Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/bVelgazzacUJ0HYSO0pwzkUE6Bk.roa
File: bVelgazzacUJ0HYSO0pwzkUE6Bk.roa (raw, json)
Hash identifier: HgU/G/f7A+21gDvSRV8VDNJLH/hG2LEqOVJ++eScOW0=
Subject key identifier: 6D:57:A5:81:AC:F3:69:C5:09:D0:76:12:3B:4A:70:CE:45:04:E8:19
Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Certificate serial: 01909C73D17449B46CF4996C47259490E109
Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/bVelgazzacUJ0HYSO0pwzkUE6Bk.roa
Signing time: Wed 10 Jul 2024 11:42:34 +0000
ROA not before: Wed 10 Jul 2024 11:42:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 46.226.52.0/23 maxlen: 23
85.158.140.0/24 maxlen: 24
85.158.141.0/24 maxlen: 24
85.158.142.0/24 maxlen: 24
85.158.143.0/24 maxlen: 24
193.109.254.0/24 maxlen: 24
193.109.255.0/24 maxlen: 24
195.245.230.0/24 maxlen: 24
195.245.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:73:d1:74:49:b4:6c:f4:99:6c:47:25:94:90:e1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Validity
Not Before: Jul 10 11:42:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d57a581acf369c509d076123b4a70ce4504e819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a6:f1:79:b3:e8:75:55:52:53:4b:63:13:3d:
14:c6:19:fe:e5:f4:c7:3b:56:9e:d3:2a:f6:f7:5d:
8c:ef:61:bc:ac:2f:5f:1f:07:d1:27:81:58:ed:8b:
73:23:72:5a:a1:5e:bb:82:c0:f3:0c:1a:c4:04:47:
cd:c6:26:41:47:91:3a:07:04:29:7e:8f:9f:fc:44:
74:f2:81:43:ef:77:b3:b3:30:15:d5:3d:cf:70:a1:
a6:9c:16:8b:db:a6:9a:a1:ca:7d:d4:26:8a:64:f2:
1c:fb:31:0c:a4:af:05:5b:d2:ed:13:e3:82:53:8d:
32:46:12:2f:89:dd:9c:96:c2:da:98:2a:12:89:b0:
74:37:95:92:8e:06:58:01:13:95:10:bf:2e:de:7c:
0b:9a:fe:52:aa:a2:88:dd:0d:e4:86:bd:d7:8d:b0:
c0:f4:ff:cc:a6:f5:e5:df:97:d5:de:75:21:d9:27:
5d:d6:2e:c7:dc:4b:c4:08:d7:7c:93:45:cc:3c:a9:
10:4c:04:d8:e8:6b:9a:fe:b7:71:54:02:b0:5b:71:
7d:35:9f:f4:80:1c:9f:2c:d5:e3:f5:89:74:ae:b5:
fd:00:18:23:e5:81:19:5c:58:98:c7:04:65:a4:2c:
bc:0e:39:77:4a:9a:86:7f:e8:92:0c:2f:1d:5e:b5:
6c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:57:A5:81:AC:F3:69:C5:09:D0:76:12:3B:4A:70:CE:45:04:E8:19
X509v3 Authority Key Identifier:
keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/bVelgazzacUJ0HYSO0pwzkUE6Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.52.0/23
85.158.140.0/22
193.109.254.0/23
195.245.230.0/23
Signature Algorithm: sha256WithRSAEncryption
08:8d:2a:ad:98:fa:a4:68:cd:17:a2:3d:b3:c9:be:b4:9a:d4:
c3:59:6c:12:c3:8a:40:80:86:19:13:93:a2:b5:66:af:80:91:
d2:e5:88:09:ae:f0:61:b5:91:6f:af:0c:51:bd:e5:02:9f:2a:
16:db:37:28:87:ac:34:29:f8:4b:2c:9f:f7:13:25:4d:00:25:
87:8d:be:78:1f:8b:2b:1f:0a:1e:81:86:d0:08:99:5b:82:c9:
95:93:10:96:56:ce:33:d8:fa:ea:91:f6:5d:f8:4c:af:38:59:
79:63:83:ab:92:8a:c6:6f:d6:1c:60:f6:53:28:7f:ff:39:34:
c2:22:17:5f:80:0f:03:99:a1:d4:3f:67:6d:41:b6:88:fa:86:
bb:9a:2b:25:c8:36:f1:5c:15:3b:f0:31:53:ce:62:61:35:b5:
0c:d8:65:08:43:09:34:12:3e:1b:36:7d:b8:a8:0d:bb:01:00:
dc:27:d6:56:3e:76:a3:e3:5a:e7:74:9d:15:a4:36:3a:0d:1e:
ee:78:03:80:4d:ad:64:a6:6a:f8:44:f0:ac:60:8b:dc:92:6a:
a0:da:09:16:28:db:16:34:59:2d:cb:d6:13:86:8c:90:63:09:
ed:06:c6:c1:38:0f:05:87:7b:6a:d6:0d:f1:a6:63:0a:2e:4d:
b4:6e:ee:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCcc9F0SbRs9JlsRyWUkOEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk
MDc1YjEwHhcNMjQwNzEwMTE0MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDU3YTU4MWFjZjM2OWM1MDlkMDc2MTIzYjRhNzBjZTQ1MDRlODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KbxebPodVVSU0tjEz0Uxhn+5fTH
O1ae0yr2912M72G8rC9fHwfRJ4FY7YtzI3JaoV67gsDzDBrEBEfNxiZBR5E6BwQp
fo+f/ER08oFD73ezszAV1T3PcKGmnBaL26aaocp91CaKZPIc+zEMpK8FW9LtE+OC
U40yRhIvid2clsLamCoSibB0N5WSjgZYAROVEL8u3nwLmv5SqqKI3Q3khr3XjbDA
9P/MpvXl35fV3nUh2Sdd1i7H3EvECNd8k0XMPKkQTATY6Gua/rdxVAKwW3F9NZ/0
gByfLNXj9Yl0rrX9ABgj5YEZXFiYxwRlpCy8Djl3SpqGf+iSDC8dXrVsPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG1XpYGs82nFCdB2EjtKcM5FBOgZMB8GA1UdIwQY
MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt
Zjc3NGYxZWFmYmZmLzEvYlZlbGdhenphY1VKMEhZU08wcHd6a1VFNkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm
LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLuI0AwQC
VZ6MAwQBwW3+AwQBw/XmMA0GCSqGSIb3DQEBCwUAA4IBAQAIjSqtmPqkaM0Xoj2z
yb60mtTDWWwSw4pAgIYZE5OitWavgJHS5YgJrvBhtZFvrwxRveUCnyoW2zcoh6w0
KfhLLJ/3EyVNACWHjb54H4srHwoegYbQCJlbgsmVkxCWVs4z2PrqkfZd+EyvOFl5
Y4OrkorGb9YcYPZTKH//OTTCIhdfgA8DmaHUP2dtQbaI+oa7mislyDbxXBU78DFT
zmJhNbUM2GUIQwk0Ej4bNn24qA27AQDcJ9ZWPnaj41rndJ0VpDY6DR7ueAOATa1k
pmr4RPCsYIvckmqg2gkWKNsWNFkty9YThoyQYwntBsbBOA8Fh3tq1g3xpmMKLk20
bu5d
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:23:21 2024 by rpki-client on console-ams.rpki-client.org