Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/VgQTziAHvh63c4Yffx92ALMvuss.roa
File: VgQTziAHvh63c4Yffx92ALMvuss.roa (raw, json)
Hash identifier: ltLDcFp3AE/e4dPwiYHGVvkU/mfQGnlHFWEKPBnB5OE=
Subject key identifier: 56:04:13:CE:20:07:BE:1E:B7:73:86:1F:7F:1F:76:00:B3:2F:BA:CB
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 019295C29BDDBB65B4449C59A0B485CCD6A8
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/VgQTziAHvh63c4Yffx92ALMvuss.roa
Signing time: Wed 16 Oct 2024 14:36:51 +0000
ROA not before: Wed 16 Oct 2024 14:36:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 145.46.168.0/24 maxlen: 24
145.46.169.0/24 maxlen: 24
145.46.170.0/24 maxlen: 24
145.46.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:c2:9b:dd:bb:65:b4:44:9c:59:a0:b4:85:cc:d6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Oct 16 14:36:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=560413ce2007be1eb773861f7f1f7600b32fbacb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:e3:6b:21:f7:f9:72:78:aa:a2:66:7a:39:
58:b1:48:fb:12:77:27:49:19:74:c0:35:b6:43:84:
cc:b0:99:df:43:2d:b2:7e:8c:48:19:99:30:43:ed:
11:9c:d3:d1:40:d6:9c:22:c8:a4:b2:2a:8e:80:ec:
aa:6c:48:1e:3e:fc:d8:81:da:9c:16:53:e0:0b:6b:
03:34:ab:dd:4f:ff:41:75:a9:7e:c4:9c:3e:5b:e6:
a6:f0:f2:66:48:1e:b6:71:72:43:56:c6:e3:f3:67:
b5:f2:27:9c:2a:76:c1:30:d4:3a:5e:ca:93:7a:7b:
b1:98:fa:38:2d:bd:0e:6a:c9:2d:5c:4b:9d:52:dd:
68:7a:5b:50:61:b7:71:5a:9e:e2:e1:7c:37:06:89:
6c:65:98:08:cb:77:34:69:ea:b7:bd:d0:1c:b5:75:
2e:f1:22:7d:6d:9f:b0:d9:79:f4:ae:02:eb:ac:85:
04:ad:ee:5f:ed:a8:7b:ef:8d:cc:bf:87:ab:34:b7:
c4:6f:16:b5:36:9f:c3:a8:c3:38:0d:cf:61:43:64:
11:92:32:ec:bf:17:ea:ea:e0:02:06:d8:08:aa:98:
b0:1c:24:47:98:8d:9d:62:91:85:b7:89:94:80:bb:
dc:f4:74:6f:b9:de:12:16:26:6c:9c:a4:89:8f:3f:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:04:13:CE:20:07:BE:1E:B7:73:86:1F:7F:1F:76:00:B3:2F:BA:CB
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/VgQTziAHvh63c4Yffx92ALMvuss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:ca:94:3d:e1:ca:54:f2:1e:98:47:d1:62:fb:ff:eb:8d:ab:
50:50:9d:0f:87:bb:8d:8c:f4:72:2b:20:d6:97:5b:1f:9c:28:
52:86:63:d9:58:28:6a:5d:f1:a1:90:15:d2:d3:d0:57:f1:e7:
07:92:85:a0:03:56:3a:42:ae:73:e2:39:48:83:f5:97:a8:e4:
fb:fb:79:08:f3:c7:16:09:16:11:70:67:45:5c:b2:fa:a0:8f:
85:2d:84:a6:d3:ce:e4:58:ed:d7:7d:f5:3b:05:db:1a:5d:a6:
e0:99:c8:b2:fe:80:6e:f6:c0:85:1a:ba:4c:d4:38:90:19:18:
10:f3:3c:09:65:eb:56:4f:75:89:97:9f:0e:f0:6b:4e:dc:e5:
50:6b:dd:09:ed:ce:99:19:af:d4:c0:52:49:73:a7:6e:da:07:
91:15:65:6e:85:81:5a:29:ff:72:96:f2:ad:d2:55:47:75:31:
ad:9f:ce:7c:c0:be:fb:a7:83:9e:65:89:c3:68:ef:0c:1f:ae:
14:6d:92:95:51:75:5b:3f:d9:22:e7:8d:c4:04:80:c6:6d:87:
83:1b:6c:02:f5:20:55:1a:79:b0:12:f2:b7:b1:9f:11:fa:39:
f7:57:60:4f:e7:5f:15:d8:8c:d1:a1:64:7c:e4:a3:ba:4f:5d:
09:e7:38:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKVwpvdu2W0RJxZoLSFzNaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjQxMDE2MTQzNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA0MTNjZTIwMDdiZTFlYjc3Mzg2MWY3ZjFmNzYwMGIzMmZiYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKjjayH3+XJ4qqJmejlYsUj7Encn
SRl0wDW2Q4TMsJnfQy2yfoxIGZkwQ+0RnNPRQNacIsiksiqOgOyqbEgePvzYgdqc
FlPgC2sDNKvdT/9Bdal+xJw+W+am8PJmSB62cXJDVsbj82e18iecKnbBMNQ6XsqT
enuxmPo4Lb0OasktXEudUt1oeltQYbdxWp7i4Xw3BolsZZgIy3c0aeq3vdActXUu
8SJ9bZ+w2Xn0rgLrrIUEre5f7ah7743Mv4erNLfEbxa1Np/DqMM4Dc9hQ2QRkjLs
vxfq6uACBtgIqpiwHCRHmI2dYpGFt4mUgLvc9HRvud4SFiZsnKSJjz833QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYEE84gB74et3OGH38fdgCzL7rLMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvVmdRVHppQUh2aDYzYzRZZmZ4OTJBTE12dXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkS6oMA0G
CSqGSIb3DQEBCwUAA4IBAQCwypQ94cpU8h6YR9Fi+//rjatQUJ0Ph7uNjPRyKyDW
l1sfnChShmPZWChqXfGhkBXS09BX8ecHkoWgA1Y6Qq5z4jlIg/WXqOT7+3kI88cW
CRYRcGdFXLL6oI+FLYSm087kWO3XffU7BdsaXabgmciy/oBu9sCFGrpM1DiQGRgQ
8zwJZetWT3WJl58O8GtO3OVQa90J7c6ZGa/UwFJJc6du2geRFWVuhYFaKf9ylvKt
0lVHdTGtn858wL77p4OeZYnDaO8MH64UbZKVUXVbP9ki543EBIDGbYeDG2wC9SBV
GnmwEvK3sZ8R+jn3V2BP518V2IzRoWR85KO6T10J5zjQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:36 2024 by rpki-client on console-ams.rpki-client.org