:32:d3:bb:f4:76:04:86:cb:a7:56:f4:6c:56:bc:81:85:
82:db:6e:c6:60:84:78:8c:d1:e6:dd:d7:61:8f:51:52:c6:dc:
5b:d5:bb:03:de:5d:4d:53:0e:ca:01:cc:16:48:ec:53:57:07:
c5:2d:96:25:66:47:eb:59:a0:89:65:74:cb:71:a6:f5:95:fa:
c5:e7:e1:78:93:70:87:be:86:45:d8:54:86:53:0b:46:50:18:
35:dc:f7:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3tr+Mk5uJbd0Gu3B7iifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWMyNzYyYTA5ZmUyNTdiMzhlNGI2YTJkZTRmY2Q5ZmEwNGE3YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGObbrHpIE/OfBv52A11aqbA17Pk
nn5nMoCJF+r+CiFbSJv9QF43Zgp+odRtuFKyEQqgBzFI4GUCxl03rLT2nGKlJ919
CQBgQpJGPDA6DnXBiSPoA0vDApQ/flFmPtev8FSC5tYjZgrL10EWLEDFUc+39Iq3
uS5e83nfNcKZkqsRBxaj6JEGltYPEobB5MzMiLt8i+7gDr0DDA4iYnMdZU07Xjmm
tApSWAqMeyTTYQeMmZxUVYlo5YGulBovJJkN8PFqoz8vZyWy7iaCkx3CAyb6D/9v
e6ry2TeTSa1hvb4MrlsQrf8VT4QhjadjN7HIsFfiIVPDcPVz9ZZyIqKUFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFXCdioJ/iV7OOS2ot5PzZ+gSnpWMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvVmNKMktnbi1KWHM0NUxhaTNrX05uNkJLZWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBX7cqAwQB
wDZMAwQBwDa6MA0GCSqGSIb3DQEBCwUAA4IBAQB0GbmnK6/kQZh2HuFVcqUFx7r2
Xvu7HkRv1NNU8qpakQK2rtcPZtFs46uL0MFYpNB5mZ4X9aLH8wP50IUFWSd224jc
w4Icvaq+OuaA2bqC5vDRVceNeXnJUMB3ESAM7I8rQv1+h3YLauOwmSVUF9wd0Qhq
aupl5xtGO+uW92BY4G9MiujsAgYbkhhaNc5UmDwMgy620ctd5AioCeFBzy7UvGuv
1zLTu/R2BIbLp1b0bFa8gYWC227GYIR4jNHm3ddhj1FSxtxb1bsD3l1NUw7KAcwW
SOxTVwfFLZYlZkfrWaCJZXTLcab1lfrF5+F4k3CHvoZF2FSGUwtGUBg13Pc/
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:05:18 2024 by rpki-client on console-ams.rpki-client.org