Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Vq3ZA3hPTD0NsgwGANoUY7uBK-A.roa
File: Vq3ZA3hPTD0NsgwGANoUY7uBK-A.roa (raw, json)
Hash identifier: UsfWT3z33WFHvXGnF7ZRjPHyLVWNkowaXe6GcPoSsw8=
Subject key identifier: 56:AD:D9:03:78:4F:4C:3D:0D:B2:0C:06:00:DA:14:63:BB:81:2B:E0
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 01932F833C0954F78048662A44F08A07F55C
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Vq3ZA3hPTD0NsgwGANoUY7uBK-A.roa
Signing time: Fri 15 Nov 2024 11:09:09 +0000
ROA not before: Fri 15 Nov 2024 11:09:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35179
IP address blocks: 79.110.192.0/20 maxlen: 24
83.168.71.0/24 maxlen: 24
83.168.72.0/21 maxlen: 24
83.168.80.0/21 maxlen: 21
83.168.88.0/22 maxlen: 22
83.168.100.0/22 maxlen: 24
83.168.108.0/23 maxlen: 23
83.168.114.0/23 maxlen: 23
83.168.116.0/23 maxlen: 23
83.168.120.0/23 maxlen: 23
83.168.126.0/23 maxlen: 23
185.49.29.0/24 maxlen: 24
185.49.30.0/23 maxlen: 23
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:83:3c:09:54:f7:80:48:66:2a:44:f0:8a:07:f5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Nov 15 11:09:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56add903784f4c3d0db20c0600da1463bb812be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7c:ab:11:a1:f9:d5:b1:d0:c7:44:32:de:4e:
aa:7b:e8:9a:cb:9c:0c:8d:ec:24:8b:23:85:1d:27:
9a:06:44:5c:43:ca:73:69:62:59:aa:9d:0b:52:9d:
b9:e8:ef:e1:c7:30:06:6c:45:f3:91:89:2c:47:f5:
c2:1a:b6:7e:b3:06:28:83:65:4d:bd:df:02:80:8a:
70:17:12:21:6e:1a:43:56:53:fa:90:93:c4:02:ab:
42:ea:51:4e:70:28:2b:38:e7:7b:3a:cd:13:26:0e:
42:d9:19:ee:b7:5c:ee:83:e9:e8:e0:3e:f7:5b:11:
ff:82:d3:a2:9b:7a:4a:fc:1d:cf:d8:c3:e1:0c:fb:
4b:b5:c6:40:5d:5c:d9:8a:35:60:4d:ea:64:84:2b:
9a:0d:f5:ff:3b:bf:20:03:ce:23:7d:e0:e1:b2:7a:
74:8e:c6:58:30:a6:b8:93:07:68:ba:b4:4f:71:42:
d4:26:08:2c:92:21:c9:09:e0:21:d5:a1:d8:a6:9d:
f4:16:f3:c8:29:93:a6:de:3b:28:5e:0b:d9:a6:1f:
6e:a0:06:70:c0:c8:c3:c4:6c:6e:40:25:26:5f:8f:
a9:ef:fc:08:ee:21:a0:f9:e9:2e:e3:79:69:4b:e3:
b4:88:5f:5e:f3:8b:3c:17:3f:4d:45:6a:32:33:01:
75:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AD:D9:03:78:4F:4C:3D:0D:B2:0C:06:00:DA:14:63:BB:81:2B:E0
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Vq3ZA3hPTD0NsgwGANoUY7uBK-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.71.0-83.168.91.255
83.168.100.0/22
83.168.108.0/23
83.168.114.0-83.168.117.255
83.168.120.0/23
83.168.126.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
07:cd:f5:56:a4:90:2f:cb:b9:f4:88:06:cf:ac:4c:c9:10:f8:
15:d4:99:f9:32:7f:8a:19:d0:ac:fc:a3:9d:13:bf:56:3b:61:
ff:c3:27:9c:93:90:04:61:94:6f:9f:3d:b9:7c:e3:d5:f8:bd:
9c:73:18:08:36:67:3d:e1:aa:24:5d:8e:80:fa:c2:ae:8f:f9:
64:d8:b5:df:15:68:0f:70:1e:b2:a3:38:f9:34:ea:b6:87:2a:
90:1f:27:7c:2b:0d:e1:06:30:10:fa:7b:ed:d1:61:7f:ec:cb:
7a:6b:d7:b8:a0:a9:21:81:05:d3:91:18:72:55:80:6d:09:03:
f2:7d:f1:b8:17:28:73:3e:b4:6a:42:d9:47:16:e8:ff:b4:85:
1e:49:7f:42:cb:92:b9:16:05:6e:dd:33:ad:b1:7c:ac:b6:67:
77:1d:56:c7:e4:1e:a2:65:58:dc:ee:19:f3:25:68:a8:54:43:
f3:96:3b:ee:90:28:56:6e:dd:08:94:d9:e5:57:00:f4:6f:24:
c5:ce:28:b7:ae:91:88:d9:18:64:d1:5d:7e:b5:91:72:23:fb:
0a:40:ab:62:33:c5:51:86:71:01:f6:0f:06:83:17:2c:cc:fb:
51:16:6f:c8:43:59:e0:96:b7:20:41:93:e9:d7:5a:e6:c2:07:
63:f6:68:c1
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZMvgzwJVPeASGYqRPCKB/VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQxMTE1MTEwOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmFkZDkwMzc4NGY0YzNkMGRiMjBjMDYwMGRhMTQ2M2JiODEyYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHyrEaH51bHQx0Qy3k6qe+iay5wM
jewkiyOFHSeaBkRcQ8pzaWJZqp0LUp256O/hxzAGbEXzkYksR/XCGrZ+swYog2VN
vd8CgIpwFxIhbhpDVlP6kJPEAqtC6lFOcCgrOOd7Os0TJg5C2Rnut1zug+no4D73
WxH/gtOim3pK/B3P2MPhDPtLtcZAXVzZijVgTepkhCuaDfX/O78gA84jfeDhsnp0
jsZYMKa4kwdourRPcULUJggskiHJCeAh1aHYpp30FvPIKZOm3jsoXgvZph9uoAZw
wMjDxGxuQCUmX4+p7/wI7iGg+eku43lpS+O0iF9e84s8Fz9NRWoyMwF1ZwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFFat2QN4T0w9DbIMBgDaFGO7gSvgMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvVnEzWkEzaFBURDBOc2d3R0FOb1VZN3VCSy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQET27AMAwD
BABTqEcDBAJTqFgDBAJTqGQDBAFTqGwwDAMEAVOocgMEAVOodAMEAVOoeAMEAVOo
fjAMAwQAuTEdAwQFuTEAAwQCwe84MA0EAgACMAcDBQAqAZbgMA0GCSqGSIb3DQEB
CwUAA4IBAQAHzfVWpJAvy7n0iAbPrEzJEPgV1Jn5Mn+KGdCs/KOdE79WO2H/wyec
k5AEYZRvnz25fOPV+L2ccxgINmc94aokXY6A+sKuj/lk2LXfFWgPcB6yozj5NOq2
hyqQHyd8Kw3hBjAQ+nvt0WF/7Mt6a9e4oKkhgQXTkRhyVYBtCQPyffG4FyhzPrRq
QtlHFuj/tIUeSX9Cy5K5FgVu3TOtsXystmd3HVbH5B6iZVjc7hnzJWioVEPzljvu
kChWbt0IlNnlVwD0byTFzii3rpGI2Rhk0V1+tZFyI/sKQKtiM8VRhnEB9g8Ggxcs
zPtRFm/IQ1nglrcgQZPp11rmwgdj9mjB
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:56 2024 by rpki-client on console-fra.rpki-client.org