Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VwqI8jZnNSyvFydNc8TV_1LviK0.roa
File: VwqI8jZnNSyvFydNc8TV_1LviK0.roa (raw, json)
Hash identifier: AsI7u/8gPEaZYvkevuHlzO+zlSHLwei6jVwrdUC7RR8=
Subject key identifier: 57:0A:88:F2:36:67:35:2C:AF:17:27:4D:73:C4:D5:FF:52:EF:88:AD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DF9834E2F6AB5FD98AEADAF8FCD01A663
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VwqI8jZnNSyvFydNc8TV_1LviK0.roa
Signing time: Fri 01 Mar 2024 10:15:48 +0000
ROA not before: Fri 01 Mar 2024 10:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 185.214.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:83:4e:2f:6a:b5:fd:98:ae:ad:af:8f:cd:01:a6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 1 10:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=570a88f23667352caf17274d73c4d5ff52ef88ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:22:5b:be:01:b8:ba:db:f9:aa:9b:fa:ec:
3e:d9:06:ee:fb:41:9e:c0:d5:40:84:fa:38:f3:5e:
e7:df:f6:97:fa:44:2c:9d:c1:87:94:76:40:f2:0e:
98:6d:0b:40:cb:b3:8b:67:5f:95:14:b9:a7:76:5d:
fe:e2:40:50:2c:66:46:68:ce:0e:90:70:e8:48:d8:
af:81:4e:cf:9b:68:16:39:e2:4d:6b:17:0e:7d:af:
90:e2:12:f7:65:c1:37:ee:d7:1c:bf:68:74:08:1d:
db:a2:0a:0e:6e:fe:00:be:4a:2f:04:27:e8:f5:4f:
60:94:42:e5:e9:d6:87:e0:41:38:90:f9:c6:f2:4f:
65:8b:89:e4:c8:0c:64:ef:2f:dd:1d:15:e7:d7:bb:
2c:fb:1a:da:fe:80:ef:4e:84:28:da:dc:fa:bb:a0:
36:f0:24:c2:ea:e3:07:ca:65:71:7d:75:91:02:cb:
48:2c:a5:d2:49:01:d2:78:0a:7b:a7:f4:20:07:53:
97:3f:71:42:f6:aa:d6:3a:23:d6:8f:09:ec:46:39:
84:ae:d0:c6:bb:ac:8d:b7:27:29:50:a4:23:8e:80:
82:9a:28:0c:10:30:ea:27:85:9e:70:70:7b:fe:eb:
51:92:24:c3:ea:28:c6:43:4d:d6:33:4b:f9:c6:00:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:0A:88:F2:36:67:35:2C:AF:17:27:4D:73:C4:D5:FF:52:EF:88:AD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VwqI8jZnNSyvFydNc8TV_1LviK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.101.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:35:54:70:42:7b:d4:ad:3e:09:8a:13:79:5c:15:b0:66:fe:
4f:fc:e1:76:7c:0c:5a:10:57:5a:c9:86:b6:7b:68:64:f4:f7:
16:82:7e:af:30:66:60:84:44:29:14:83:99:a2:eb:4a:ef:77:
92:3a:f9:29:f6:9e:92:b4:c2:eb:5a:35:6e:cd:06:33:e0:08:
f5:e5:a5:95:11:8e:e8:26:a0:75:3f:2e:3d:45:40:77:12:8e:
14:09:21:c1:11:ac:5f:f3:af:fa:ee:b8:36:80:1f:6c:2a:8d:
33:90:e8:f7:e5:a1:22:9c:fe:d1:96:b1:89:e1:48:f9:25:43:
9d:c3:74:9d:a9:0d:4f:7e:d1:57:53:01:14:21:d8:95:79:1d:
07:a8:0c:e4:aa:dd:79:a1:13:60:b0:8e:fb:46:6d:fb:96:08:
24:71:74:0c:03:b5:9f:27:91:0f:f1:fd:40:72:35:b4:4e:04:
9c:a8:e8:61:27:c5:5b:40:6a:ba:80:04:22:7e:ea:8b:67:f6:
6a:4b:42:41:62:6c:8d:63:26:a3:6d:d8:fb:cc:42:27:a3:35:
af:b7:bc:43:7c:c4:19:b5:e3:fc:d5:8c:ad:eb:9f:4f:a8:74:
7e:00:e4:e1:73:c0:5c:d5:e9:50:35:25:6a:e0:c4:80:75:0e:
02:98:ac:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35g04varX9mK6tr4/NAaZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzAxMTAxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzBhODhmMjM2NjczNTJjYWYxNzI3NGQ3M2M0ZDVmZjUyZWY4OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+MiW74BuLrb+aqb+uw+2Qbu+0Ge
wNVAhPo4817n3/aX+kQsncGHlHZA8g6YbQtAy7OLZ1+VFLmndl3+4kBQLGZGaM4O
kHDoSNivgU7Pm2gWOeJNaxcOfa+Q4hL3ZcE37tccv2h0CB3bogoObv4AvkovBCfo
9U9glELl6daH4EE4kPnG8k9li4nkyAxk7y/dHRXn17ss+xra/oDvToQo2tz6u6A2
8CTC6uMHymVxfXWRAstILKXSSQHSeAp7p/QgB1OXP3FC9qrWOiPWjwnsRjmErtDG
u6yNtycpUKQjjoCCmigMEDDqJ4WecHB7/utRkiTD6ijGQ03WM0v5xgB7LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFcKiPI2ZzUsrxcnTXPE1f9S74itMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVndxSThqWm5OU3l2RnlkTmM4VFZfMUx2aUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudZlMA0G
CSqGSIb3DQEBCwUAA4IBAQC7NVRwQnvUrT4JihN5XBWwZv5P/OF2fAxaEFdayYa2
e2hk9PcWgn6vMGZghEQpFIOZoutK73eSOvkp9p6StMLrWjVuzQYz4Aj15aWVEY7o
JqB1Py49RUB3Eo4UCSHBEaxf86/67rg2gB9sKo0zkOj35aEinP7RlrGJ4Uj5JUOd
w3SdqQ1PftFXUwEUIdiVeR0HqAzkqt15oRNgsI77Rm37lggkcXQMA7WfJ5EP8f1A
cjW0TgScqOhhJ8VbQGq6gAQifuqLZ/ZqS0JBYmyNYyajbdj7zEInozWvt7xDfMQZ
teP81Yyt659PqHR+AOThc8Bc1elQNSVq4MSAdQ4CmKxS
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:41:48 2024 by rpki-client on console-fra.rpki-client.org