Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/VmnRNDp8cj1thk5jEC8rF0BNcss.roa
File: VmnRNDp8cj1thk5jEC8rF0BNcss.roa (raw, json)
Hash identifier: JPG+k9NTinWcFJZyBE8bm4hFqF26v1B/gpTlWIVq8VA=
Subject key identifier: 56:69:D1:34:3A:7C:72:3D:6D:86:4E:63:10:2F:2B:17:40:4D:72:CB
Certificate issuer: /CN=593897174f967490dbf6189d479df2c9371bf404
Certificate serial: 0191E685B84766BBF33353748A30536F72EE
Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/VmnRNDp8cj1thk5jEC8rF0BNcss.roa
Signing time: Thu 12 Sep 2024 13:56:48 +0000
ROA not before: Thu 12 Sep 2024 13:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8495
IP address blocks: 185.67.36.0/23 maxlen: 23
185.67.36.0/24 maxlen: 24
185.67.37.0/24 maxlen: 24
2a05:bc0::/32 maxlen: 32
2a05:bc0:1000::/47 maxlen: 47
2a05:bc0:1000::/48 maxlen: 48
2a05:bc0:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:85:b8:47:66:bb:f3:33:53:74:8a:30:53:6f:72:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=593897174f967490dbf6189d479df2c9371bf404
Validity
Not Before: Sep 12 13:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5669d1343a7c723d6d864e63102f2b17404d72cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b3:b3:3b:56:fe:2a:6a:6c:3e:79:51:b8:a6:
46:48:0f:66:ab:c2:cb:88:39:08:c8:eb:73:8c:4a:
93:51:36:dc:bd:33:06:d4:ea:3b:16:af:25:65:02:
3c:cf:b2:6a:2a:2c:c5:77:de:fd:09:b9:fe:20:86:
d4:05:4d:8e:d6:cb:e0:2e:4c:38:0a:1d:a6:41:c7:
e4:bd:c3:f0:79:7c:d3:09:7e:7e:88:7b:ab:64:c8:
e3:cf:6b:1f:89:69:74:ff:f1:bb:bb:91:67:f6:54:
c5:ef:2b:da:a4:77:12:2f:56:70:95:7f:ea:5c:5d:
f4:37:b1:43:c9:a3:03:ae:9b:ad:aa:13:76:da:0b:
f5:53:40:e5:38:ff:8c:3d:a3:b0:ac:43:3e:5e:41:
06:52:b0:f1:29:1e:00:75:97:08:63:89:74:c2:8e:
79:f7:05:cb:02:64:f2:67:15:bd:8b:64:9c:07:ec:
0e:45:c2:69:0d:51:09:56:cf:a6:aa:db:81:dc:9e:
71:2d:e3:f0:ae:06:ff:1f:3a:0a:01:0c:ee:d9:7a:
a2:06:45:cd:f3:57:52:3a:c0:9f:c6:58:20:86:8b:
5c:38:eb:cd:60:c3:79:17:c0:a5:2c:a3:59:11:49:
05:50:b4:0a:e3:66:af:9e:0a:9b:da:91:ed:26:4a:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:69:D1:34:3A:7C:72:3D:6D:86:4E:63:10:2F:2B:17:40:4D:72:CB
X509v3 Authority Key Identifier:
keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/VmnRNDp8cj1thk5jEC8rF0BNcss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.36.0/23
IPv6:
2a05:bc0::/32
Signature Algorithm: sha256WithRSAEncryption
82:9a:59:a3:11:d1:e6:44:e2:38:3a:5a:c9:e2:81:0a:c2:b3:
8f:cd:ce:f1:0f:ea:0e:f1:2d:b4:19:6a:65:fb:b8:0a:1d:fa:
c8:f3:7e:f8:c9:3d:d4:84:9c:85:9f:e9:29:42:ab:07:1d:71:
06:4f:02:80:62:16:b2:49:46:4f:ac:0e:1e:36:7c:ec:37:d9:
01:44:a7:2b:16:d7:34:7b:42:a4:de:56:3f:b5:c1:35:51:a7:
b1:a2:54:b5:f4:cd:1f:68:95:c4:cf:23:d5:d7:cb:e9:a6:91:
65:92:12:47:37:b3:14:fb:27:9a:de:58:c5:f5:10:90:3d:24:
02:31:86:ac:5c:ac:c2:6d:b8:bf:38:59:bf:63:69:63:d3:39:
0f:32:95:f1:5c:f3:aa:bc:fb:cc:82:e1:4b:89:3d:55:5e:c3:
8f:16:9a:94:e3:45:c2:0b:bd:f5:a8:bb:49:bc:0a:18:e1:01:
19:49:e0:6f:df:35:57:94:43:17:68:03:19:06:bf:af:5d:28:
58:20:9d:3d:99:24:bc:b8:f1:94:7e:d7:d3:d0:8c:8b:68:b7:
29:67:06:a7:78:5e:38:2c:e7:0a:af:01:3a:af:70:5a:3b:ec:
26:2b:ce:c5:a1:9a:cb:76:02:71:26:77:3d:8e:75:12:70:24:
41:c5:8b:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZHmhbhHZrvzM1N0ijBTb3LuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx
YmY0MDQwHhcNMjQwOTEyMTM1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY5ZDEzNDNhN2M3MjNkNmQ4NjRlNjMxMDJmMmIxNzQwNGQ3MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbOzO1b+KmpsPnlRuKZGSA9mq8LL
iDkIyOtzjEqTUTbcvTMG1Oo7Fq8lZQI8z7JqKizFd979Cbn+IIbUBU2O1svgLkw4
Ch2mQcfkvcPweXzTCX5+iHurZMjjz2sfiWl0//G7u5Fn9lTF7yvapHcSL1ZwlX/q
XF30N7FDyaMDrputqhN22gv1U0DlOP+MPaOwrEM+XkEGUrDxKR4AdZcIY4l0wo55
9wXLAmTyZxW9i2ScB+wORcJpDVEJVs+mqtuB3J5xLePwrgb/HzoKAQzu2XqiBkXN
81dSOsCfxlgghotcOOvNYMN5F8ClLKNZEUkFULQK42avngqb2pHtJkopHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFZp0TQ6fHI9bYZOYxAvKxdATXLLMB8GA1UdIwQY
MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt
NWY4ZmM3MDc4MzZhLzEvVm1uUk5EcDhjajF0aGs1akVDOHJGMEJOY3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh
LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuUMkMA0E
AgACMAcDBQAqBQvAMA0GCSqGSIb3DQEBCwUAA4IBAQCCmlmjEdHmROI4OlrJ4oEK
wrOPzc7xD+oO8S20GWpl+7gKHfrI8374yT3UhJyFn+kpQqsHHXEGTwKAYhaySUZP
rA4eNnzsN9kBRKcrFtc0e0Kk3lY/tcE1UaexolS19M0faJXEzyPV18vpppFlkhJH
N7MU+yea3ljF9RCQPSQCMYasXKzCbbi/OFm/Y2lj0zkPMpXxXPOqvPvMguFLiT1V
XsOPFpqU40XCC731qLtJvAoY4QEZSeBv3zVXlEMXaAMZBr+vXShYIJ09mSS8uPGU
ftfT0IyLaLcpZwaneF44LOcKrwE6r3BaO+wmK87FoZrLdgJxJnc9jnUScCRBxYuZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:42 2024 by rpki-client on console-fra.rpki-client.org