Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/VUBbUZPKO0m5rSJLWL_jbP8QkWE.roa
File: VUBbUZPKO0m5rSJLWL_jbP8QkWE.roa (raw, json)
Hash identifier: LVLEy0InwsbvSVWjCENcp72Kw8G9KBfgxpM+BQHUsF0=
Subject key identifier: 55:40:5B:51:93:CA:3B:49:B9:AD:22:4B:58:BF:E3:6C:FF:10:91:61
Certificate issuer: /CN=102bc98d33270952534130afb4de696d8c340215
Certificate serial: 018CE81CB4324C77F3142D9ABD5BD55A81AF
Authority key identifier: 10:2B:C9:8D:33:27:09:52:53:41:30:AF:B4:DE:69:6D:8C:34:02:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECvJjTMnCVJTQTCvtN5pbYw0AhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/VUBbUZPKO0m5rSJLWL_jbP8QkWE.roa
Signing time: Mon 08 Jan 2024 08:07:24 +0000
ROA not before: Mon 08 Jan 2024 08:07:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49126
IP address blocks: 185.216.112.0/24 maxlen: 24
185.216.113.0/24 maxlen: 24
185.216.115.0/24 maxlen: 24
185.216.114.0/24 maxlen: 24
185.95.164.0/24 maxlen: 24
185.95.166.0/24 maxlen: 24
185.95.165.0/24 maxlen: 24
185.95.167.0/24 maxlen: 24
185.153.222.0/24 maxlen: 24
185.153.221.0/24 maxlen: 24
185.153.223.0/24 maxlen: 24
185.153.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/ECvJjTMnCVJTQTCvtN5pbYw0AhU.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/ECvJjTMnCVJTQTCvtN5pbYw0AhU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECvJjTMnCVJTQTCvtN5pbYw0AhU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:1c:b4:32:4c:77:f3:14:2d:9a:bd:5b:d5:5a:81:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=102bc98d33270952534130afb4de696d8c340215
Validity
Not Before: Jan 8 08:07:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55405b5193ca3b49b9ad224b58bfe36cff109161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:69:26:35:fa:88:e6:2f:8e:b3:3e:61:64:2a:
59:42:c0:3c:6f:21:0e:10:81:03:b7:d9:f0:5f:2a:
0d:61:50:0d:16:52:8e:c5:13:8c:d5:0a:f5:8f:67:
1f:ce:27:47:2b:43:5f:6c:0e:4c:f8:de:70:f6:34:
e7:cf:72:0f:ba:69:91:da:7f:18:15:03:09:03:38:
d3:17:24:43:8e:c3:48:66:93:47:ef:56:f6:26:15:
e3:d1:30:ad:38:c3:e0:48:1f:67:e8:5a:88:64:8b:
2c:c9:91:88:84:68:12:a9:91:1c:01:47:25:26:9a:
ad:4c:3b:61:ad:45:ab:0c:66:a1:03:0b:c4:4d:cd:
6d:10:97:6d:1e:7d:74:71:a2:50:47:46:d2:79:b3:
9b:85:96:79:a3:a4:2c:19:2c:62:2b:b6:3e:56:10:
a9:2f:1e:48:66:79:a4:8d:d7:ce:52:36:d1:97:76:
07:14:a1:91:4b:6f:9a:44:2e:b6:8e:be:d5:66:22:
36:0b:26:da:cf:4c:1d:52:d2:02:cc:4c:95:bd:e9:
1c:b8:fc:49:00:fe:9f:ab:e9:a0:68:e4:fe:da:99:
5b:16:90:ac:11:29:4e:c5:5d:39:df:ab:d4:fa:dc:
53:2d:e3:71:cd:8a:e5:1e:86:3b:18:c9:fb:1e:b2:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:40:5B:51:93:CA:3B:49:B9:AD:22:4B:58:BF:E3:6C:FF:10:91:61
X509v3 Authority Key Identifier:
keyid:10:2B:C9:8D:33:27:09:52:53:41:30:AF:B4:DE:69:6D:8C:34:02:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECvJjTMnCVJTQTCvtN5pbYw0AhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/VUBbUZPKO0m5rSJLWL_jbP8QkWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/ECvJjTMnCVJTQTCvtN5pbYw0AhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.164.0/22
185.153.220.0/22
185.216.112.0/22
Signature Algorithm: sha256WithRSAEncryption
17:c5:44:d5:cd:a4:d3:a0:05:11:ab:9e:50:cf:a0:30:6a:a7:
14:40:c8:0e:40:0c:72:16:19:75:56:f3:65:e0:30:d2:75:8d:
5b:9c:00:c4:7c:66:3a:3f:a0:8f:0a:67:f6:d5:01:6b:f6:2e:
a8:08:d4:90:09:16:34:0d:ec:e9:67:28:26:82:c5:88:8d:ca:
e1:4f:31:d1:02:ef:34:82:ad:e5:b3:23:4f:6b:52:03:0d:f6:
a0:94:fc:68:74:75:e6:15:6a:b2:1b:c3:51:0d:92:07:ce:e0:
f4:fe:89:f9:c0:5b:da:bc:7f:3e:15:7a:c2:96:8d:73:3a:7b:
c8:a0:ed:83:ff:78:3f:9b:11:21:63:71:a6:9d:2a:0f:9c:71:
fa:d3:fd:21:8b:db:af:db:ea:f2:1c:9e:04:d2:c9:9d:78:7e:
d0:61:c7:c6:20:c2:d6:f0:36:b5:8a:90:9e:16:9e:4c:e2:ea:
27:dc:12:9c:e9:be:0e:f4:82:fc:2f:c5:b3:63:d4:e6:d6:2f:
84:ca:ea:70:a5:96:7a:b5:76:87:dc:ab:97:11:17:61:76:41:
2a:b1:7f:75:c1:ad:cc:b3:02:dd:d2:e0:1b:98:27:a5:1f:7e:
4f:8a:fd:66:d4:81:7f:78:68:3a:4a:f5:11:6e:91:25:3d:a9:
0e:28:af:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzoHLQyTHfzFC2avVvVWoGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMmJjOThkMzMyNzA5NTI1MzQxMzBhZmI0ZGU2OTZkOGMz
NDAyMTUwHhcNMjQwMTA4MDgwNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTQwNWI1MTkzY2EzYjQ5YjlhZDIyNGI1OGJmZTM2Y2ZmMTA5MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2kmNfqI5i+Osz5hZCpZQsA8byEO
EIEDt9nwXyoNYVANFlKOxROM1Qr1j2cfzidHK0NfbA5M+N5w9jTnz3IPummR2n8Y
FQMJAzjTFyRDjsNIZpNH71b2JhXj0TCtOMPgSB9n6FqIZIssyZGIhGgSqZEcAUcl
JpqtTDthrUWrDGahAwvETc1tEJdtHn10caJQR0bSebObhZZ5o6QsGSxiK7Y+VhCp
Lx5IZnmkjdfOUjbRl3YHFKGRS2+aRC62jr7VZiI2Cybaz0wdUtICzEyVvekcuPxJ
AP6fq+mgaOT+2plbFpCsESlOxV0536vU+txTLeNxzYrlHoY7GMn7HrIbfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFVAW1GTyjtJua0iS1i/42z/EJFhMB8GA1UdIwQY
MBaAFBAryY0zJwlSU0Ewr7TeaW2MNAIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUN2SmpUTW5DVkpUUVRDdnRONXBiWXcwQWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85M2M5ZDgtNTE4My00MDdiLTgyZDAt
OGVlNWZhNDMzMWJlLzEvVlVCYlVaUEtPMG01clNKTFdMX2piUDhRa1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS85M2M5ZDgtNTE4My00MDdiLTgyZDAtOGVlNWZhNDMzMWJl
LzEvRUN2SmpUTW5DVkpUUVRDdnRONXBiWXcwQWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuV+kAwQC
uZncAwQCudhwMA0GCSqGSIb3DQEBCwUAA4IBAQAXxUTVzaTToAURq55Qz6AwaqcU
QMgOQAxyFhl1VvNl4DDSdY1bnADEfGY6P6CPCmf21QFr9i6oCNSQCRY0DezpZygm
gsWIjcrhTzHRAu80gq3lsyNPa1IDDfaglPxodHXmFWqyG8NRDZIHzuD0/on5wFva
vH8+FXrClo1zOnvIoO2D/3g/mxEhY3GmnSoPnHH60/0hi9uv2+ryHJ4E0smdeH7Q
YcfGIMLW8Da1ipCeFp5M4uon3BKc6b4O9IL8L8WzY9Tm1i+EyupwpZZ6tXaH3KuX
ERdhdkEqsX91wa3MswLd0uAbmCelH35Piv1m1IF/eGg6SvURbpElPakOKK+e
-----END CERTIFICATE-----
Generated at Sat Jun 29 00:55:47 2024 by rpki-client on console-fra.rpki-client.org