Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_vgnfMvvDnszUM-CHEhZkaHGGtg.roa
File: _vgnfMvvDnszUM-CHEhZkaHGGtg.roa (raw, json)
Hash identifier: AEqibGq+TziJCJ2f45JW9tYRCFpkvlgkvYd+nWN4Mvw=
Subject key identifier: FE:F8:27:7C:CB:EF:0E:7B:33:50:CF:82:1C:48:59:91:A1:C6:1A:D8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E9E99D451BB7778875938B79FD9916BE2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_vgnfMvvDnszUM-CHEhZkaHGGtg.roa
Signing time: Tue 02 Apr 2024 11:37:45 +0000
ROA not before: Tue 02 Apr 2024 11:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 176.125.249.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:99:d4:51:bb:77:78:87:59:38:b7:9f:d9:91:6b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 2 11:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fef8277ccbef0e7b3350cf821c485991a1c61ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7d:d8:43:f4:c0:b1:c0:e2:e0:c9:cf:68:18:
42:05:32:19:22:0d:bc:0f:ea:49:29:54:ad:4b:a3:
53:56:58:33:e6:ed:c3:30:9c:19:ad:fc:08:03:c2:
c7:23:3c:d0:e8:23:b0:b7:2d:ed:d2:ec:c6:a6:5a:
fe:9d:e1:a1:0a:c3:c4:5c:a5:cc:a1:1a:7f:e7:7e:
b7:24:5e:c5:3d:af:fd:69:69:de:bc:59:31:69:ea:
1e:d5:4d:d5:f1:2e:00:31:67:94:fd:98:38:89:63:
32:37:ae:d1:72:c5:32:69:60:74:9c:a2:9b:10:80:
e3:03:f3:97:c7:f0:8c:ed:e8:c0:dd:f4:f3:be:26:
72:42:04:42:0a:9a:3f:8c:15:15:57:cc:3d:39:b0:
96:ea:47:bb:63:be:a3:30:7d:d4:6e:f9:50:6d:4f:
00:bb:19:79:a7:00:3b:da:97:b9:91:1c:26:d5:26:
42:80:78:f9:c8:df:02:c9:ec:eb:61:d2:95:29:a0:
89:57:32:50:10:96:91:bf:fb:56:4f:17:f3:dc:58:
20:43:07:0c:57:50:33:eb:d2:c4:de:89:9b:2b:ed:
ce:86:c7:54:a9:22:b5:21:53:c4:7b:1a:fa:96:dd:
bd:6b:26:1d:ce:b0:fa:67:ba:88:15:68:3b:72:96:
e1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F8:27:7C:CB:EF:0E:7B:33:50:CF:82:1C:48:59:91:A1:C6:1A:D8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_vgnfMvvDnszUM-CHEhZkaHGGtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.249.0/24
185.126.83.0/24
185.214.100.0/24
185.228.73.0/24
Signature Algorithm: sha256WithRSAEncryption
12:99:26:78:57:e5:1b:c9:4f:49:41:04:7c:71:80:0e:6c:11:
ab:e3:f9:33:a1:ff:ec:d6:00:16:02:fd:29:70:48:16:e9:7d:
b6:7f:dd:fa:fd:cd:6a:a1:45:02:ef:72:a5:2e:c9:cf:20:91:
de:ba:d0:9d:74:21:a7:c4:71:a2:1d:9b:38:56:2d:bb:67:7c:
4c:77:86:51:d2:0e:0e:e7:82:fe:f3:fb:fc:bb:44:c5:8a:15:
a7:75:ca:50:bb:9e:d9:1a:1c:39:cd:07:c1:f9:bb:46:c7:50:
61:4f:a1:02:72:7c:9f:0e:23:91:43:f3:84:71:1e:5f:d4:5b:
33:16:9b:6b:ff:8b:19:0f:ed:3b:4f:a7:a0:b1:28:5c:cb:0e:
0c:27:64:bc:29:85:b1:28:3f:16:98:14:9f:2d:b2:31:c7:5f:
84:2e:8c:6f:7f:93:52:29:bf:dc:2c:af:6e:3f:b6:69:6b:e1:
7c:6c:77:0e:f3:16:a2:a7:ed:58:8c:ff:49:cf:e8:b2:a5:2d:
68:fd:0f:b9:2e:8f:67:25:aa:68:aa:7c:99:5e:b2:33:bf:3d:
84:fc:e8:23:f2:a0:05:3b:48:13:91:14:94:a0:b5:8a:b8:7a:
ee:1b:bd:5e:65:2b:4d:e0:a1:a4:81:98:63:6b:24:97:44:6e:
61:09:bf:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6emdRRu3d4h1k4t5/ZkWviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAyMTEzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWY4Mjc3Y2NiZWYwZTdiMzM1MGNmODIxYzQ4NTk5MWExYzYxYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk33YQ/TAscDi4MnPaBhCBTIZIg28
D+pJKVStS6NTVlgz5u3DMJwZrfwIA8LHIzzQ6COwty3t0uzGplr+neGhCsPEXKXM
oRp/5363JF7FPa/9aWnevFkxaeoe1U3V8S4AMWeU/Zg4iWMyN67RcsUyaWB0nKKb
EIDjA/OXx/CM7ejA3fTzviZyQgRCCpo/jBUVV8w9ObCW6ke7Y76jMH3UbvlQbU8A
uxl5pwA72pe5kRwm1SZCgHj5yN8CyezrYdKVKaCJVzJQEJaRv/tWTxfz3FggQwcM
V1Az69LE3ombK+3OhsdUqSK1IVPEexr6lt29ayYdzrD6Z7qIFWg7cpbh1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP74J3zL7w57M1DPghxIWZGhxhrYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX3ZnbmZNdnZEbnN6VU0tQ0hFaFprYUhHR3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsH35AwQA
uX5TAwQAudZkAwQAueRJMA0GCSqGSIb3DQEBCwUAA4IBAQASmSZ4V+UbyU9JQQR8
cYAObBGr4/kzof/s1gAWAv0pcEgW6X22f936/c1qoUUC73KlLsnPIJHeutCddCGn
xHGiHZs4Vi27Z3xMd4ZR0g4O54L+8/v8u0TFihWndcpQu57ZGhw5zQfB+btGx1Bh
T6ECcnyfDiORQ/OEcR5f1FszFptr/4sZD+07T6egsShcyw4MJ2S8KYWxKD8WmBSf
LbIxx1+ELoxvf5NSKb/cLK9uP7Zpa+F8bHcO8xaip+1YjP9Jz+iypS1o/Q+5Lo9n
JapoqnyZXrIzvz2E/Ogj8qAFO0gTkRSUoLWKuHruG71eZStN4KGkgZhjaySXRG5h
Cb+S
-----END CERTIFICATE-----
Generated at Sat May 4 12:53:08 2024 by rpki-client on console-ams.rpki-client.org