Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/VD4ni9UiF7Q3aW0-bubY4qKlm-4.roa
File: VD4ni9UiF7Q3aW0-bubY4qKlm-4.roa (raw, json)
Hash identifier: 2VSauzYkVF/83m1L9h8zYtv5O6T0ybOQeT5AhcEBkKI=
Subject key identifier: 54:3E:27:8B:D5:22:17:B4:37:69:6D:3E:6E:E6:D8:E2:A2:A5:9B:EE
Certificate issuer: /CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Certificate serial: 018CC3B7118437A0DFE927BB3856B3129D79
Authority key identifier: A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/VD4ni9UiF7Q3aW0-bubY4qKlm-4.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20694
IP address blocks: 185.166.200.0/22 maxlen: 22
217.114.64.0/20 maxlen: 20
188.94.24.0/21 maxlen: 21
2a01:688::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/o082XngGS1jETUjPs5KR0_sdnhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/o082XngGS1jETUjPs5KR0_sdnhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:11:84:37:a0:df:e9:27:bb:38:56:b3:12:9d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=543e278bd52217b437696d3e6ee6d8e2a2a59bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:29:59:6b:9e:e8:60:77:c3:6b:ba:de:a4:8b:
93:4f:0d:e3:62:8d:ac:89:8b:cb:50:57:da:5c:7d:
78:51:31:b3:4d:02:e3:49:b9:30:b0:2e:7a:73:ec:
6e:67:25:84:5d:51:eb:c7:e3:32:92:35:f6:0d:6f:
bd:65:bf:0e:ad:03:de:c8:5d:f6:d3:c0:65:c8:e1:
06:ad:46:80:f9:9f:c4:6c:4a:1b:a7:cb:1e:ff:fb:
f2:96:42:92:ca:8f:89:ad:42:f2:61:87:95:aa:04:
4c:d8:6b:bf:1b:66:57:b2:24:42:d6:2a:3e:70:7e:
8e:b2:92:dc:47:21:be:39:a2:b1:94:fd:71:80:0e:
37:3c:15:22:c4:19:5c:6c:fb:88:ea:b9:6a:04:0a:
06:92:18:ca:ba:e0:3e:1b:c4:33:0f:e9:0a:74:e1:
12:ac:4e:4e:08:e0:fb:ac:df:0c:ec:9e:fa:46:7b:
d8:31:02:2b:87:2a:87:7f:b9:2f:75:fb:b0:13:ec:
7c:1b:16:17:c9:82:b9:bb:b7:5d:b3:5a:5a:99:52:
87:42:23:de:fb:45:26:14:17:53:0f:b6:be:79:8f:
c1:df:44:e9:5c:57:71:d6:58:07:3d:a6:ce:ef:92:
c8:d5:13:e1:57:43:25:81:e4:b1:36:5f:79:b2:d4:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3E:27:8B:D5:22:17:B4:37:69:6D:3E:6E:E6:D8:E2:A2:A5:9B:EE
X509v3 Authority Key Identifier:
keyid:A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/VD4ni9UiF7Q3aW0-bubY4qKlm-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/o082XngGS1jETUjPs5KR0_sdnhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.200.0/22
188.94.24.0/21
217.114.64.0/20
IPv6:
2a01:688::/32
Signature Algorithm: sha256WithRSAEncryption
2c:3a:fe:69:24:3b:f5:fa:5a:e4:0b:6b:5c:60:fb:c6:bb:91:
e1:04:6f:b8:5e:c2:c5:3e:c8:28:a3:00:72:5d:41:9a:4d:bd:
3b:fe:6f:26:be:51:26:d6:02:52:da:65:b2:3c:eb:e8:89:52:
0c:70:93:d6:b4:b5:9e:2a:83:97:b5:bd:f3:a5:96:ba:43:52:
7b:90:37:10:93:7e:54:b9:4d:8c:76:4e:ed:f7:53:02:67:39:
1d:a6:f3:01:37:cf:5a:7a:8c:ad:58:01:9f:56:96:9b:28:e2:
3a:06:0b:be:80:fb:f9:d2:60:e2:07:de:75:98:9c:e9:1d:32:
19:7b:62:e1:ee:35:fa:5c:c4:50:89:7f:a8:45:b5:fc:8a:03:
ba:0f:a3:2e:94:3b:db:db:ce:db:d7:aa:e1:c1:4a:93:06:9a:
15:35:fb:24:38:31:b5:f8:a5:34:7e:a5:26:97:87:b4:2f:79:
38:d5:24:01:ac:49:13:a5:d5:5a:a5:29:a1:ef:95:af:35:31:
9d:f5:72:f9:43:a7:e0:0d:70:33:7b:93:69:22:93:02:93:2e:
8c:39:83:8d:cc:7d:56:b1:d9:29:76:61:30:4c:59:9f:8f:7e:
5a:19:a9:ef:67:13:45:10:d4:d7:a4:85:e9:7e:4d:ce:b6:3d:
5a:25:b5:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtxGEN6Df6Se7OFazEp15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNGYzNjVlNzgwNjRiNThjNDRkNDhjZmIzOTI5MWQzZmIx
ZDllMTAwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNlMjc4YmQ1MjIxN2I0Mzc2OTZkM2U2ZWU2ZDhlMmEyYTU5YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqylZa57oYHfDa7repIuTTw3jYo2s
iYvLUFfaXH14UTGzTQLjSbkwsC56c+xuZyWEXVHrx+MykjX2DW+9Zb8OrQPeyF32
08BlyOEGrUaA+Z/EbEobp8se//vylkKSyo+JrULyYYeVqgRM2Gu/G2ZXsiRC1io+
cH6OspLcRyG+OaKxlP1xgA43PBUixBlcbPuI6rlqBAoGkhjKuuA+G8QzD+kKdOES
rE5OCOD7rN8M7J76RnvYMQIrhyqHf7kvdfuwE+x8GxYXyYK5u7dds1pamVKHQiPe
+0UmFBdTD7a+eY/B30TpXFdx1lgHPabO75LI1RPhV0MlgeSxNl95stSfgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFQ+J4vVIhe0N2ltPm7m2OKipZvuMB8GA1UdIwQY
MBaAFKNPNl54BktYxE1Iz7OSkdP7HZ4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTIt
MDQxYjc4YWRhMjE1LzEvVkQ0bmk5VWlGN1EzYVcwLWJ1Ylk0cUtsbS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTItMDQxYjc4YWRhMjE1
LzEvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuabIAwQD
vF4YAwQE2XJAMA0EAgACMAcDBQAqAQaIMA0GCSqGSIb3DQEBCwUAA4IBAQAsOv5p
JDv1+lrkC2tcYPvGu5HhBG+4XsLFPsgoowByXUGaTb07/m8mvlEm1gJS2mWyPOvo
iVIMcJPWtLWeKoOXtb3zpZa6Q1J7kDcQk35UuU2Mdk7t91MCZzkdpvMBN89aeoyt
WAGfVpabKOI6Bgu+gPv50mDiB951mJzpHTIZe2Lh7jX6XMRQiX+oRbX8igO6D6Mu
lDvb287b16rhwUqTBpoVNfskODG1+KU0fqUml4e0L3k41SQBrEkTpdVapSmh75Wv
NTGd9XL5Q6fgDXAze5NpIpMCky6MOYONzH1WsdkpdmEwTFmfj35aGanvZxNFENTX
pIXpfk3Otj1aJbV3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:17 2024 by rpki-client on console-fra.rpki-client.org