Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/Vh_ZJR2Va8KPWVELlBp1ihl5_Sc.roa
File: Vh_ZJR2Va8KPWVELlBp1ihl5_Sc.roa (raw, json)
Hash identifier: YTCDI8cRW5Il5oLos1iN4VaD0xrZb20P8lS1ni+PULo=
Subject key identifier: 56:1F:D9:25:1D:95:6B:C2:8F:59:51:0B:94:1A:75:8A:19:79:FD:27
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 018FD8E96D6C7713D0A1717E09AD77DDACED
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/Vh_ZJR2Va8KPWVELlBp1ihl5_Sc.roa
Signing time: Sun 02 Jun 2024 12:25:27 +0000
ROA not before: Sun 02 Jun 2024 12:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57324
IP address blocks: 79.132.195.0/24 maxlen: 24
79.132.196.0/24 maxlen: 24
79.132.197.0/24 maxlen: 24
79.132.198.0/24 maxlen: 24
79.132.199.0/24 maxlen: 24
86.111.144.0/24 maxlen: 24
86.111.145.0/24 maxlen: 24
86.111.146.0/24 maxlen: 24
86.111.147.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.114.0/24 maxlen: 24
109.230.115.0/24 maxlen: 24
109.230.120.0/24 maxlen: 24
109.230.122.0/24 maxlen: 24
109.230.123.0/24 maxlen: 24
109.230.124.0/24 maxlen: 24
109.230.126.0/24 maxlen: 24
109.230.127.0/24 maxlen: 24
122.102.116.0/24 maxlen: 24
122.102.117.0/24 maxlen: 24
122.102.118.0/24 maxlen: 24
185.113.105.0/24 maxlen: 24
185.113.107.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
202.164.193.0/24 maxlen: 24
202.164.194.0/24 maxlen: 24
202.164.195.0/24 maxlen: 24
202.164.197.0/24 maxlen: 24
202.164.198.0/24 maxlen: 24
202.164.199.0/24 maxlen: 24
202.164.200.0/24 maxlen: 24
202.164.201.0/24 maxlen: 24
202.164.202.0/24 maxlen: 24
202.164.203.0/24 maxlen: 24
202.164.204.0/24 maxlen: 24
202.164.205.0/24 maxlen: 24
2a03:c340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:e9:6d:6c:77:13:d0:a1:71:7e:09:ad:77:dd:ac:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Jun 2 12:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=561fd9251d956bc28f59510b941a758a1979fd27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:50:5b:0b:72:cc:b5:38:84:6d:2c:b4:6d:37:
46:9b:00:51:b8:b3:41:a4:11:8c:a5:77:bf:06:6a:
2e:b1:ce:5e:a6:4e:06:f2:17:56:68:35:3c:1f:5d:
f8:2b:77:55:18:83:1f:ea:f0:69:f3:b3:21:e3:61:
c3:ff:ca:11:fc:a7:55:b2:a5:81:c0:63:0b:2a:07:
03:71:e8:ca:1a:1c:1f:cc:45:35:7e:fa:12:0c:92:
8e:17:aa:86:0a:f2:85:a9:c9:96:1e:a4:fb:7c:f6:
a6:32:41:5f:25:30:3e:e7:d2:3a:a3:ff:f7:68:aa:
10:1e:46:35:eb:40:75:3f:16:b0:5e:de:6c:29:bf:
7c:c5:1b:26:e8:28:24:e0:02:eb:bf:ec:59:96:9c:
76:e9:fb:21:bb:49:e2:4e:0a:1e:3a:e3:8a:69:28:
e2:42:58:47:b0:bb:d4:84:ee:45:3a:39:a3:50:3e:
8b:6f:be:74:66:12:94:08:ed:e7:7c:0d:81:db:ed:
1f:92:71:9d:80:77:42:1b:22:ba:96:78:c9:d4:61:
61:27:78:10:cd:e3:b0:3e:9c:d4:32:13:21:7c:14:
00:bb:fc:1e:67:15:91:1e:e2:8c:89:b0:a8:bb:f1:
47:a5:64:6a:25:65:aa:ed:dc:a3:79:bb:e1:f3:39:
b8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1F:D9:25:1D:95:6B:C2:8F:59:51:0B:94:1A:75:8A:19:79:FD:27
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/Vh_ZJR2Va8KPWVELlBp1ihl5_Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.195.0-79.132.199.255
86.111.144.0/22
109.230.112.0/24
109.230.114.0/23
109.230.120.0/24
109.230.122.0-109.230.124.255
109.230.126.0/23
122.102.116.0-122.102.118.255
185.113.105.0/24
185.113.107.0/24
202.164.192.0/22
202.164.197.0-202.164.205.255
IPv6:
2a03:c340::/32
Signature Algorithm: sha256WithRSAEncryption
58:5a:e5:38:29:4f:20:e9:93:93:c1:8c:59:48:c9:aa:c2:d1:
54:b5:e6:7a:3c:f7:10:00:75:0a:e2:03:7a:5f:ec:91:2e:63:
79:d7:65:f6:49:51:2f:a9:fb:80:e7:fa:bd:91:11:a6:b8:1a:
9a:37:9f:31:6c:16:51:b7:a1:a9:56:a9:01:aa:94:8b:b9:50:
9a:52:35:e6:73:9b:39:49:f7:e7:fd:b9:e8:01:61:d5:ff:4f:
fb:8c:01:06:b6:0a:ed:90:03:2e:5b:71:e9:b1:80:52:b3:f2:
5b:4f:be:9f:19:92:77:94:39:22:80:4d:8d:2c:f0:a2:4f:2c:
33:a0:e4:93:3c:c3:a7:28:b1:01:a4:5a:61:95:62:a8:7b:e4:
86:30:4e:32:3f:27:42:34:e1:e0:42:1d:47:b2:35:ce:59:46:
74:fc:07:be:9c:3d:a8:c0:e6:28:ae:4a:d5:ee:b1:98:fa:3e:
03:44:1c:a8:71:ed:f1:a0:83:8f:1d:b0:2f:15:23:2f:60:df:
7d:9a:ab:e8:9b:6f:52:a8:eb:fd:b6:1d:84:e7:4c:19:87:39:
f1:e5:ab:7b:0f:ea:dd:78:47:9c:02:92:e0:22:cf:23:bb:34:
7d:a6:06:fc:7a:7a:92:35:d3:d2:b9:83:ce:43:04:5e:68:23:
8b:3c:81:df
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAY/Y6W1sdxPQoXF+Ca133aztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQwNjAyMTIyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFmZDkyNTFkOTU2YmMyOGY1OTUxMGI5NDFhNzU4YTE5NzlmZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41BbC3LMtTiEbSy0bTdGmwBRuLNB
pBGMpXe/Bmousc5epk4G8hdWaDU8H134K3dVGIMf6vBp87Mh42HD/8oR/KdVsqWB
wGMLKgcDcejKGhwfzEU1fvoSDJKOF6qGCvKFqcmWHqT7fPamMkFfJTA+59I6o//3
aKoQHkY160B1PxawXt5sKb98xRsm6Cgk4ALrv+xZlpx26fshu0niTgoeOuOKaSji
QlhHsLvUhO5FOjmjUD6Lb750ZhKUCO3nfA2B2+0fknGdgHdCGyK6lnjJ1GFhJ3gQ
zeOwPpzUMhMhfBQAu/weZxWRHuKMibCou/FHpWRqJWWq7dyjebvh8zm4GwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFFYf2SUdlWvCj1lRC5QadYoZef0nMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvVmhfWkpSMlZhOEtQV1ZFTGxCcDFpaGw1X1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgwDAMEAE+E
wwMEA0+EwAMEAlZvkAMEAG3mcAMEAW3mcgMEAG3meDAMAwQBbeZ6AwQAbeZ8AwQB
beZ+MAwDBAJ6ZnQDBAB6ZnYDBAC5cWkDBAC5cWsDBALKpMAwDAMEAMqkxQMEAcqk
zDANBAIAAjAHAwUAKgPDQDANBgkqhkiG9w0BAQsFAAOCAQEAWFrlOClPIOmTk8GM
WUjJqsLRVLXmejz3EAB1CuIDel/skS5jeddl9klRL6n7gOf6vZERprgamjefMWwW
UbehqVapAaqUi7lQmlI15nObOUn35/256AFh1f9P+4wBBrYK7ZADLltx6bGAUrPy
W0++nxmSd5Q5IoBNjSzwok8sM6DkkzzDpyixAaRaYZViqHvkhjBOMj8nQjTh4EId
R7I1zllGdPwHvpw9qMDmKK5K1e6xmPo+A0QcqHHt8aCDjx2wLxUjL2DffZqr6Jtv
Uqjr/bYdhOdMGYc58eWrew/q3XhHnAKS4CLPI7s0faYG/Hp6kjXT0rmDzkMEXmgj
izyB3w==
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:05:17 2024 by rpki-client on console-fra.rpki-client.org