Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/VW3ttL3L-4w0cKZHcRkmo3vUZE8.roa
File: VW3ttL3L-4w0cKZHcRkmo3vUZE8.roa (raw, json)
Hash identifier: klHoW1lifSnAsl2IplPfu+DJuk4awAomQg3QBduk17k=
Subject key identifier: 55:6D:ED:B4:BD:CB:FB:8C:34:70:A6:47:71:19:26:A3:7B:D4:64:4F
Certificate issuer: /CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Certificate serial: 018CCA2BE443BE33CCBA3355AD0A70823EE4
Authority key identifier: 07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/VW3ttL3L-4w0cKZHcRkmo3vUZE8.roa
Signing time: Tue 02 Jan 2024 12:35:23 +0000
ROA not before: Tue 02 Jan 2024 12:35:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201978
IP address blocks: 185.114.20.0/24 maxlen: 24
185.114.23.0/24 maxlen: 24
185.114.21.0/24 maxlen: 24
185.114.22.0/24 maxlen: 24
194.61.119.0/24 maxlen: 24
185.146.89.0/24 maxlen: 24
185.146.90.0/24 maxlen: 24
185.146.88.0/24 maxlen: 24
185.146.91.0/24 maxlen: 24
185.1.132.0/24 maxlen: 24
185.169.53.0/24 maxlen: 24
185.169.54.0/24 maxlen: 24
185.169.52.0/24 maxlen: 24
185.169.55.0/24 maxlen: 24
194.61.117.0/24 maxlen: 24
194.61.118.0/24 maxlen: 24
194.61.116.0/24 maxlen: 24
185.50.68.0/24 maxlen: 24
185.50.69.0/24 maxlen: 24
185.50.71.0/24 maxlen: 24
185.50.70.0/24 maxlen: 24
2a0a:3900::/29 maxlen: 29
2a01:a420::/29 maxlen: 29
2a0f:d500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:e4:43:be:33:cc:ba:33:55:ad:0a:70:82:3e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Validity
Not Before: Jan 2 12:35:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=556dedb4bdcbfb8c3470a647711926a37bd4644f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7e:5d:55:3c:51:97:5f:ab:b1:de:13:57:4f:
02:d7:57:68:bb:35:de:2c:32:04:86:48:82:0b:6f:
c1:1c:c5:4b:0d:33:03:19:ab:b5:fe:c9:af:2d:a4:
c1:59:d3:a1:4f:aa:4c:b6:dc:b2:3b:4a:3d:3c:ac:
8f:e4:ca:c1:0e:44:9e:77:7e:b0:56:44:af:fe:f4:
9f:ff:c1:39:49:b3:40:ac:a8:24:7f:b6:a3:19:52:
fa:06:2d:da:ae:89:e4:2d:90:31:d3:2b:0f:82:ad:
9a:f6:0e:25:ba:6b:d9:0e:f5:9e:f3:cb:37:26:31:
58:96:0d:02:e2:a9:c9:56:37:0e:3d:46:8e:5d:ad:
9c:8b:01:32:bb:7a:ea:ff:5b:60:f2:26:43:ae:78:
77:45:22:0d:3e:1e:fe:24:97:ef:97:1c:0c:8c:9f:
1f:65:be:95:03:38:00:d1:91:0a:60:7a:9a:c9:82:
f8:4a:62:93:65:fb:66:c5:54:73:a9:f8:bf:be:e2:
3b:4e:79:5b:a2:d8:15:df:c2:2f:4e:88:b0:69:62:
18:a5:74:66:32:8b:60:74:d0:f9:6a:fe:56:d4:5a:
ed:51:d2:b6:ca:4f:b5:f9:3d:70:2b:24:a1:13:b2:
de:15:f4:f2:3f:b8:54:86:39:65:ea:03:f3:2c:29:
0e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6D:ED:B4:BD:CB:FB:8C:34:70:A6:47:71:19:26:A3:7B:D4:64:4F
X509v3 Authority Key Identifier:
keyid:07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/VW3ttL3L-4w0cKZHcRkmo3vUZE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.132.0/24
185.50.68.0/22
185.114.20.0/22
185.146.88.0/22
185.169.52.0/22
194.61.116.0/22
IPv6:
2a01:a420::/29
2a0a:3900::/29
2a0f:d500::/29
Signature Algorithm: sha256WithRSAEncryption
65:24:f7:d4:37:d6:0c:4f:14:41:06:08:5e:98:e4:7d:39:a4:
a4:94:75:20:75:ed:e0:30:3d:16:36:a5:68:9a:e5:b6:8a:e2:
6c:bb:1e:69:3d:f0:ef:ac:b4:b0:ee:d7:bc:2c:69:3e:33:ad:
52:2a:be:8e:64:ec:86:a3:33:70:de:5e:f6:91:a2:12:90:97:
60:3d:35:23:49:81:e4:29:00:fb:6e:12:8b:66:7c:94:d2:f2:
0c:19:0c:0f:a7:88:38:83:b2:1a:fa:c5:d3:a3:bd:42:71:5f:
16:d7:c5:3a:db:65:8d:45:72:90:2b:73:a7:2a:e3:b6:86:07:
38:77:ba:c1:d9:8a:bb:ab:c0:9c:9c:f7:21:47:42:a8:96:34:
a6:87:66:e9:d1:59:0e:ea:60:01:97:0f:00:b9:0a:8f:4d:de:
47:42:25:08:8a:a5:19:25:e8:9b:3c:1b:f0:0c:ac:3b:41:cf:
8e:72:d1:65:15:23:3f:37:2b:9f:49:29:06:5f:5d:ba:27:eb:
4e:38:a9:4c:15:82:da:26:8c:f7:21:b3:2d:3c:6d:17:08:c8:
b6:52:b1:05:df:f2:9f:39:1c:8a:f6:83:de:2c:0a:7f:51:b6:
ea:ff:e0:04:49:21:a4:88:9d:43:2a:32:07:30:b3:a8:23:33:
39:00:82:e8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzKK+RDvjPMujNVrQpwgj7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODYyOWY1ZjYxZmIyNTU2NDI4NGZiZmVmZmI5M2MzZWQ0
NGJmZTIwHhcNMjQwMTAyMTIzNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTZkZWRiNGJkY2JmYjhjMzQ3MGE2NDc3MTE5MjZhMzdiZDQ2NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon5dVTxRl1+rsd4TV08C11douzXe
LDIEhkiCC2/BHMVLDTMDGau1/smvLaTBWdOhT6pMttyyO0o9PKyP5MrBDkSed36w
VkSv/vSf/8E5SbNArKgkf7ajGVL6Bi3aronkLZAx0ysPgq2a9g4lumvZDvWe88s3
JjFYlg0C4qnJVjcOPUaOXa2ciwEyu3rq/1tg8iZDrnh3RSINPh7+JJfvlxwMjJ8f
Zb6VAzgA0ZEKYHqayYL4SmKTZftmxVRzqfi/vuI7TnlbotgV38IvToiwaWIYpXRm
MotgdND5av5W1FrtUdK2yk+1+T1wKyShE7LeFfTyP7hUhjll6gPzLCkOkQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFFVt7bS9y/uMNHCmR3EZJqN71GRPMB8GA1UdIwQY
MBaAFAeGKfX2H7JVZChPv+/7k8PtRL/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjkt
NjNhZjJjNGY0MDIwLzEvVlczdHRMM0wtNHcwY0taSGNSa21vM3ZVWkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjktNjNhZjJjNGY0MDIw
LzEvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQAuQGEAwQC
uTJEAwQCuXIUAwQCuZJYAwQCuak0AwQCwj10MBsEAgACMBUDBQMqAaQgAwUDKgo5
AAMFAyoP1QAwDQYJKoZIhvcNAQELBQADggEBAGUk99Q31gxPFEEGCF6Y5H05pKSU
dSB17eAwPRY2pWia5baK4my7Hmk98O+stLDu17wsaT4zrVIqvo5k7IajM3DeXvaR
ohKQl2A9NSNJgeQpAPtuEotmfJTS8gwZDA+niDiDshr6xdOjvUJxXxbXxTrbZY1F
cpArc6cq47aGBzh3usHZirurwJyc9yFHQqiWNKaHZunRWQ7qYAGXDwC5Co9N3kdC
JQiKpRkl6Js8G/AMrDtBz45y0WUVIz83K59JKQZfXbon6044qUwVgtomjPchsy08
bRcIyLZSsQXf8p85HIr2g94sCn9Rtur/4ARJIaSInUMqMgcws6gjMzkAgug=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:59:04 2024 by rpki-client on console-fra.rpki-client.org