Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/vbkPuzpswYjs-tZxO7zbhgNugTg.roa
File: vbkPuzpswYjs-tZxO7zbhgNugTg.roa (raw, json)
Hash identifier: FMdM+IV4NMo/Nff+Y7aMkhg5DbsiMeHgz6FLsbIDMKg=
Subject key identifier: BD:B9:0F:BB:3A:6C:C1:88:EC:FA:D6:71:3B:BC:DB:86:03:6E:81:38
Certificate issuer: /CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Certificate serial: 018CC424A8D003691D7710461A169E24D9A0
Authority key identifier: 0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/vbkPuzpswYjs-tZxO7zbhgNugTg.roa
Signing time: Mon 01 Jan 2024 08:29:45 +0000
ROA not before: Mon 01 Jan 2024 08:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48391
IP address blocks: 185.115.168.0/24 maxlen: 24
185.115.171.0/24 maxlen: 24
185.115.170.0/24 maxlen: 24
185.115.169.0/24 maxlen: 24
185.23.128.0/24 maxlen: 24
185.23.131.0/24 maxlen: 24
185.23.130.0/24 maxlen: 24
185.23.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:a8:d0:03:69:1d:77:10:46:1a:16:9e:24:d9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6fa156c57c4e885b9e6af8230b654d796a5611
Validity
Not Before: Jan 1 08:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdb90fbb3a6cc188ecfad6713bbcdb86036e8138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:b6:61:5a:18:af:5f:bf:67:9b:91:6b:2b:
fe:70:d2:b6:12:91:fb:10:7c:5e:19:b0:db:e8:52:
81:1d:98:64:6d:c4:59:e0:3b:79:8b:5e:b4:27:21:
5d:2c:51:0e:cc:e4:e2:86:2d:cf:71:2b:d9:16:ef:
1c:51:36:1a:29:17:ea:d8:d7:fa:dd:68:28:44:a7:
6f:02:df:4b:b4:4f:f5:41:30:d0:f7:61:40:e8:be:
dd:95:4c:ca:77:dd:72:53:d6:8a:62:33:14:9c:59:
74:ca:28:53:6d:ba:74:40:dc:39:0b:e8:bc:00:d3:
d1:dd:96:c6:7f:23:a3:2b:3a:08:c7:50:61:db:41:
70:08:e1:fa:5f:e2:ae:1a:fe:43:55:60:5a:58:66:
dc:b4:ff:54:66:e8:8c:e4:68:f4:18:7e:f2:24:4f:
e5:da:6d:1d:67:20:e7:92:16:32:31:eb:bc:aa:fe:
fe:6f:18:a1:11:1e:94:e4:f8:63:b6:57:12:d3:e6:
54:a2:6c:9e:22:0c:55:54:9a:4f:9b:58:99:2c:ba:
97:ce:c1:29:18:70:93:a1:43:2e:c6:98:c6:9b:b1:
6d:1b:63:a4:4a:54:25:31:d0:b6:16:bb:05:8f:da:
77:cb:85:74:3a:e4:95:fa:92:df:07:a1:22:71:6e:
ea:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B9:0F:BB:3A:6C:C1:88:EC:FA:D6:71:3B:BC:DB:86:03:6E:81:38
X509v3 Authority Key Identifier:
keyid:0C:6F:A1:56:C5:7C:4E:88:5B:9E:6A:F8:23:0B:65:4D:79:6A:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DG-hVsV8Tohbnmr4IwtlTXlqVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/vbkPuzpswYjs-tZxO7zbhgNugTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/48c56d-5727-42ba-80c4-b8c36ecedad8/1/DG-hVsV8Tohbnmr4IwtlTXlqVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.128.0/22
185.115.168.0/22
Signature Algorithm: sha256WithRSAEncryption
96:86:b5:55:9b:44:35:17:3e:e3:37:c5:4f:13:a1:99:25:e0:
d0:f7:69:76:12:96:0d:1c:aa:a9:f0:a8:6c:14:cd:0b:70:82:
de:72:7b:ac:45:12:a5:23:c6:f3:e0:16:97:be:44:af:3f:7d:
72:6c:68:8d:c6:d0:25:ee:bd:c3:c7:e4:5a:38:9d:33:51:ca:
fa:93:98:6e:6c:d8:ff:58:de:39:2d:f2:d9:29:7a:56:d6:79:
d8:c9:43:dd:43:2d:43:c1:2b:b3:53:52:6b:05:d4:d8:92:2d:
f9:e8:ac:3b:98:9e:2e:e2:7c:ba:65:f2:1a:67:a1:6b:16:ab:
a6:7d:f4:f4:9b:73:56:b1:d2:92:11:eb:bd:79:0f:a3:2c:90:
2b:42:95:92:9c:ee:d9:0e:a7:a6:f0:7c:1e:cc:f6:9b:02:8a:
56:2c:38:8c:bc:de:11:0a:2c:12:19:b8:d7:1a:46:bf:15:33:
7a:91:53:f1:46:12:00:b3:aa:b1:3f:11:eb:e0:e3:5c:d8:df:
be:2a:c5:31:86:37:e0:49:d2:ed:0c:1e:15:4e:99:68:33:2e:
7d:dc:55:11:21:97:20:f6:12:fa:14:86:7c:e8:ae:87:c0:7e:
3c:12:26:c7:03:f9:f1:be:0b:37:4a:b5:f8:6b:8e:86:0b:a6:
3c:bc:ad:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJKjQA2kddxBGGhaeJNmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNmZhMTU2YzU3YzRlODg1YjllNmFmODIzMGI2NTRkNzk2
YTU2MTEwHhcNMjQwMTAxMDgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGI5MGZiYjNhNmNjMTg4ZWNmYWQ2NzEzYmJjZGI4NjAzNmU4MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmC2YVoYr1+/Z5uRayv+cNK2EpH7
EHxeGbDb6FKBHZhkbcRZ4Dt5i160JyFdLFEOzOTihi3PcSvZFu8cUTYaKRfq2Nf6
3WgoRKdvAt9LtE/1QTDQ92FA6L7dlUzKd91yU9aKYjMUnFl0yihTbbp0QNw5C+i8
ANPR3ZbGfyOjKzoIx1Bh20FwCOH6X+KuGv5DVWBaWGbctP9UZuiM5Gj0GH7yJE/l
2m0dZyDnkhYyMeu8qv7+bxihER6U5PhjtlcS0+ZUomyeIgxVVJpPm1iZLLqXzsEp
GHCToUMuxpjGm7FtG2OkSlQlMdC2FrsFj9p3y4V0OuSV+pLfB6EicW7q9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL25D7s6bMGI7PrWcTu824YDboE4MB8GA1UdIwQY
MBaAFAxvoVbFfE6IW55q+CMLZU15alYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQt
YjhjMzZlY2VkYWQ4LzEvdmJrUHV6cHN3WWpzLXRaeE83emJoZ051Z1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80OGM1NmQtNTcyNy00MmJhLTgwYzQtYjhjMzZlY2VkYWQ4
LzEvREctaFZzVjhUb2hibm1yNEl3dGxUWGxxVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuReAAwQC
uXOoMA0GCSqGSIb3DQEBCwUAA4IBAQCWhrVVm0Q1Fz7jN8VPE6GZJeDQ92l2EpYN
HKqp8KhsFM0LcILecnusRRKlI8bz4BaXvkSvP31ybGiNxtAl7r3Dx+RaOJ0zUcr6
k5hubNj/WN45LfLZKXpW1nnYyUPdQy1DwSuzU1JrBdTYki356Kw7mJ4u4ny6ZfIa
Z6FrFqumffT0m3NWsdKSEeu9eQ+jLJArQpWSnO7ZDqem8HwezPabAopWLDiMvN4R
CiwSGbjXGka/FTN6kVPxRhIAs6qxPxHr4ONc2N++KsUxhjfgSdLtDB4VTploMy59
3FURIZcg9hL6FIZ86K6HwH48EibHA/nxvgs3SrX4a46GC6Y8vK3T
-----END CERTIFICATE-----
Generated at Tue May 21 02:35:00 2024 by rpki-client on console-ams.rpki-client.org