Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VPxX5_5BnauLpH0EgKOIiKp8tGk.roa
File: VPxX5_5BnauLpH0EgKOIiKp8tGk.roa (raw, json)
Hash identifier: Zmidjq+/0Q1YTdmYfwP5T3/ooTY8JSHKJ1pr8XNzByk=
Subject key identifier: 54:FC:57:E7:FE:41:9D:AB:8B:A4:7D:04:80:A3:88:88:AA:7C:B4:69
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8028DCDD3DAC960909B1B5F7F7599E4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VPxX5_5BnauLpH0EgKOIiKp8tGk.roa
Signing time: Tue 02 Jan 2024 02:30:59 +0000
ROA not before: Tue 02 Jan 2024 02:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207046
IP address blocks: 185.247.4.0/22 maxlen: 24
194.113.28.0/22 maxlen: 24
185.247.5.0/24 maxlen: 24
185.247.6.0/23 maxlen: 24
194.146.220.0/22 maxlen: 22
185.224.220.0/22 maxlen: 22
178.212.225.0/24 maxlen: 24
185.221.16.0/23 maxlen: 23
185.227.206.0/24 maxlen: 24
45.134.84.0/22 maxlen: 24
185.227.207.0/24 maxlen: 24
185.249.204.0/22 maxlen: 22
185.250.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:8d:cd:d3:da:c9:60:90:9b:1b:5f:7f:75:99:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54fc57e7fe419dab8ba47d0480a38888aa7cb469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6a:fc:04:b1:52:3a:d8:33:61:4a:b1:70:af:
67:a1:45:56:71:48:07:cc:6c:e3:21:bf:28:ae:f5:
6a:a4:83:99:2c:fb:4d:35:b1:1a:48:dd:54:35:20:
70:2b:dc:7b:19:00:a4:a3:13:23:43:78:c2:64:3e:
ba:f5:aa:bd:4b:3e:57:34:60:88:35:72:62:77:68:
a2:9e:ff:fe:df:3a:97:f4:fe:6d:42:70:a1:e6:71:
5f:c8:5a:02:65:4b:f8:91:dc:f4:a8:2f:2f:ae:2e:
7d:9d:a1:db:06:1e:c5:d0:a6:39:89:03:6a:c7:9d:
e0:3c:c4:72:0a:ed:78:78:e2:cf:43:6e:a3:d9:4e:
ad:11:24:2d:dd:17:39:45:8f:70:ae:1f:f7:0d:77:
a0:ff:18:c0:9e:ff:f8:5e:a4:b4:86:57:3d:df:00:
54:9c:3f:bf:cc:07:7a:0b:3a:29:6d:1b:59:ff:a7:
1f:22:46:01:2c:47:a0:99:8d:92:65:c3:eb:fa:dd:
c3:a7:bf:22:ee:a7:ec:65:d3:e0:ee:c7:df:e7:c3:
d8:d7:50:94:7e:df:69:3a:a4:4d:73:e0:96:98:65:
c4:b2:d6:02:21:6f:b2:b1:7d:ae:23:62:56:19:16:
a6:06:00:86:5a:69:77:95:1a:51:38:e9:e7:61:1c:
7e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FC:57:E7:FE:41:9D:AB:8B:A4:7D:04:80:A3:88:88:AA:7C:B4:69
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VPxX5_5BnauLpH0EgKOIiKp8tGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
178.212.225.0/24
185.221.16.0/23
185.224.220.0/22
185.227.206.0/23
185.247.4.0/22
185.249.204.0/22
185.250.182.0/23
194.113.28.0/22
194.146.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:ec:92:e1:72:93:b9:45:3f:85:a2:51:56:79:91:d5:ae:dd:
fc:cc:08:9d:c0:22:bb:7d:cd:35:dd:bf:72:dd:0c:e8:f1:e0:
30:e6:a9:3b:e7:bb:30:b2:4d:53:c5:a5:81:14:71:95:15:5a:
78:fc:1e:cb:b7:ea:01:66:2a:c5:c3:e5:f4:58:c2:d2:0c:35:
bd:e8:31:cf:f4:a3:2f:a0:a5:ce:0f:b0:b0:a7:cf:89:d6:6c:
48:e5:25:d8:14:a2:56:8f:bd:87:c3:44:8a:45:30:bf:1e:d8:
37:3a:c4:63:fc:44:3d:47:df:21:71:63:08:c7:55:58:e6:9d:
56:1d:d3:62:d4:43:4d:39:cf:79:04:6e:2b:92:b5:99:83:e2:
2a:33:be:1e:c2:fe:6e:38:0c:f6:4b:f6:8d:88:57:55:9c:6c:
6a:1b:d5:79:a4:93:db:5d:15:db:b9:6b:22:43:fb:54:28:3d:
97:d3:25:a3:6b:f7:3d:5d:2f:66:77:93:a6:2e:79:d5:96:5f:
fc:f5:90:29:78:f2:4f:29:46:6e:40:01:c8:a7:84:5f:c5:8f:
96:24:9d:d9:3e:4e:fe:64:0d:99:3f:77:bc:37:d8:65:65:db:
3b:9b:05:04:40:d5:ff:c3:65:9e:c8:f1:84:e5:d2:99:62:64:
2e:fb:c6:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzIAo3N09rJYJCbG19/dZnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGZjNTdlN2ZlNDE5ZGFiOGJhNDdkMDQ4MGEzODg4OGFhN2NiNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumr8BLFSOtgzYUqxcK9noUVWcUgH
zGzjIb8orvVqpIOZLPtNNbEaSN1UNSBwK9x7GQCkoxMjQ3jCZD669aq9Sz5XNGCI
NXJid2iinv/+3zqX9P5tQnCh5nFfyFoCZUv4kdz0qC8vri59naHbBh7F0KY5iQNq
x53gPMRyCu14eOLPQ26j2U6tESQt3Rc5RY9wrh/3DXeg/xjAnv/4XqS0hlc93wBU
nD+/zAd6CzopbRtZ/6cfIkYBLEegmY2SZcPr+t3Dp78i7qfsZdPg7sff58PY11CU
ft9pOqRNc+CWmGXEstYCIW+ysX2uI2JWGRamBgCGWml3lRpROOnnYRx+3wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFT8V+f+QZ2ri6R9BICjiIiqfLRpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVlB4WDVfNUJuYXVMcEgwRWdLT0lpS3A4dEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYZUAwQA
stThAwQBud0QAwQCueDcAwQBuePOAwQCufcEAwQCufnMAwQBufq2AwQCwnEcAwQC
wpLcMA0GCSqGSIb3DQEBCwUAA4IBAQBe7JLhcpO5RT+FolFWeZHVrt38zAidwCK7
fc013b9y3Qzo8eAw5qk757swsk1TxaWBFHGVFVp4/B7Lt+oBZirFw+X0WMLSDDW9
6DHP9KMvoKXOD7Cwp8+J1mxI5SXYFKJWj72Hw0SKRTC/Htg3OsRj/EQ9R98hcWMI
x1VY5p1WHdNi1ENNOc95BG4rkrWZg+IqM74ewv5uOAz2S/aNiFdVnGxqG9V5pJPb
XRXbuWsiQ/tUKD2X0yWja/c9XS9md5OmLnnVll/89ZApePJPKUZuQAHIp4RfxY+W
JJ3ZPk7+ZA2ZP3e8N9hlZds7mwUEQNX/w2WeyPGE5dKZYmQu+8aA
-----END CERTIFICATE-----
Generated at Sat May 4 09:52:48 2024 by rpki-client on console-ams.rpki-client.org