Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/vzmRLq_DlO1sObTxAP8qD4GozuY.roa
File: vzmRLq_DlO1sObTxAP8qD4GozuY.roa (raw, json)
Hash identifier: rEJEzZ42GdJFXUWq9NpNUIHMqaBc1AqNT2yL17H9KRM=
Subject key identifier: BF:39:91:2E:AF:C3:94:ED:6C:39:B4:F1:00:FF:2A:0F:81:A8:CE:E6
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348AB9CAC94A58981D5AFB90E57452C
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/vzmRLq_DlO1sObTxAP8qD4GozuY.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.217.0/24 maxlen: 24
212.7.216.0/24 maxlen: 24
91.106.29.0/24 maxlen: 24
2a01:6e80:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ab:9c:ac:94:a5:89:81:d5:af:b9:0e:57:45:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf39912eafc394ed6c39b4f100ff2a0f81a8cee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:f3:55:5f:6f:3f:9f:d4:8e:b0:3f:d4:db:
5b:ea:d2:d8:5e:0f:ff:a8:01:81:3e:e3:4b:05:51:
21:0f:98:3f:a3:96:1e:01:96:76:f0:24:23:67:53:
0c:d8:97:e5:3a:97:8a:b5:c1:b6:25:de:35:84:36:
c8:8f:e8:d7:7d:99:62:5d:16:44:f4:94:28:b8:23:
db:09:e1:40:89:1d:ad:bb:47:ee:6d:bb:2d:57:8c:
d0:d2:6e:37:91:c0:ac:3d:d2:ac:8d:81:d2:3a:c6:
b4:28:61:20:6d:d5:85:7d:58:36:c9:7d:dc:d3:5b:
7d:a7:48:12:9c:e8:82:26:f4:18:53:ef:77:ed:4e:
20:fc:b2:02:65:72:90:cc:37:42:e0:13:2d:63:01:
7e:05:7b:0c:61:1c:07:9d:ec:71:23:79:4a:15:aa:
ad:94:d3:7b:c2:79:f3:d8:04:71:24:8a:0f:c4:b0:
59:d8:ce:5b:49:dc:84:fe:f6:c1:eb:ab:24:e1:69:
35:69:2a:59:55:48:33:80:ab:6a:59:99:bc:88:45:
64:2d:27:1a:54:1f:b0:b0:7b:81:13:eb:f5:fb:d3:
c2:49:14:b8:d7:58:eb:c6:c7:20:ec:1d:30:e2:03:
42:03:56:a1:d9:82:a9:a5:f0:50:fe:1d:18:2b:a1:
aa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:39:91:2E:AF:C3:94:ED:6C:39:B4:F1:00:FF:2A:0F:81:A8:CE:E6
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/vzmRLq_DlO1sObTxAP8qD4GozuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.29.0/24
212.7.216.0/23
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
45:75:1a:4d:a6:f0:27:f1:8d:25:ab:71:9c:db:87:8b:2c:81:
61:53:db:45:9c:50:39:05:60:49:90:1d:f4:9c:55:8d:a9:91:
1b:44:8c:8c:85:86:a1:6f:5d:22:b5:ed:7d:84:c1:47:da:29:
56:30:03:b8:79:4a:b3:33:2b:09:36:f8:9d:e0:50:1a:0a:95:
9c:79:eb:0a:06:e3:77:53:21:ab:bb:6b:77:d2:11:8a:fd:21:
30:58:a6:ea:99:9d:61:cd:d5:a4:9d:de:e6:33:a1:ad:c8:ea:
40:ba:5c:f5:01:6d:fb:12:53:ac:a9:77:5a:37:4c:64:3c:f4:
53:82:10:02:7e:03:cf:4c:d0:ed:90:de:aa:32:89:c0:a4:f0:
8e:9b:ac:be:02:b8:da:98:b5:96:62:80:ad:dd:ba:3a:ba:a4:
a6:15:b0:f0:a6:33:52:52:f5:2b:0c:62:f6:45:6f:71:98:ad:
11:41:b9:e4:5c:9c:6f:87:cd:28:df:16:70:70:f4:02:48:f1:
35:a2:70:7b:ef:3b:71:a6:e9:e4:41:c6:3c:ef:53:9b:b8:d9:
78:ce:3f:8e:f3:bf:b3:68:13:4d:b3:bb:a3:27:1b:6f:03:e8:
f0:1d:8d:c1:5b:2f:b0:00:c5:65:e2:6d:d7:1f:ad:d0:f3:94:
54:04:81:be
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSKucrJSliYHVr7kOV0UsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM5OTEyZWFmYzM5NGVkNmMzOWI0ZjEwMGZmMmEwZjgxYThjZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvirzVV9vP5/UjrA/1Ntb6tLYXg//
qAGBPuNLBVEhD5g/o5YeAZZ28CQjZ1MM2JflOpeKtcG2Jd41hDbIj+jXfZliXRZE
9JQouCPbCeFAiR2tu0fubbstV4zQ0m43kcCsPdKsjYHSOsa0KGEgbdWFfVg2yX3c
01t9p0gSnOiCJvQYU+937U4g/LICZXKQzDdC4BMtYwF+BXsMYRwHnexxI3lKFaqt
lNN7wnnz2ARxJIoPxLBZ2M5bSdyE/vbB66sk4Wk1aSpZVUgzgKtqWZm8iEVkLSca
VB+wsHuBE+v1+9PCSRS411jrxscg7B0w4gNCA1ah2YKppfBQ/h0YK6GqTwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL85kS6vw5TtbDm08QD/Kg+BqM7mMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvdnptUkxxX0RsTzFzT2JUeEFQOHFENEdvenVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQB
1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAEV1Gk2m8Cfx
jSWrcZzbh4ssgWFT20WcUDkFYEmQHfScVY2pkRtEjIyFhqFvXSK17X2EwUfaKVYw
A7h5SrMzKwk2+J3gUBoKlZx56woG43dTIau7a3fSEYr9ITBYpuqZnWHN1aSd3uYz
oa3I6kC6XPUBbfsSU6ypd1o3TGQ89FOCEAJ+A89M0O2Q3qoyicCk8I6brL4CuNqY
tZZigK3dujq6pKYVsPCmM1JS9SsMYvZFb3GYrRFBueRcnG+HzSjfFnBw9AJI8TWi
cHvvO3Gm6eRBxjzvU5u42XjOP47zv7NoE02zu6MnG28D6PAdjcFbL7AAxWXibdcf
rdDzlFQEgb4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:29:34 2024 by rpki-client on console-fra.rpki-client.org