Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/VCAUApXDgunhjP0rHNxuH0o7aGA.roa
File: VCAUApXDgunhjP0rHNxuH0o7aGA.roa (raw, json)
Hash identifier: wG0tZFUML8K2gHINJtBZcChpFnUqRcSBrcwNyNjbGfY=
Subject key identifier: 54:20:14:02:95:C3:82:E9:E1:8C:FD:2B:1C:DC:6E:1F:4A:3B:68:60
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 018D31925B4CB8843DF8A1CD3BC9B39873F3
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/VCAUApXDgunhjP0rHNxuH0o7aGA.roa
Signing time: Mon 22 Jan 2024 14:28:11 +0000
ROA not before: Mon 22 Jan 2024 14:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8423
IP address blocks: 78.31.128.0/21 maxlen: 24
91.200.96.0/22 maxlen: 24
91.207.124.0/23 maxlen: 24
91.223.45.0/24 maxlen: 24
176.118.184.0/22 maxlen: 24
195.225.84.0/22 maxlen: 24
2001:67c:44::/48 maxlen: 48
2a0d:ca40::/29 maxlen: 48
2a0d:ca47:862::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:92:5b:4c:b8:84:3d:f8:a1:cd:3b:c9:b3:98:73:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 22 14:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5420140295c382e9e18cfd2b1cdc6e1f4a3b6860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a9:46:4d:9f:e4:15:a8:cb:05:ee:7f:fe:55:
3a:38:7b:9d:d7:40:8c:76:69:86:af:2a:cb:bd:dd:
b7:12:e0:2d:a2:76:2a:5f:e7:46:c6:2e:b6:58:b0:
51:e4:79:e5:c2:96:65:ae:d2:11:2b:9b:20:91:a4:
73:2f:44:78:bf:83:18:27:03:b8:23:35:a2:c5:6e:
b9:d8:32:9f:19:ff:45:54:aa:99:ec:47:25:53:43:
32:fa:b8:5d:f1:71:26:1c:2e:1c:fa:a7:53:06:c7:
61:a2:d9:33:12:e6:b3:d9:ea:6f:e1:9c:2c:8c:80:
32:ec:5d:c0:35:6d:70:c6:ba:7f:04:e0:11:41:f4:
be:80:fb:08:d5:81:b6:61:1b:c5:69:40:67:69:fe:
a0:de:f9:4c:a8:3f:1b:2c:d4:25:a8:a9:cc:05:94:
09:ae:aa:a3:4a:5f:47:e8:4d:d6:65:04:d9:f8:9f:
77:d5:23:80:83:18:f0:75:35:68:a3:68:89:79:35:
d2:41:20:2a:4a:3e:5f:e9:85:e6:8f:47:6d:52:15:
51:3b:42:80:02:a1:d4:4d:a0:86:4c:0e:73:7f:6d:
15:f9:f7:f1:2b:c3:d7:75:b3:86:b3:1e:50:86:2f:
f9:ba:54:1a:d3:e7:bb:e1:8e:c7:69:88:da:e3:b2:
58:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:20:14:02:95:C3:82:E9:E1:8C:FD:2B:1C:DC:6E:1F:4A:3B:68:60
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/VCAUApXDgunhjP0rHNxuH0o7aGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.128.0/21
91.200.96.0/22
91.207.124.0/23
91.223.45.0/24
176.118.184.0/22
195.225.84.0/22
IPv6:
2001:67c:44::/48
2a0d:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:d7:18:a1:c9:97:b4:0b:72:d4:d3:09:6e:54:04:46:cf:6b:
61:c6:76:59:41:64:16:58:40:d1:fe:46:d3:09:d5:5d:d3:5d:
53:4e:18:a9:af:f8:fa:7e:9c:5a:27:c0:a4:c5:a5:43:52:62:
ea:4a:f8:69:25:3d:b2:ea:69:dd:b9:d2:8b:35:de:5f:1a:8e:
68:3c:29:02:73:0e:47:70:32:bc:e6:c4:20:d4:ec:e4:e8:69:
0d:af:53:6d:9f:d1:a0:9c:a5:23:46:6e:36:43:16:ce:40:c6:
ee:6f:a3:9e:24:01:0e:da:a8:d9:3d:19:8f:83:7a:69:65:82:
f7:99:de:09:3f:8c:8d:d2:ed:00:fe:54:8c:f1:a0:26:88:65:
d3:25:ec:8d:c7:46:d6:8f:76:ce:24:96:49:1e:e0:de:85:cf:
bf:5e:60:e7:eb:81:16:11:fc:6e:8f:e5:ad:6c:a2:0f:b6:63:
62:2b:38:15:6a:8e:5d:8f:e2:03:8e:4f:54:30:4c:7e:e0:ad:
d8:1f:96:f5:f1:8b:69:4a:c6:1e:4a:3c:7e:52:89:6c:f3:3e:
95:d2:36:49:4d:23:29:a4:4e:6e:fc:78:81:10:11:cf:e5:32:
90:89:d7:e2:9b:a1:a0:02:a7:3e:1e:3a:36:f9:85:fa:b4:41:
7d:8e:ba:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY0xkltMuIQ9+KHNO8mzmHPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjQwMTIyMTQyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDIwMTQwMjk1YzM4MmU5ZTE4Y2ZkMmIxY2RjNmUxZjRhM2I2ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKlGTZ/kFajLBe5//lU6OHud10CM
dmmGryrLvd23EuAtonYqX+dGxi62WLBR5HnlwpZlrtIRK5sgkaRzL0R4v4MYJwO4
IzWixW652DKfGf9FVKqZ7EclU0My+rhd8XEmHC4c+qdTBsdhotkzEuaz2epv4Zws
jIAy7F3ANW1wxrp/BOARQfS+gPsI1YG2YRvFaUBnaf6g3vlMqD8bLNQlqKnMBZQJ
rqqjSl9H6E3WZQTZ+J931SOAgxjwdTVoo2iJeTXSQSAqSj5f6YXmj0dtUhVRO0KA
AqHUTaCGTA5zf20V+ffxK8PXdbOGsx5Qhi/5ulQa0+e74Y7HaYja47JYtQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFQgFAKVw4Lp4Yz9Kxzcbh9KO2hgMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvVkNBVUFwWERndW5oalAwckhOeHVIMG83YUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQDTh+AAwQC
W8hgAwQBW898AwQAW98tAwQCsHa4AwQCw+FUMBYEAgACMBADBwAgAQZ8AEQDBQMq
DcpAMA0GCSqGSIb3DQEBCwUAA4IBAQBe1xihyZe0C3LU0wluVARGz2thxnZZQWQW
WEDR/kbTCdVd011TThipr/j6fpxaJ8CkxaVDUmLqSvhpJT2y6mndudKLNd5fGo5o
PCkCcw5HcDK85sQg1Ozk6GkNr1Ntn9GgnKUjRm42QxbOQMbub6OeJAEO2qjZPRmP
g3ppZYL3md4JP4yN0u0A/lSM8aAmiGXTJeyNx0bWj3bOJJZJHuDehc+/XmDn64EW
Efxuj+WtbKIPtmNiKzgVao5dj+IDjk9UMEx+4K3YH5b18YtpSsYeSjx+Uols8z6V
0jZJTSMppE5u/HiBEBHP5TKQidfim6GgAqc+Hjo2+YX6tEF9jrrw
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:25 2024 by rpki-client on console-fra.rpki-client.org