Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/vPSYp-3cXAY3qeKKNtWsVib62tA.roa
File: vPSYp-3cXAY3qeKKNtWsVib62tA.roa (raw, json)
Hash identifier: oQ0I3p269KYZ8eE7AqdsFkvQcvgNN6tJ6O/Wmph97iw=
Subject key identifier: BC:F4:98:A7:ED:DC:5C:06:37:A9:E2:8A:36:D5:AC:56:26:FA:DA:D0
Certificate issuer: /CN=74fb3a6b7fc28e8674e611cb098076f0e4c557c2
Certificate serial: 018CC348F67499AFD739E49605C805166448
Authority key identifier: 74:FB:3A:6B:7F:C2:8E:86:74:E6:11:CB:09:80:76:F0:E4:C5:57:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPs6a3_CjoZ05hHLCYB28OTFV8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/vPSYp-3cXAY3qeKKNtWsVib62tA.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209004
IP address blocks: 45.11.75.0/24 maxlen: 24
45.11.72.0/22 maxlen: 24
45.11.72.0/24 maxlen: 24
45.11.72.0/23 maxlen: 24
45.11.73.0/24 maxlen: 24
45.11.74.0/23 maxlen: 23
45.11.74.0/24 maxlen: 24
2a0e:6700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/dPs6a3_CjoZ05hHLCYB28OTFV8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/dPs6a3_CjoZ05hHLCYB28OTFV8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dPs6a3_CjoZ05hHLCYB28OTFV8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f6:74:99:af:d7:39:e4:96:05:c8:05:16:64:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74fb3a6b7fc28e8674e611cb098076f0e4c557c2
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcf498a7eddc5c0637a9e28a36d5ac5626fadad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:56:71:9b:a5:ef:60:c7:51:c1:73:96:d1:
db:7b:2c:76:21:a0:9e:3a:7b:e6:5b:a4:77:2b:29:
60:e6:60:fc:c9:1d:ed:82:43:51:f7:4d:84:69:7b:
ce:63:0b:d2:0a:cc:0c:05:68:cd:ba:51:6d:7b:fa:
fe:ef:c6:fe:9e:7d:1f:60:ad:2a:f9:cc:52:f3:e8:
89:52:15:4e:6f:4c:c8:f0:30:70:83:af:90:31:f4:
a0:10:55:e6:e7:04:d1:01:26:1f:2f:c2:24:15:a0:
5b:ff:91:ed:5e:ac:e0:11:3f:72:57:cc:1a:78:01:
55:d9:a7:f0:95:aa:ff:81:04:e0:d8:4d:6b:9f:11:
3d:06:7c:c4:72:23:12:5b:ed:ca:dc:fd:59:4e:de:
da:aa:15:4d:9f:9f:84:7f:f2:5e:ae:23:bf:2f:d0:
1e:bc:a7:29:cc:80:5f:39:43:8c:73:67:dc:df:7a:
c0:57:5c:b5:26:39:81:b0:07:31:bf:c3:66:75:75:
26:e5:ce:4f:1a:1f:3b:6a:7a:c5:8e:c6:e2:1a:da:
09:16:15:82:f4:3f:4c:8a:5b:a2:34:35:db:24:81:
f7:e1:0c:5e:d0:65:88:88:27:c5:78:a3:dc:1a:10:
c7:92:af:16:39:a4:7d:c2:96:cb:6b:89:93:d1:6d:
18:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F4:98:A7:ED:DC:5C:06:37:A9:E2:8A:36:D5:AC:56:26:FA:DA:D0
X509v3 Authority Key Identifier:
keyid:74:FB:3A:6B:7F:C2:8E:86:74:E6:11:CB:09:80:76:F0:E4:C5:57:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPs6a3_CjoZ05hHLCYB28OTFV8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/vPSYp-3cXAY3qeKKNtWsVib62tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/dPs6a3_CjoZ05hHLCYB28OTFV8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.72.0/22
IPv6:
2a0e:6700::/29
Signature Algorithm: sha256WithRSAEncryption
79:c3:c1:81:f4:ab:89:9f:c1:57:97:7b:31:94:b9:5c:c3:39:
6c:1e:07:a3:64:c2:71:d5:ff:27:c0:5a:d3:f0:bd:6c:ac:61:
df:20:72:09:37:67:30:9a:25:86:2e:10:aa:67:38:d5:15:dc:
48:05:27:4e:7c:31:ca:aa:42:70:d6:c1:73:58:50:c3:cf:a9:
ab:5a:27:8d:0b:b3:4c:72:bc:fe:59:24:02:2b:4f:2d:8f:3f:
96:db:c6:95:7c:c0:01:a1:46:3e:27:4b:4d:d9:69:c4:68:5c:
26:73:25:a6:a7:93:17:4d:95:07:e9:67:be:de:c4:98:d7:f5:
b3:a0:08:fe:22:3d:38:df:49:5b:d9:c1:9f:b5:af:f1:6d:9a:
61:34:1f:3e:89:67:8c:87:cf:e8:36:54:8f:57:af:22:d8:01:
da:a9:dd:69:53:e4:07:a0:15:08:f5:21:9d:32:20:d8:9e:a7:
c8:52:17:19:46:87:33:b8:f7:a7:af:c6:44:b1:36:dd:d6:3d:
cd:d7:ea:4c:84:9d:e9:2e:2b:ec:48:62:f1:0c:27:6c:64:c2:
45:28:b3:a3:0e:df:76:23:18:1b:71:54:ca:69:ca:31:f4:e5:
0c:97:76:01:5b:16:00:66:d6:78:0d:51:95:40:35:df:f9:96:
9e:c0:f8:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSPZ0ma/XOeSWBcgFFmRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZmIzYTZiN2ZjMjhlODY3NGU2MTFjYjA5ODA3NmYwZTRj
NTU3YzIwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y0OThhN2VkZGM1YzA2MzdhOWUyOGEzNmQ1YWM1NjI2ZmFkYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK1WcZul72DHUcFzltHbeyx2IaCe
OnvmW6R3Kylg5mD8yR3tgkNR902EaXvOYwvSCswMBWjNulFte/r+78b+nn0fYK0q
+cxS8+iJUhVOb0zI8DBwg6+QMfSgEFXm5wTRASYfL8IkFaBb/5HtXqzgET9yV8wa
eAFV2afwlar/gQTg2E1rnxE9BnzEciMSW+3K3P1ZTt7aqhVNn5+Ef/JeriO/L9Ae
vKcpzIBfOUOMc2fc33rAV1y1JjmBsAcxv8NmdXUm5c5PGh87anrFjsbiGtoJFhWC
9D9MiluiNDXbJIH34Qxe0GWIiCfFeKPcGhDHkq8WOaR9wpbLa4mT0W0YSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLz0mKft3FwGN6niijbVrFYm+trQMB8GA1UdIwQY
MBaAFHT7Omt/wo6GdOYRywmAdvDkxVfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBzNmEzX0Nqb1owNWhITENZQjI4T1RGVjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYTBmNTUtNTc3NC00NWRlLWE2YzAt
NzgyYzc4MGU3YzFjLzEvdlBTWXAtM2NYQVkzcWVLS050V3NWaWI2MnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYTBmNTUtNTc3NC00NWRlLWE2YzAtNzgyYzc4MGU3YzFj
LzEvZFBzNmEzX0Nqb1owNWhITENZQjI4T1RGVjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQtIMA0E
AgACMAcDBQMqDmcAMA0GCSqGSIb3DQEBCwUAA4IBAQB5w8GB9KuJn8FXl3sxlLlc
wzlsHgejZMJx1f8nwFrT8L1srGHfIHIJN2cwmiWGLhCqZzjVFdxIBSdOfDHKqkJw
1sFzWFDDz6mrWieNC7NMcrz+WSQCK08tjz+W28aVfMABoUY+J0tN2WnEaFwmcyWm
p5MXTZUH6We+3sSY1/WzoAj+Ij0430lb2cGfta/xbZphNB8+iWeMh8/oNlSPV68i
2AHaqd1pU+QHoBUI9SGdMiDYnqfIUhcZRoczuPenr8ZEsTbd1j3N1+pMhJ3pLivs
SGLxDCdsZMJFKLOjDt92IxgbcVTKacox9OUMl3YBWxYAZtZ4DVGVQDXf+ZaewPhN
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:34:11 2024 by rpki-client on console-ams.rpki-client.org