Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/vbhEy94u3sx513_GaYafnIJK36w.roa
File: vbhEy94u3sx513_GaYafnIJK36w.roa (raw, json)
Hash identifier: SukH/lD8Ycy2NxQjWZWYtir9gJwMqBn3XJ5cFaRqZdc=
Subject key identifier: BD:B8:44:CB:DE:2E:DE:CC:79:D7:7F:C6:69:86:9F:9C:82:4A:DF:AC
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 01919F646566A87D17E9459EF42E8DE7767C
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/vbhEy94u3sx513_GaYafnIJK36w.roa
Signing time: Thu 29 Aug 2024 18:27:22 +0000
ROA not before: Thu 29 Aug 2024 18:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12365
IP address blocks: 81.95.224.0/20 maxlen: 20
82.215.66.0/23 maxlen: 23
82.215.68.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.80.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
82.215.86.0/23 maxlen: 23
82.215.88.0/21 maxlen: 21
82.215.88.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
82.215.116.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
89.146.64.0/22 maxlen: 22
89.146.68.0/22 maxlen: 22
89.146.72.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.100.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
185.78.136.0/22 maxlen: 22
2a00:8840::/32 maxlen: 32
2a00:8840:c000::/36 maxlen: 36
2a00:8840:d000::/36 maxlen: 36
2a00:8840:e000::/36 maxlen: 36
2a00:8840:f000::/36 maxlen: 36
2a00:8841::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9f:64:65:66:a8:7d:17:e9:45:9e:f4:2e:8d:e7:76:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Aug 29 18:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdb844cbde2edecc79d77fc669869f9c824adfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:03:49:02:28:6b:34:cf:ae:84:b2:d4:b4:
f5:09:97:93:99:94:05:f1:bb:7e:db:6a:ec:cd:47:
02:f2:e5:ee:3a:61:51:b2:e9:2e:16:33:5f:ff:84:
2c:dc:c8:e8:5d:f9:20:9a:b2:37:ec:e5:42:c4:9e:
c1:d9:09:2b:ce:a8:c8:f4:99:83:e8:93:52:86:76:
6f:0b:0d:1e:fc:aa:b3:b8:53:9b:21:32:42:48:a8:
fd:39:32:d3:e6:f3:5a:70:11:dc:91:81:4c:e2:c7:
b4:11:12:ec:d2:4e:db:ae:e1:9d:d6:05:df:12:10:
91:d0:d7:0e:6f:84:ea:f3:8c:ce:75:f5:08:d4:c0:
f5:66:00:a4:9d:d1:49:1d:d4:e9:41:15:15:62:05:
ff:11:84:e1:f4:ab:71:bb:06:04:70:45:fe:34:ae:
ff:40:d0:e2:37:4f:56:8e:17:01:02:e1:f6:66:ec:
86:13:84:aa:c0:ed:2d:27:67:75:e1:71:b6:57:5c:
c8:a8:24:8e:2a:05:a6:a9:4e:ce:28:bb:4e:44:11:
a2:53:da:a2:e8:bc:50:82:bb:bc:a8:04:6c:6a:bb:
4d:7a:cc:e6:12:a0:59:b3:40:2d:39:13:f2:c7:a6:
c0:38:4a:fb:6c:49:a0:c4:5f:90:84:ee:af:07:14:
32:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B8:44:CB:DE:2E:DE:CC:79:D7:7F:C6:69:86:9F:9C:82:4A:DF:AC
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/vbhEy94u3sx513_GaYafnIJK36w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
ae:69:f4:90:76:38:96:98:28:20:0d:38:0e:e8:f9:06:24:46:
32:ee:79:ef:8e:f9:00:40:7e:3f:e9:98:ea:19:fa:53:94:8d:
e5:7c:26:fa:3f:0d:a6:28:73:99:fd:66:13:c6:79:ff:e0:62:
8b:75:90:6b:c2:49:67:e5:18:8e:09:6e:2f:78:30:de:bf:75:
20:fd:cb:c0:41:5b:fe:dc:9e:ca:37:24:8e:b2:d5:4e:73:ee:
9b:f5:26:29:30:db:25:4d:28:93:a8:b6:ce:1b:79:4d:41:e4:
e3:7c:4d:a5:87:cf:b6:a1:58:bb:2f:f0:0b:2d:4b:43:eb:c0:
1c:38:6d:c8:53:0e:9f:46:af:8c:e7:19:96:3a:44:af:5c:f2:
cc:24:bb:ec:f8:0e:95:8f:b7:14:e9:41:72:b9:36:01:1c:1c:
7c:63:cc:83:eb:b4:a9:a7:82:3d:49:61:0e:1d:88:62:29:1c:
2b:2e:96:c3:ed:c0:2f:2d:13:82:be:1c:7f:a3:38:0b:6d:be:
6d:19:e2:d9:20:cc:95:dc:3c:3d:67:82:b7:52:32:71:b4:be:
af:69:46:94:7c:4b:7a:73:92:61:da:2b:e1:1c:c4:d9:65:17:
0c:b1:0e:bd:ba:96:59:2a:28:1b:b9:03:6f:ec:66:dc:28:e7:
43:c0:87:94
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZGfZGVmqH0X6UWe9C6N53Z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGNjYTg5OWVmNWJmNDIzN2YwZjZiZGQxNzc5MjIxYjIw
MDUyZjMwHhcNMjQwODI5MTgyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGI4NDRjYmRlMmVkZWNjNzlkNzdmYzY2OTg2OWY5YzgyNGFkZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGQDSQIoazTProSy1LT1CZeTmZQF
8bt+22rszUcC8uXuOmFRsukuFjNf/4Qs3MjoXfkgmrI37OVCxJ7B2QkrzqjI9JmD
6JNShnZvCw0e/KqzuFObITJCSKj9OTLT5vNacBHckYFM4se0ERLs0k7bruGd1gXf
EhCR0NcOb4Tq84zOdfUI1MD1ZgCkndFJHdTpQRUVYgX/EYTh9KtxuwYEcEX+NK7/
QNDiN09WjhcBAuH2ZuyGE4SqwO0tJ2d14XG2V1zIqCSOKgWmqU7OKLtORBGiU9qi
6LxQgru8qARsartNeszmEqBZs0AtORPyx6bAOEr7bEmgxF+QhO6vBxQymwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFL24RMveLt7Medd/xmmGn5yCSt+sMB8GA1UdIwQY
MBaAFFdMyome9b9CN/D2vdF3kiGyAFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODIt
ZWUxMTI2YTI4MTk1LzEvdmJoRXk5NHUzc3g1MTNfR2FZYWZuSUpLMzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODItZWUxMTI2YTI4MTk1
LzEvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEUV/gMAwD
BAFS10IDBAFS10QDBAJS10gwDAMEAFLXTQMEAlLXUDAMAwQAUtdVAwQFUtdAAwQE
UtdwAwQGWZJAAwQCuU6IMA0EAgACMAcDBQMqAIhAMA0GCSqGSIb3DQEBCwUAA4IB
AQCuafSQdjiWmCggDTgO6PkGJEYy7nnvjvkAQH4/6ZjqGfpTlI3lfCb6Pw2mKHOZ
/WYTxnn/4GKLdZBrwkln5RiOCW4veDDev3Ug/cvAQVv+3J7KNySOstVOc+6b9SYp
MNslTSiTqLbOG3lNQeTjfE2lh8+2oVi7L/ALLUtD68AcOG3IUw6fRq+M5xmWOkSv
XPLMJLvs+A6Vj7cU6UFyuTYBHBx8Y8yD67Spp4I9SWEOHYhiKRwrLpbD7cAvLROC
vhx/ozgLbb5tGeLZIMyV3Dw9Z4K3UjJxtL6vaUaUfEt6c5Jh2ivhHMTZZRcMsQ69
upZZKigbuQNv7GbcKOdDwIeU
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:52:05 2024 by rpki-client on console-fra.rpki-client.org