Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/1VBYGwFuuqZwkirkbCwCeghTmzM.roa
File: 1VBYGwFuuqZwkirkbCwCeghTmzM.roa (raw, json)
Hash identifier: naAWt0Vnm9Zfz50WxlVwDqFDYAxil/BDxkCZ/KqN01I=
Subject key identifier: D5:50:58:1B:01:6E:BA:A6:70:92:2A:E4:6C:2C:02:7A:08:53:9B:33
Certificate issuer: /CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Certificate serial: 018CC8017AB9EA92E04DCA963FECC1E4B840
Authority key identifier: AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/1VBYGwFuuqZwkirkbCwCeghTmzM.roa
Signing time: Tue 02 Jan 2024 02:29:49 +0000
ROA not before: Tue 02 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199298
IP address blocks: 185.21.220.0/22 maxlen: 22
2a00:5c20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7a:b9:ea:92:e0:4d:ca:96:3f:ec:c1:e4:b8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Validity
Not Before: Jan 2 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d550581b016ebaa670922ae46c2c027a08539b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:c7:10:bc:14:b5:55:11:b5:53:85:eb:fc:
4c:ef:b0:6b:84:c8:68:36:1f:92:8b:bd:cc:5a:d3:
a5:89:78:72:27:2b:8c:26:e4:75:74:67:60:c1:81:
15:6e:b3:ec:fe:09:2a:27:bf:d2:b4:a4:f6:7d:c4:
a1:df:b7:ef:33:09:2c:62:14:b7:a7:9f:6b:2b:07:
a0:07:03:a8:e7:88:7f:02:1b:dc:9a:09:db:bf:c0:
d7:1f:35:82:3e:27:cd:58:83:f7:d7:bd:d2:91:31:
70:a3:3e:f9:26:e9:91:94:3f:17:de:60:8b:c3:e8:
f6:57:e2:be:7c:f6:c9:8b:d1:fe:e1:7c:d2:58:a0:
6a:f1:fe:24:57:92:48:24:17:d0:8f:e9:30:22:8c:
80:b5:3a:bc:44:1c:45:07:dc:66:47:af:51:4e:11:
10:a5:fa:ce:af:88:13:ba:39:7f:17:13:46:52:c9:
59:66:92:a4:22:76:ee:d5:3b:0d:11:be:db:24:d2:
cf:eb:73:db:84:4e:d0:7c:b8:e1:33:be:21:d3:19:
8f:f8:a6:49:74:8c:16:ef:bf:a8:e8:0a:1a:69:5e:
d7:c0:c2:ee:7a:3a:24:1a:4c:c2:a8:34:f9:e7:a0:
53:30:54:99:6b:8e:1d:a4:b1:be:ae:aa:bb:83:1d:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:50:58:1B:01:6E:BA:A6:70:92:2A:E4:6C:2C:02:7A:08:53:9B:33
X509v3 Authority Key Identifier:
keyid:AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/1VBYGwFuuqZwkirkbCwCeghTmzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.220.0/22
IPv6:
2a00:5c20::/32
Signature Algorithm: sha256WithRSAEncryption
0a:21:33:70:ac:b0:41:91:c3:49:3f:81:4c:d1:a4:8b:fd:04:
32:9d:8d:a5:f7:72:b9:92:19:30:bb:08:51:b8:e8:1f:81:8f:
bb:c6:df:5f:21:b7:55:f6:9a:39:02:59:7a:81:53:32:73:d1:
ef:c0:59:80:89:13:a4:32:1d:16:72:92:56:15:81:bb:a7:e3:
d6:5d:c4:56:ed:0a:97:1b:6a:5c:1f:83:1b:ef:f3:cf:cf:b4:
97:a0:3c:d6:60:47:1e:cf:8b:f8:28:b3:5d:d4:28:90:d7:59:
aa:3a:d2:be:b3:41:bc:1f:d5:88:4a:28:6b:cd:ec:aa:6b:c1:
09:af:6e:ed:ec:3a:00:ac:bb:01:2a:d4:7a:bc:0d:95:20:65:
e8:b3:43:2f:86:f7:35:d7:c0:83:4f:83:fc:18:ea:64:4b:85:
46:3f:87:a5:8e:95:71:14:50:ea:6c:f0:96:55:32:e1:79:b5:
e9:69:32:ef:08:8b:bf:90:29:c1:10:f0:8a:21:95:e6:7f:d1:
a0:e1:ca:ff:96:0b:38:10:5c:6f:65:71:40:e6:3d:1f:92:cb:
49:26:8b:88:ec:6e:52:91:90:eb:f7:57:31:82:4b:74:62:12:
38:0e:45:27:68:a1:3b:12:69:f6:14:c4:5f:fe:a7:ed:c5:22:
90:85:10:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAXq56pLgTcqWP+zB5LhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2MxZDMwZWRlZWFiNTRiNTgxMmE5OTBhOTQzZTNlOGZl
ODM5MWQwHhcNMjQwMTAyMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTUwNTgxYjAxNmViYWE2NzA5MjJhZTQ2YzJjMDI3YTA4NTM5YjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16/HELwUtVURtVOF6/xM77BrhMho
Nh+Si73MWtOliXhyJyuMJuR1dGdgwYEVbrPs/gkqJ7/StKT2fcSh37fvMwksYhS3
p59rKwegBwOo54h/Ahvcmgnbv8DXHzWCPifNWIP3173SkTFwoz75JumRlD8X3mCL
w+j2V+K+fPbJi9H+4XzSWKBq8f4kV5JIJBfQj+kwIoyAtTq8RBxFB9xmR69RThEQ
pfrOr4gTujl/FxNGUslZZpKkInbu1TsNEb7bJNLP63PbhE7QfLjhM74h0xmP+KZJ
dIwW77+o6AoaaV7XwMLuejokGkzCqDT556BTMFSZa44dpLG+rqq7gx0uDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNVQWBsBbrqmcJIq5GwsAnoIU5szMB8GA1UdIwQY
MBaAFK/MHTDt7qtUtYEqmQqUPj6P6DkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjct
YTIyMGZlNmEyYTI1LzEvMVZCWUd3RnV1cVp3a2lya2JDd0NlZ2hUbXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjctYTIyMGZlNmEyYTI1
LzEvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRXcMA0E
AgACMAcDBQAqAFwgMA0GCSqGSIb3DQEBCwUAA4IBAQAKITNwrLBBkcNJP4FM0aSL
/QQynY2l93K5khkwuwhRuOgfgY+7xt9fIbdV9po5All6gVMyc9HvwFmAiROkMh0W
cpJWFYG7p+PWXcRW7QqXG2pcH4Mb7/PPz7SXoDzWYEcez4v4KLNd1CiQ11mqOtK+
s0G8H9WISihrzeyqa8EJr27t7DoArLsBKtR6vA2VIGXos0Mvhvc118CDT4P8GOpk
S4VGP4eljpVxFFDqbPCWVTLhebXpaTLvCIu/kCnBEPCKIZXmf9Gg4cr/lgs4EFxv
ZXFA5j0fkstJJouI7G5SkZDr91cxgkt0YhI4DkUnaKE7Emn2FMRf/qftxSKQhRDR
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:30 2024 by rpki-client on console-ams.rpki-client.org