Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/vWpgGxkHdxj1x-HTcTWupCXNgmM.roa
File: vWpgGxkHdxj1x-HTcTWupCXNgmM.roa (raw, json)
Hash identifier: LAwAzmnavmmZk5rE2+QaxhN27P6zySnNKR02rAa6RLI=
Subject key identifier: BD:6A:60:1B:19:07:77:18:F5:C7:E1:D3:71:35:AE:A4:25:CD:82:63
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 018CC500C353F56C7628DE4E7AC0E72460BD
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/vWpgGxkHdxj1x-HTcTWupCXNgmM.roa
Signing time: Mon 01 Jan 2024 12:30:10 +0000
ROA not before: Mon 01 Jan 2024 12:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.74.0/24 maxlen: 24
185.85.72.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c3:53:f5:6c:76:28:de:4e:7a:c0:e7:24:60:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 1 12:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd6a601b19077718f5c7e1d37135aea425cd8263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0f:6d:d4:9b:d3:93:e5:9c:aa:a2:29:84:3c:
86:52:8e:de:76:5f:34:15:89:46:4d:f9:40:23:41:
28:4e:54:00:8a:b0:6b:16:02:c0:86:3c:0f:0b:70:
0a:d2:f7:d1:3a:2f:05:c3:6a:12:41:20:8e:8e:4f:
e7:6b:50:4f:51:2b:54:fb:bb:b0:8b:9c:51:2c:d0:
6b:b0:e3:36:7e:45:ac:c8:9d:06:16:ae:f6:33:46:
0d:c6:9b:bf:66:82:c2:47:3a:98:31:eb:f8:b2:1d:
3f:be:fc:6d:ef:79:81:1b:bb:d4:b6:34:3a:5f:bc:
6a:ff:63:ac:90:a6:f9:09:f3:12:9f:c3:b0:ae:a6:
14:5c:ad:c2:ca:70:16:76:2f:b4:99:33:83:47:5b:
8d:7e:d0:6b:da:98:8c:e9:97:24:88:61:dd:7f:08:
5f:5f:f0:b7:f6:61:6b:43:b8:c8:cf:c5:ed:f4:ba:
97:85:7f:94:31:8d:0d:e4:39:72:74:83:ef:e6:8f:
5b:58:c1:07:9b:4d:2e:f8:e5:80:09:5a:d9:db:4d:
54:c8:68:06:c0:92:ad:32:c3:01:93:4d:4a:01:db:
e3:dc:bc:c0:f4:37:1d:73:f8:98:e9:db:e0:0b:c7:
b8:71:a8:1c:25:97:4a:e9:f4:1c:56:3e:bd:ba:76:
d8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6A:60:1B:19:07:77:18:F5:C7:E1:D3:71:35:AE:A4:25:CD:82:63
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/vWpgGxkHdxj1x-HTcTWupCXNgmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/22
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
61:09:ee:8b:d5:09:23:de:31:2a:c7:12:4e:97:4d:0d:6e:26:
58:7a:29:8b:69:3a:4a:7c:79:02:8f:0c:90:11:1d:27:72:c5:
7a:e2:db:c5:40:8a:7e:df:83:9c:16:b8:b9:ce:dd:32:61:a4:
18:a2:dc:e5:59:e1:4b:9f:3e:45:23:70:5b:0d:cd:7b:5a:3d:
b0:6b:63:fb:01:af:84:d9:a1:4d:de:5f:c3:38:a2:9e:80:58:
fb:a7:4f:6d:14:ec:e3:bf:4d:f5:b0:10:21:21:ba:30:85:5c:
c2:0c:ec:93:77:d3:a5:8b:53:eb:55:b3:bf:4c:a9:2f:46:2b:
e9:af:b0:1c:ae:3b:aa:0a:7a:ba:f8:13:27:cc:9c:d0:0a:3d:
72:e2:3f:8e:98:fb:9e:74:8b:66:2e:7f:59:8b:2f:59:ef:2b:
0c:f9:28:60:28:48:d5:e4:85:03:a9:55:7b:65:2d:13:45:5f:
eb:86:a8:0b:e4:4b:40:49:7a:92:b4:46:bd:0b:4e:09:79:03:
57:d5:17:79:38:f8:ff:d0:50:b4:4a:a6:1b:66:69:0d:fa:c3:
04:cb:1c:90:9f:4b:ff:6e:1c:da:bc:06:63:d8:a4:ab:21:4a:
93:ba:0d:1a:b1:82:24:59:53:b4:ca:f1:9a:1e:3b:93:0a:73:
ee:d7:61:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAMNT9Wx2KN5OesDnJGC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjQwMTAxMTIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZhNjAxYjE5MDc3NzE4ZjVjN2UxZDM3MTM1YWVhNDI1Y2Q4MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA9t1JvTk+WcqqIphDyGUo7edl80
FYlGTflAI0EoTlQAirBrFgLAhjwPC3AK0vfROi8Fw2oSQSCOjk/na1BPUStU+7uw
i5xRLNBrsOM2fkWsyJ0GFq72M0YNxpu/ZoLCRzqYMev4sh0/vvxt73mBG7vUtjQ6
X7xq/2OskKb5CfMSn8OwrqYUXK3CynAWdi+0mTODR1uNftBr2piM6ZckiGHdfwhf
X/C39mFrQ7jIz8Xt9LqXhX+UMY0N5DlydIPv5o9bWMEHm00u+OWACVrZ201UyGgG
wJKtMsMBk01KAdvj3LzA9Dcdc/iY6dvgC8e4cagcJZdK6fQcVj69unbY6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL1qYBsZB3cY9cfh03E1rqQlzYJjMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvdldwZ0d4a0hkeGoxeC1IVGNUV3VwQ1hOZ21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVVIAwQC
uaAcMA0EAgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQBhCe6L1Qkj3jEq
xxJOl00NbiZYeimLaTpKfHkCjwyQER0ncsV64tvFQIp+34OcFri5zt0yYaQYotzl
WeFLnz5FI3BbDc17Wj2wa2P7Aa+E2aFN3l/DOKKegFj7p09tFOzjv031sBAhIbow
hVzCDOyTd9Oli1PrVbO/TKkvRivpr7AcrjuqCnq6+BMnzJzQCj1y4j+OmPuedItm
Ln9Ziy9Z7ysM+ShgKEjV5IUDqVV7ZS0TRV/rhqgL5EtASXqStEa9C04JeQNX1Rd5
OPj/0FC0SqYbZmkN+sMEyxyQn0v/bhzavAZj2KSrIUqTug0asYIkWVO0yvGaHjuT
CnPu12Ha
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:16:49 2024 by rpki-client on console-fra.rpki-client.org