Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/vB0T-QQLxb1AMmr3JCosEtf2z9o.roa
File: vB0T-QQLxb1AMmr3JCosEtf2z9o.roa (raw, json)
Hash identifier: 7xabqOue4tAjq0Nu52C/e95qFQt39Z1/7dHr9sx07Ow=
Subject key identifier: BC:1D:13:F9:04:0B:C5:BD:40:32:6A:F7:24:2A:2C:12:D7:F6:CF:DA
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 018CC348E7D72D4D9DD552F94E88203C2B91
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/vB0T-QQLxb1AMmr3JCosEtf2z9o.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60478
IP address blocks: 185.31.100.0/22 maxlen: 22
2a00:b420::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e7:d7:2d:4d:9d:d5:52:f9:4e:88:20:3c:2b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1d13f9040bc5bd40326af7242a2c12d7f6cfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:56:4c:fe:53:39:47:1e:d3:71:24:d8:3d:bb:
e7:c6:2c:1a:42:ae:47:50:5c:f0:d7:f5:35:e8:b9:
0e:ee:b5:10:d4:bf:4d:9e:4d:95:7e:94:af:10:56:
c9:a8:89:39:40:0b:17:72:9c:98:e6:5e:cd:26:1c:
2d:3b:e9:3a:c7:7e:0a:7a:49:07:c6:e9:ec:38:4a:
2e:9e:0e:5b:79:67:b2:e3:ab:26:3f:cb:9b:4c:5e:
cc:41:a1:89:95:ad:12:15:ce:28:4d:f9:a9:9f:3d:
c8:7c:89:ac:d0:6c:75:7e:8f:8e:38:6a:55:83:40:
c6:ba:f3:84:a6:39:de:e2:17:69:2b:83:f5:d9:64:
a0:8e:a1:57:10:6a:05:e5:01:f8:9c:c5:6f:13:e0:
f3:aa:ca:7e:17:2f:19:ca:72:74:eb:c3:ea:29:54:
91:b5:fb:d1:f3:26:55:a4:6c:e1:64:ed:78:31:df:
a4:89:b8:57:26:56:88:ce:69:ed:6c:5c:d4:53:06:
68:36:e0:ee:a5:49:9f:50:97:d6:c4:ff:36:d7:db:
bb:15:44:33:1b:45:c0:9f:f9:58:36:f6:1f:f6:0b:
cd:2f:2b:18:93:0d:33:52:20:c8:12:4b:1f:26:4f:
ff:d6:d0:6c:c0:4d:17:37:94:73:d5:5e:49:7f:b6:
dd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1D:13:F9:04:0B:C5:BD:40:32:6A:F7:24:2A:2C:12:D7:F6:CF:DA
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/vB0T-QQLxb1AMmr3JCosEtf2z9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.100.0/22
IPv6:
2a00:b420::/32
Signature Algorithm: sha256WithRSAEncryption
63:d5:5c:a2:a3:23:23:73:52:56:15:2d:00:d4:a9:86:1e:c3:
4d:8e:f7:96:16:68:cc:a6:16:1c:03:00:9a:88:79:f3:4e:48:
5f:4f:f1:ba:94:39:7a:d5:3a:5f:af:5b:cb:67:44:d0:1b:03:
a4:fc:ab:55:91:92:fb:a2:8c:7e:af:28:e3:cd:7f:98:8a:8f:
02:60:70:19:f5:b6:c4:8d:ab:25:3a:8c:62:b3:2f:98:4f:57:
74:a2:f8:d6:61:a5:3d:09:6b:e8:c1:14:26:36:34:b6:0b:38:
ec:a5:dc:20:df:48:5f:83:e1:e7:6f:0a:29:50:17:55:9e:88:
79:93:90:93:ef:52:c8:77:fa:b1:eb:22:5c:0f:e8:dd:ed:45:
6b:12:fe:0d:9b:44:d5:bc:6e:cc:9e:9a:e2:7a:3a:22:14:c2:
b8:11:9b:c5:6d:2c:ad:a0:47:a2:a6:1c:97:40:7e:d6:e9:f9:
f1:de:b0:5d:2a:00:99:18:5c:48:e2:31:24:37:46:e7:ea:a9:
46:fa:67:78:02:fc:ad:8d:ee:87:0f:44:9a:03:98:7e:ed:07:
59:bb:62:c9:0b:4c:9f:38:84:15:71:5d:38:94:0e:09:37:c5:
8f:09:44:38:9b:22:0d:1d:74:e4:e3:67:7f:8e:79:fa:6a:71:
59:3c:a5:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSOfXLU2d1VL5ToggPCuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFkMTNmOTA0MGJjNWJkNDAzMjZhZjcyNDJhMmMxMmQ3ZjZjZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlZM/lM5Rx7TcSTYPbvnxiwaQq5H
UFzw1/U16LkO7rUQ1L9Nnk2VfpSvEFbJqIk5QAsXcpyY5l7NJhwtO+k6x34KekkH
xunsOEoung5beWey46smP8ubTF7MQaGJla0SFc4oTfmpnz3IfIms0Gx1fo+OOGpV
g0DGuvOEpjne4hdpK4P12WSgjqFXEGoF5QH4nMVvE+Dzqsp+Fy8ZynJ068PqKVSR
tfvR8yZVpGzhZO14Md+kibhXJlaIzmntbFzUUwZoNuDupUmfUJfWxP8219u7FUQz
G0XAn/lYNvYf9gvNLysYkw0zUiDIEksfJk//1tBswE0XN5Rz1V5Jf7bdmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLwdE/kEC8W9QDJq9yQqLBLX9s/aMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvdkIwVC1RUUx4YjFBTW1yM0pDb3NFdGYyejlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR9kMA0E
AgACMAcDBQAqALQgMA0GCSqGSIb3DQEBCwUAA4IBAQBj1VyioyMjc1JWFS0A1KmG
HsNNjveWFmjMphYcAwCaiHnzTkhfT/G6lDl61Tpfr1vLZ0TQGwOk/KtVkZL7oox+
ryjjzX+Yio8CYHAZ9bbEjaslOoxisy+YT1d0ovjWYaU9CWvowRQmNjS2Czjspdwg
30hfg+HnbwopUBdVnoh5k5CT71LId/qx6yJcD+jd7UVrEv4Nm0TVvG7Mnpriejoi
FMK4EZvFbSytoEeiphyXQH7W6fnx3rBdKgCZGFxI4jEkN0bn6qlG+md4Avytje6H
D0SaA5h+7QdZu2LJC0yfOIQVcV04lA4JN8WPCUQ4myINHXTk42d/jnn6anFZPKXx
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:07:57 2024 by rpki-client on console-ams.rpki-client.org