Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/VcB2WAOcmCc-Hrgz1ccxD-pmW0k.roa
File: VcB2WAOcmCc-Hrgz1ccxD-pmW0k.roa (raw, json)
Hash identifier: kZT9kAIW80Uy3qrvRM87Nvsqxt2p3WuizgN9J+f8i2w=
Subject key identifier: 55:C0:76:58:03:9C:98:27:3E:1E:B8:33:D5:C7:31:0F:EA:66:5B:49
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018DDA713400DCEEB963926E19E050B02B7C
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/VcB2WAOcmCc-Hrgz1ccxD-pmW0k.roa
Signing time: Sat 24 Feb 2024 09:27:48 +0000
ROA not before: Sat 24 Feb 2024 09:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34700
IP address blocks: 5.255.160.0/20 maxlen: 20
31.202.0.0/16 maxlen: 19
46.160.64.0/18 maxlen: 21
79.171.120.0/21 maxlen: 21
82.117.247.0/24 maxlen: 24
82.117.248.0/22 maxlen: 23
85.90.222.0/24 maxlen: 24
178.165.0.0/17 maxlen: 18
185.147.96.0/22 maxlen: 22
2a00:1210::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:71:34:00:dc:ee:b9:63:92:6e:19:e0:50:b0:2b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Feb 24 09:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55c07658039c98273e1eb833d5c7310fea665b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:73:e6:32:8c:5d:c2:b0:07:65:17:97:1f:9e:
d3:4b:b7:aa:63:8f:29:f8:54:9f:f5:03:3c:72:50:
07:bc:87:6e:d1:60:d2:6d:0e:6d:d8:f2:a4:2f:5e:
5c:f1:77:52:f8:e0:75:4e:18:cb:66:e4:68:d6:9f:
6d:f8:d2:e1:b9:9a:f8:d0:e3:61:8c:25:e1:74:17:
24:d3:0b:4e:51:51:1b:dd:53:89:9b:af:14:7c:38:
eb:cc:df:d7:db:b0:49:60:cc:bf:c0:83:b1:39:51:
d1:7b:8b:b1:df:94:54:99:ce:28:f5:86:16:8f:91:
a1:e4:f8:bd:2c:31:99:4a:86:96:6d:a3:23:2f:34:
9c:f2:51:a5:f9:4c:fa:9b:51:31:29:2c:02:63:2e:
47:e9:80:7e:18:93:cd:a1:3c:8f:fe:69:7d:cc:7c:
cf:f5:f8:23:c4:db:b2:b2:ce:fc:e4:5a:c2:91:c6:
19:8e:ce:52:eb:7a:d6:e3:d1:8b:58:da:6f:b7:c3:
09:85:1a:23:c7:45:61:94:2b:fe:01:aa:89:88:0d:
17:dd:00:ab:d8:4f:3f:57:73:5f:e9:49:bd:07:be:
2c:d3:76:b5:2e:22:a4:19:89:5f:95:49:ad:a9:14:
79:76:10:2b:4a:a1:d2:2c:16:40:50:c1:b4:28:1c:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C0:76:58:03:9C:98:27:3E:1E:B8:33:D5:C7:31:0F:EA:66:5B:49
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/VcB2WAOcmCc-Hrgz1ccxD-pmW0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0/16
46.160.64.0/18
79.171.120.0/21
82.117.247.0-82.117.251.255
85.90.222.0/24
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
02:b3:dd:79:83:0c:cd:95:0d:76:b4:4b:49:33:0e:73:67:23:
38:89:62:0a:15:a4:53:ea:d0:bc:d9:95:bf:aa:23:28:0e:ab:
18:b2:a9:9a:a2:b4:c6:32:b5:88:10:95:54:e3:54:c6:9e:15:
17:d0:51:60:24:e0:2c:84:02:c0:b7:23:5f:0b:bc:ef:90:62:
c6:46:5d:7d:a6:ee:06:d4:83:b9:c6:dd:10:14:21:c1:6a:30:
c3:9a:5e:9c:5e:b8:4e:58:d6:69:f0:91:06:c4:a1:ca:f1:0b:
15:41:9b:e4:3b:51:80:3b:4c:59:c6:3c:d7:3d:08:7e:5c:4c:
6c:1a:f1:62:c8:6d:14:0f:49:c9:07:cb:27:84:08:c4:0d:74:
a9:7e:c1:20:84:e5:74:5b:9f:6a:e3:5c:19:13:0e:9a:34:6e:
c7:19:36:fd:4d:33:0c:28:4d:24:9f:a4:39:17:cf:e9:a0:83:
bc:e8:c3:04:52:f8:e9:f2:aa:99:0d:51:82:b0:44:87:16:52:
b6:7c:75:77:64:7d:16:e3:84:43:87:d8:fc:e2:e3:65:20:d7:
96:ed:58:56:b1:0b:6e:0e:fc:fd:e8:18:e4:07:52:1c:19:eb:
98:ac:b5:85:a9:e8:d1:32:a4:5a:50:da:18:26:fe:cc:59:aa:
66:bc:25:5f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY3acTQA3O65Y5JuGeBQsCt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMjI0MDkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWMwNzY1ODAzOWM5ODI3M2UxZWI4MzNkNWM3MzEwZmVhNjY1YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3PmMoxdwrAHZReXH57TS7eqY48p
+FSf9QM8clAHvIdu0WDSbQ5t2PKkL15c8XdS+OB1ThjLZuRo1p9t+NLhuZr40ONh
jCXhdBck0wtOUVEb3VOJm68UfDjrzN/X27BJYMy/wIOxOVHRe4ux35RUmc4o9YYW
j5Gh5Pi9LDGZSoaWbaMjLzSc8lGl+Uz6m1ExKSwCYy5H6YB+GJPNoTyP/ml9zHzP
9fgjxNuyss785FrCkcYZjs5S63rW49GLWNpvt8MJhRojx0VhlCv+AaqJiA0X3QCr
2E8/V3Nf6Um9B74s03a1LiKkGYlflUmtqRR5dhArSqHSLBZAUMG0KBw0PQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFXAdlgDnJgnPh64M9XHMQ/qZltJMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvVmNCMldBT2NtQ2MtSHJnejFjY3hELXBtVzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQEBf+gAwMA
H8oDBAYuoEADBANPq3gwDAMEAFJ19wMEAlJ1+AMEAFVa3gMEB7KlAAMEArmTYDAN
BAIAAjAHAwUAKgASEDANBgkqhkiG9w0BAQsFAAOCAQEAArPdeYMMzZUNdrRLSTMO
c2cjOIliChWkU+rQvNmVv6ojKA6rGLKpmqK0xjK1iBCVVONUxp4VF9BRYCTgLIQC
wLcjXwu875BixkZdfabuBtSDucbdEBQhwWoww5penF64TljWafCRBsShyvELFUGb
5DtRgDtMWcY81z0IflxMbBrxYshtFA9JyQfLJ4QIxA10qX7BIITldFufauNcGRMO
mjRuxxk2/U0zDChNJJ+kORfP6aCDvOjDBFL46fKqmQ1RgrBEhxZStnx1d2R9FuOE
Q4fY/OLjZSDXlu1YVrELbg78/egY5AdSHBnrmKy1hano0TKkWlDaGCb+zFmqZrwl
Xw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:46:15 2024 by rpki-client on console-ams.rpki-client.org