Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/VXZRyc4NkTlQ59tVDUbmN9uewes.roa
File: VXZRyc4NkTlQ59tVDUbmN9uewes.roa (raw, json)
Hash identifier: C0EWbtfYJzMawxiDtGMQBDGClxlOkcg5WnHQC03TFwg=
Subject key identifier: 55:76:51:C9:CE:0D:91:39:50:E7:DB:55:0D:46:E6:37:DB:9E:C1:EB
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018CC9BB288B6A0818EA6BFE0DE91E0DFA3F
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/VXZRyc4NkTlQ59tVDUbmN9uewes.roa
Signing time: Tue 02 Jan 2024 10:32:15 +0000
ROA not before: Tue 02 Jan 2024 10:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5524
IP address blocks: 185.89.152.0/22 maxlen: 24
91.189.208.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
94.142.208.0/21 maxlen: 24
31.3.8.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
85.10.172.0/22 maxlen: 24
2a03:4f00::/32 maxlen: 32
2a03:5700::/32 maxlen: 32
2a00:c080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:28:8b:6a:08:18:ea:6b:fe:0d:e9:1e:0d:fa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 10:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=557651c9ce0d913950e7db550d46e637db9ec1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:ec:ff:1d:55:b9:d6:bf:5e:b6:60:f3:96:
98:84:28:1a:4d:9c:a5:05:af:c4:9a:c5:71:e9:75:
a9:33:f5:e1:67:cf:8a:88:92:c1:22:30:82:2e:62:
f1:cf:e9:59:9d:5f:5e:81:5f:34:ee:44:67:3c:68:
68:1c:88:9a:58:25:ed:a4:07:87:9f:29:55:92:c4:
a2:0c:1a:18:5e:f7:29:df:36:77:1f:29:23:24:37:
d5:53:5a:38:dd:7c:c3:c2:15:e8:bb:a6:e5:0c:f8:
22:7e:1a:86:93:a4:f1:41:0d:62:5c:fa:0c:ed:37:
8d:1f:fa:90:f0:db:af:b5:d5:a5:a2:cf:0b:49:e1:
dc:c9:3e:85:f6:e5:a6:79:1a:eb:60:4b:60:26:90:
d2:82:02:56:46:5c:f3:70:1d:eb:1a:8d:f1:fe:e3:
e2:0a:61:11:8e:e8:fe:e1:53:e1:09:9c:1f:6b:04:
3a:3c:22:0a:01:90:5f:b8:de:b8:fc:f3:ff:9f:21:
db:06:ac:02:dd:63:f2:84:88:b8:18:db:d7:75:28:
00:ff:f8:56:1a:81:e8:b5:b6:5b:86:6a:0a:86:b7:
3f:9b:22:fc:c1:6b:a2:26:85:4d:21:91:ec:3f:df:
06:e2:82:ac:e0:da:dd:b7:12:d3:00:ac:da:e9:76:
6b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:76:51:C9:CE:0D:91:39:50:E7:DB:55:0D:46:E6:37:DB:9E:C1:EB
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/VXZRyc4NkTlQ59tVDUbmN9uewes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
46.226.56.0/21
85.10.172.0/22
91.189.208.0/22
94.142.208.0/21
185.65.52.0/22
185.89.152.0/22
IPv6:
2a00:c080::/32
2a03:4f00::/32
2a03:5700::/32
Signature Algorithm: sha256WithRSAEncryption
85:bf:bb:63:22:40:5f:e3:ea:66:0a:25:40:0a:93:4c:d7:d7:
9b:e0:91:f5:65:f3:15:96:50:2e:44:a2:e1:7b:41:ef:da:97:
07:47:18:95:cc:ef:55:ee:a5:d7:2e:d9:4a:c0:13:8c:cc:c1:
4c:42:40:75:02:0c:1b:d6:f3:c4:46:ed:69:46:7f:70:cc:e2:
e1:f5:cd:42:d5:0c:65:a4:b9:3b:53:f5:76:50:3b:d6:5c:99:
28:a4:bc:46:5a:31:df:a6:47:f2:ce:53:af:0b:0b:ed:fe:62:
fa:5d:a6:8b:84:24:7c:17:91:30:4a:e2:77:fa:57:6b:8f:82:
2a:a4:ac:33:0e:b8:a6:79:63:58:14:b3:20:46:d6:d7:34:22:
bc:87:18:9c:e2:ad:13:e7:97:59:b1:ef:e2:17:11:f1:53:3b:
da:b4:ff:38:57:9d:f5:01:d5:1c:b0:1d:58:98:54:e1:4f:18:
ec:71:7a:bd:45:b5:02:7a:bc:05:b5:45:7e:bc:c2:da:d7:17:
b4:87:10:f3:5c:24:76:02:ed:39:c6:bb:96:3f:e8:6b:82:32:
2b:23:43:7f:26:c6:1b:cc:8c:00:c9:ce:a0:a8:70:6a:cd:85:
bf:ea:c6:7c:27:71:cb:18:ee:4b:f9:1e:bd:ce:13:0a:b7:c1:
54:3b:c9:91
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzJuyiLaggY6mv+DekeDfo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTAyMTAzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc2NTFjOWNlMGQ5MTM5NTBlN2RiNTUwZDQ2ZTYzN2RiOWVjMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk/s/x1Vuda/XrZg85aYhCgaTZyl
Ba/EmsVx6XWpM/XhZ8+KiJLBIjCCLmLxz+lZnV9egV807kRnPGhoHIiaWCXtpAeH
nylVksSiDBoYXvcp3zZ3HykjJDfVU1o43XzDwhXou6blDPgifhqGk6TxQQ1iXPoM
7TeNH/qQ8NuvtdWlos8LSeHcyT6F9uWmeRrrYEtgJpDSggJWRlzzcB3rGo3x/uPi
CmERjuj+4VPhCZwfawQ6PCIKAZBfuN64/PP/nyHbBqwC3WPyhIi4GNvXdSgA//hW
GoHotbZbhmoKhrc/myL8wWuiJoVNIZHsP98G4oKs4NrdtxLTAKza6XZrqwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFV2UcnODZE5UOfbVQ1G5jfbnsHrMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvVlhaUnljNE5rVGxRNTl0VkRVYm1OOXVld2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQDHwMIAwQD
LuI4AwQCVQqsAwQCW73QAwQDXo7QAwQCuUE0AwQCuVmYMBsEAgACMBUDBQAqAMCA
AwUAKgNPAAMFACoDVwAwDQYJKoZIhvcNAQELBQADggEBAIW/u2MiQF/j6mYKJUAK
k0zX15vgkfVl8xWWUC5EouF7Qe/alwdHGJXM71Xupdcu2UrAE4zMwUxCQHUCDBvW
88RG7WlGf3DM4uH1zULVDGWkuTtT9XZQO9ZcmSikvEZaMd+mR/LOU68LC+3+Yvpd
pouEJHwXkTBK4nf6V2uPgiqkrDMOuKZ5Y1gUsyBG1tc0IryHGJzirRPnl1mx7+IX
EfFTO9q0/zhXnfUB1RywHViYVOFPGOxxer1FtQJ6vAW1RX68wtrXF7SHEPNcJHYC
7TnGu5Y/6GuCMisjQ38mxhvMjADJzqCocGrNhb/qxnwnccsY7kv5Hr3OEwq3wVQ7
yZE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:18:02 2024 by rpki-client on console-fra.rpki-client.org