Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Vk9eiz9TwxuV9A_neyEZ4qdEzjg.roa
File: Vk9eiz9TwxuV9A_neyEZ4qdEzjg.roa (raw, json)
Hash identifier: xWRae3DYkd4xic0RCkLT3W1xbU6zPVO2i8Og9J3DsbA=
Subject key identifier: 56:4F:5E:8B:3F:53:C3:1B:95:F4:0F:E7:7B:21:19:E2:A7:44:CE:38
Certificate issuer: /CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Certificate serial: 018CC49389C19902FA46E6DBFA53BCD6975D
Authority key identifier: 06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Vk9eiz9TwxuV9A_neyEZ4qdEzjg.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8387
IP address blocks: 92.61.208.0/20 maxlen: 24
185.49.176.0/22 maxlen: 24
212.166.96.0/19 maxlen: 24
212.31.64.0/19 maxlen: 24
193.162.45.0/24 maxlen: 24
212.166.108.0/24 maxlen: 24
212.166.122.0/23 maxlen: 23
46.17.224.0/21 maxlen: 24
2a10:f8c0::/29 maxlen: 48
2001:9d0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:89:c1:99:02:fa:46:e6:db:fa:53:bc:d6:97:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=564f5e8b3f53c31b95f40fe77b2119e2a744ce38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:75:d3:e4:53:25:fb:42:29:70:2c:18:85:21:
37:94:97:29:3d:74:a4:22:2d:ab:70:45:7a:9c:74:
76:3d:4a:a8:23:81:1f:c7:02:d4:26:e0:c7:8c:27:
18:69:71:f1:ab:48:3c:73:2b:dd:86:33:f2:1b:fd:
59:64:d6:b2:b5:38:2c:b5:9d:83:ea:47:e0:22:32:
e3:f2:b7:89:36:42:6f:e4:1d:58:66:de:19:11:a8:
0a:32:a5:0b:e1:cf:0a:3a:1c:e7:a3:9d:b0:ce:6d:
4f:f0:31:79:e7:4f:5b:60:03:11:59:09:6f:67:a5:
5b:42:e4:e9:20:37:0a:9c:75:ed:2f:86:3a:d8:3e:
8f:b3:b1:a8:7f:cd:b7:9e:b7:e8:c7:03:43:21:36:
30:3c:e5:a0:5f:0e:4d:b4:fa:65:d7:58:e1:ba:30:
bd:17:78:75:5c:b2:ce:f8:0d:81:6b:a8:f8:27:66:
ad:87:42:5f:c1:43:4f:58:6c:8e:ac:3d:9f:3a:e2:
9f:97:5b:3d:f0:db:4a:bf:65:d3:b0:b6:7a:1f:e4:
98:34:20:1a:84:7d:02:5e:4b:13:7c:cc:87:04:42:
7f:f0:cf:3a:1f:12:89:11:01:7c:53:17:ed:a2:ff:
25:16:7a:9c:fd:a0:cf:b8:a1:f2:70:af:b6:f6:7d:
dd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4F:5E:8B:3F:53:C3:1B:95:F4:0F:E7:7B:21:19:E2:A7:44:CE:38
X509v3 Authority Key Identifier:
keyid:06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Vk9eiz9TwxuV9A_neyEZ4qdEzjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.224.0/21
92.61.208.0/20
185.49.176.0/22
193.162.45.0/24
212.31.64.0/19
212.166.96.0/19
IPv6:
2001:9d0::/32
2a10:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
90:2e:eb:9e:ea:7d:ff:54:f8:41:38:bd:e3:fb:af:0b:02:a7:
8d:22:99:0a:1f:bf:1a:78:37:32:28:96:b1:05:15:7d:91:a3:
f0:71:7d:89:40:06:1d:5a:b8:83:aa:e3:b4:b4:cd:23:5b:05:
e6:35:7b:50:5f:3d:c8:3a:2b:93:a5:b5:35:b5:a5:c2:0c:08:
30:9f:61:8d:db:88:4f:6b:16:89:ac:bf:89:09:62:cd:8c:19:
46:eb:1d:61:ac:ea:20:63:23:88:c2:5e:2e:c1:8e:a0:9e:86:
fd:5f:d9:5c:c4:3f:a9:21:72:54:0b:74:ba:54:fc:44:e8:f3:
32:8d:7b:7f:3c:f3:04:51:25:7d:ce:76:5f:5b:66:56:37:53:
25:bb:fc:49:c8:3c:12:bc:a7:b7:99:61:07:9a:be:23:b8:1b:
82:64:eb:d1:1c:2f:1c:6a:28:59:e5:b6:fd:d3:34:c9:db:64:
9a:11:06:ef:9f:4d:c1:51:2e:ab:27:35:00:c5:bf:9a:40:02:
30:ae:aa:7f:be:9a:78:b1:89:ab:82:1c:c4:19:37:aa:ef:f9:
57:59:04:cc:2b:1d:bf:2b:f6:29:6a:b7:32:32:b6:5f:f4:3b:
8f:77:df:2f:bd:b9:a4:71:0e:f9:cb:f3:e7:c2:94:70:19:3f:
57:58:c4:b6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzEk4nBmQL6Rubb+lO81pddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2M2JhZGM3ODUzYjA1MTAwYTZiMjI0ZGRjZWZjMThlMmU3
ZDNkZDUwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRmNWU4YjNmNTNjMzFiOTVmNDBmZTc3YjIxMTllMmE3NDRjZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XXT5FMl+0IpcCwYhSE3lJcpPXSk
Ii2rcEV6nHR2PUqoI4EfxwLUJuDHjCcYaXHxq0g8cyvdhjPyG/1ZZNaytTgstZ2D
6kfgIjLj8reJNkJv5B1YZt4ZEagKMqUL4c8KOhzno52wzm1P8DF5509bYAMRWQlv
Z6VbQuTpIDcKnHXtL4Y62D6Ps7Gof823nrfoxwNDITYwPOWgXw5NtPpl11jhujC9
F3h1XLLO+A2Ba6j4J2ath0JfwUNPWGyOrD2fOuKfl1s98NtKv2XTsLZ6H+SYNCAa
hH0CXksTfMyHBEJ/8M86HxKJEQF8Uxftov8lFnqc/aDPuKHycK+29n3d5QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFZPXos/U8MblfQP53shGeKnRM44MB8GA1UdIwQY
MBaAFAY7rceFOwUQCmsiTdzvwY4ufT3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYt
YTIzNzQ0NGFmODI5LzEvVms5ZWl6OVR3eHVWOUFfbmV5RVo0cWRFempnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5
LzEvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDLhHgAwQE
XD3QAwQCuTGwAwQAwaItAwQF1B9AAwQF1KZgMBQEAgACMA4DBQAgAQnQAwUDKhD4
wDANBgkqhkiG9w0BAQsFAAOCAQEAkC7rnup9/1T4QTi94/uvCwKnjSKZCh+/Gng3
MiiWsQUVfZGj8HF9iUAGHVq4g6rjtLTNI1sF5jV7UF89yDork6W1NbWlwgwIMJ9h
jduIT2sWiay/iQlizYwZRusdYazqIGMjiMJeLsGOoJ6G/V/ZXMQ/qSFyVAt0ulT8
ROjzMo17fzzzBFElfc52X1tmVjdTJbv8Scg8Erynt5lhB5q+I7gbgmTr0RwvHGoo
WeW2/dM0ydtkmhEG759NwVEuqyc1AMW/mkACMK6qf76aeLGJq4IcxBk3qu/5V1kE
zCsdvyv2KWq3MjK2X/Q7j3ffL725pHEO+cvz58KUcBk/V1jEtg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:46:45 2024 by rpki-client on console-fra.rpki-client.org