Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/VT-zEFkJETJxldAloShGVN_hh6w.roa
File: VT-zEFkJETJxldAloShGVN_hh6w.roa (raw, json)
Hash identifier: 2sVWFnbiUM9GpIzBlmPLhguPBrECdluEVh049e0WI1w=
Subject key identifier: 55:3F:B3:10:59:09:11:32:71:95:D0:25:A1:28:46:54:DF:E1:87:AC
Certificate issuer: /CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Certificate serial: 018CC64ACCC2DFC690ECBE51C60078024F4F
Authority key identifier: 05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/VT-zEFkJETJxldAloShGVN_hh6w.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203185
IP address blocks: 185.112.244.0/24 maxlen: 24
185.112.245.0/24 maxlen: 24
185.112.246.0/24 maxlen: 24
185.112.247.0/24 maxlen: 24
2a02:6e40:3::/48 maxlen: 48
2a02:6e40:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:cc:c2:df:c6:90:ec:be:51:c6:00:78:02:4f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=553fb310590911327195d025a1284654dfe187ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6f:89:7a:40:9f:56:84:f5:fe:47:72:55:5d:
fa:df:2d:2e:62:99:fe:29:6e:fe:2c:e4:0a:65:0a:
14:ff:c9:27:60:98:3c:ce:37:5a:63:d2:c9:f6:60:
8b:08:e7:e5:f8:08:55:2d:d4:b6:96:9c:29:5b:1f:
04:ef:cd:d9:38:69:25:37:f7:1c:3a:9d:da:ab:88:
1d:1d:f3:ea:59:5d:d6:e1:78:30:09:62:0f:d9:76:
f0:3b:09:f1:65:58:66:a0:c8:8b:6d:92:d4:d2:30:
73:e4:85:42:ee:3f:58:2e:b6:e2:04:9c:3e:16:b3:
35:d2:04:6d:f0:0c:cc:8d:e1:cd:ee:22:38:0e:46:
ac:0e:5b:e7:94:78:15:cc:b5:e9:64:e7:24:e3:6b:
8f:18:b3:e3:57:12:a6:ac:7e:60:65:29:63:12:8a:
28:53:34:35:c2:0f:b0:23:51:3e:15:03:e2:35:a6:
9c:e0:12:ca:bc:1f:8b:20:77:f7:50:ae:d0:f5:12:
c5:d9:fb:9e:be:4c:ff:f1:42:9e:ef:0a:06:76:01:
ac:31:3e:76:ef:ac:7a:ba:87:17:4b:0b:eb:b5:36:
af:69:e3:9e:4a:62:c7:19:f1:d7:7f:61:0c:5c:70:
56:e1:13:83:23:4a:45:85:05:a6:f8:31:79:ab:ef:
8b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3F:B3:10:59:09:11:32:71:95:D0:25:A1:28:46:54:DF:E1:87:AC
X509v3 Authority Key Identifier:
keyid:05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/VT-zEFkJETJxldAloShGVN_hh6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.244.0/22
IPv6:
2a02:6e40:3::-2a02:6e40:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:2a:95:9f:0c:77:f9:ce:1c:17:f5:73:a2:df:04:66:6e:5b:
77:ac:9c:3a:16:3e:15:3e:79:96:8d:a9:47:cc:fc:23:e8:33:
2e:eb:2c:9c:20:4b:fa:a7:0c:7f:cc:29:12:0e:24:04:3b:46:
ea:16:ca:fb:3d:45:2b:cc:cd:3a:8b:e9:dd:e2:c0:c3:20:7b:
c3:7b:74:da:8c:9d:28:f7:fc:fd:f9:01:9f:e9:89:74:77:4a:
fe:be:14:20:ab:4b:45:f0:50:b6:c7:f9:d3:c0:ff:85:67:24:
a6:75:cb:c3:68:c4:bf:08:c0:67:29:a6:b3:e8:a8:80:66:52:
5f:79:44:bd:b3:34:51:ff:8d:1a:df:2d:3c:f6:62:d5:e1:61:
64:a5:74:1e:99:01:43:69:a3:2b:40:23:a6:85:96:48:bc:5d:
8d:61:46:66:5e:21:ba:db:21:3e:4c:81:d2:65:cc:92:a9:c9:
1f:de:1d:2b:ce:c3:0f:c4:e9:cb:9f:99:d0:fc:de:f4:11:1d:
db:8b:e2:6c:bb:00:35:25:37:ac:28:b7:c9:f1:46:ad:f6:17:
a9:8e:07:8f:97:9c:34:5c:84:6e:45:a7:e1:3a:92:1f:22:f8:
62:3b:13:d8:53:b2:55:99:9a:eb:01:37:66:3e:ad:39:56:ae:
7f:ef:48:e6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSszC38aQ7L5RxgB4Ak9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGE3NTcxYzVlYjEzYjFhZTRmNDQxN2NlZmVjMmJkNzc5
MDJlMmQwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNmYjMxMDU5MDkxMTMyNzE5NWQwMjVhMTI4NDY1NGRmZTE4N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2+JekCfVoT1/kdyVV363y0uYpn+
KW7+LOQKZQoU/8knYJg8zjdaY9LJ9mCLCOfl+AhVLdS2lpwpWx8E783ZOGklN/cc
Op3aq4gdHfPqWV3W4XgwCWIP2XbwOwnxZVhmoMiLbZLU0jBz5IVC7j9YLrbiBJw+
FrM10gRt8AzMjeHN7iI4DkasDlvnlHgVzLXpZOck42uPGLPjVxKmrH5gZSljEooo
UzQ1wg+wI1E+FQPiNaac4BLKvB+LIHf3UK7Q9RLF2fuevkz/8UKe7woGdgGsMT52
76x6uocXSwvrtTavaeOeSmLHGfHXf2EMXHBW4RODI0pFhQWm+DF5q++L8QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFU/sxBZCREycZXQJaEoRlTf4YesMB8GA1UdIwQY
MBaAFAXadXHF6xOxrk9EF87+wr13kC4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEt
MzY1NTMwMmJmMDA1LzEvVlQtekVGa0pFVEp4bGRBbG9TaEdWTl9oaDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEtMzY1NTMwMmJmMDA1
LzEvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuXD0MBoE
AgACMBQwEgMHACoCbkAAAwMHACoCbkAABDANBgkqhkiG9w0BAQsFAAOCAQEAQiqV
nwx3+c4cF/Vzot8EZm5bd6ycOhY+FT55lo2pR8z8I+gzLussnCBL+qcMf8wpEg4k
BDtG6hbK+z1FK8zNOovp3eLAwyB7w3t02oydKPf8/fkBn+mJdHdK/r4UIKtLRfBQ
tsf508D/hWckpnXLw2jEvwjAZymms+iogGZSX3lEvbM0Uf+NGt8tPPZi1eFhZKV0
HpkBQ2mjK0AjpoWWSLxdjWFGZl4hutshPkyB0mXMkqnJH94dK87DD8Tpy5+Z0Pze
9BEd24vibLsANSU3rCi3yfFGrfYXqY4Hj5ecNFyEbkWn4TqSHyL4YjsT2FOyVZma
6wE3Zj6tOVauf+9I5g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:04:56 2024 by rpki-client on console-fra.rpki-client.org