Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h1jGQBuZ1Wyt07E1-Vc0TpLTDPw.roa
File: h1jGQBuZ1Wyt07E1-Vc0TpLTDPw.roa (raw, json)
Hash identifier: eTRZ4IR7YwD0ebplF3DI+4WQAE3pGS1PP/t8jUkGr2A=
Subject key identifier: 87:58:C6:40:1B:99:D5:6C:AD:D3:B1:35:F9:57:34:4E:92:D3:0C:FC
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018CC9BCADCF74FAFAB7852647580BFCE900
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h1jGQBuZ1Wyt07E1-Vc0TpLTDPw.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43489
IP address blocks: 89.111.135.0/24 maxlen: 24
89.104.93.0/24 maxlen: 24
89.104.95.0/24 maxlen: 24
31.177.70.0/24 maxlen: 24
2a01:d8:8::/48 maxlen: 48
2a02:2090:6800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ad:cf:74:fa:fa:b7:85:26:47:58:0b:fc:e9:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8758c6401b99d56cadd3b135f957344e92d30cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a5:b8:80:87:dc:d6:dc:71:71:54:cb:5c:6f:
e5:b8:d0:8c:79:77:fb:be:80:2c:ef:93:71:47:1a:
ad:36:1d:40:f8:fc:d8:e0:43:6d:e7:65:3b:47:bf:
3e:be:61:ac:27:7c:47:69:36:5d:36:77:67:3d:af:
af:d7:fa:ed:d6:4e:6f:c7:bf:2c:c5:c6:ed:40:21:
38:ed:f8:8f:29:72:08:b8:54:07:31:8d:5e:3f:1b:
42:58:bb:73:4b:07:e0:c7:df:a8:fe:67:7c:db:c2:
25:65:60:e8:18:19:d4:ff:20:8c:5d:e0:63:41:22:
e5:66:37:ae:dc:f6:f0:79:3b:f1:2b:d0:dc:b5:53:
42:2e:a8:3f:cf:4e:8c:ce:84:dd:64:ba:43:c5:3a:
21:79:31:0e:3e:1a:24:ab:34:f8:47:ed:36:b1:31:
52:05:b4:c5:61:cb:2c:f0:a6:26:5a:99:31:13:94:
b9:38:8f:bb:62:e0:68:9d:1c:b0:d6:37:3c:b5:c7:
f1:58:f0:f2:87:25:a3:54:58:dd:52:de:aa:fd:69:
a7:03:b6:63:89:7c:bd:85:b4:7e:fa:c9:e1:3a:29:
21:6e:fc:1f:32:cc:6d:8f:36:0a:a8:3e:85:5a:40:
fc:fc:64:f3:19:42:ba:b4:aa:ef:de:b8:5e:09:4e:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:58:C6:40:1B:99:D5:6C:AD:D3:B1:35:F9:57:34:4E:92:D3:0C:FC
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h1jGQBuZ1Wyt07E1-Vc0TpLTDPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.70.0/24
89.104.93.0/24
89.104.95.0/24
89.111.135.0/24
IPv6:
2a01:d8:8::/48
2a02:2090:6800::/48
Signature Algorithm: sha256WithRSAEncryption
94:a2:3f:c5:ca:09:7a:11:c0:12:5c:63:fa:34:c5:31:c0:3c:
ce:2e:97:ef:fb:37:86:4d:57:d1:40:eb:0c:99:2d:ef:b2:c3:
98:d6:4d:f0:53:71:ba:91:31:11:8a:af:5b:ff:35:48:40:ef:
64:80:65:2c:e9:4b:cf:42:45:c9:aa:f7:bf:ee:5a:42:1a:7f:
79:65:74:24:3c:8b:30:77:a8:8f:63:40:7a:92:c1:f5:12:78:
23:0b:75:de:f5:cc:7a:54:7f:4c:42:f4:ac:68:eb:76:d3:42:
f4:0e:b0:cc:cf:5b:96:8b:1c:82:0b:02:0b:11:45:5a:b8:59:
40:54:a3:e4:54:23:77:50:5f:d1:7d:00:b7:1f:17:e4:5d:eb:
f6:72:5c:02:7d:82:f7:24:f0:d5:bd:15:50:fa:6c:85:f3:ec:
de:5a:0b:d8:de:4b:bb:8b:25:4b:51:1d:a1:62:26:9f:69:9f:
40:0c:12:63:a1:2f:bb:6c:ca:05:0b:cd:45:14:0a:c8:95:6e:
7c:4c:3b:5e:00:b1:0d:1b:26:cc:41:c0:5d:a9:27:3e:56:2e:
54:dc:98:7e:c7:15:63:03:67:02:88:1f:6f:35:9a:c8:ac:b4:
4f:8f:e1:da:18:1e:f0:db:c6:25:0b:3a:b2:5e:76:da:6b:43:
df:b5:c3:6d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJvK3PdPr6t4UmR1gL/OkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzU4YzY0MDFiOTlkNTZjYWRkM2IxMzVmOTU3MzQ0ZTkyZDMwY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaW4gIfc1txxcVTLXG/luNCMeXf7
voAs75NxRxqtNh1A+PzY4ENt52U7R78+vmGsJ3xHaTZdNndnPa+v1/rt1k5vx78s
xcbtQCE47fiPKXIIuFQHMY1ePxtCWLtzSwfgx9+o/md828IlZWDoGBnU/yCMXeBj
QSLlZjeu3PbweTvxK9DctVNCLqg/z06MzoTdZLpDxToheTEOPhokqzT4R+02sTFS
BbTFYcss8KYmWpkxE5S5OI+7YuBonRyw1jc8tcfxWPDyhyWjVFjdUt6q/WmnA7Zj
iXy9hbR++snhOikhbvwfMsxtjzYKqD6FWkD8/GTzGUK6tKrv3rheCU5keQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIdYxkAbmdVsrdOxNflXNE6S0wz8MB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvaDFqR1FCdVoxV3l0MDdFMS1WYzBUcExURFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAH7FGAwQA
WWhdAwQAWWhfAwQAWW+HMBgEAgACMBIDBwAqAQDYAAgDBwAqAiCQaAAwDQYJKoZI
hvcNAQELBQADggEBAJSiP8XKCXoRwBJcY/o0xTHAPM4ul+/7N4ZNV9FA6wyZLe+y
w5jWTfBTcbqRMRGKr1v/NUhA72SAZSzpS89CRcmq97/uWkIaf3lldCQ8izB3qI9j
QHqSwfUSeCMLdd71zHpUf0xC9Kxo63bTQvQOsMzPW5aLHIILAgsRRVq4WUBUo+RU
I3dQX9F9ALcfF+Rd6/ZyXAJ9gvck8NW9FVD6bIXz7N5aC9jeS7uLJUtRHaFiJp9p
n0AMEmOhL7tsygULzUUUCsiVbnxMO14AsQ0bJsxBwF2pJz5WLlTcmH7HFWMDZwKI
H281msistE+P4doYHvDbxiULOrJedtprQ9+1w20=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:20:31 2024 by rpki-client on console-fra.rpki-client.org