Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/VxDiFtAsxhBCLmbbvBbFf_-C9Lw.roa
File: VxDiFtAsxhBCLmbbvBbFf_-C9Lw.roa (raw, json)
Hash identifier: pR9B73mBNQFOUZLB9e4rw20Ts1DCg9l5+xzR4pK8bS0=
Subject key identifier: 57:10:E2:16:D0:2C:C6:10:42:2E:66:DB:BC:16:C5:7F:FF:82:F4:BC
Certificate issuer: /CN=055618a6195f1ecacb085ced3b0a1a17c62a2cfa
Certificate serial: 018CCA99F22F6566B64A48280A842FFD1A6B
Authority key identifier: 05:56:18:A6:19:5F:1E:CA:CB:08:5C:ED:3B:0A:1A:17:C6:2A:2C:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVYYphlfHsrLCFztOwoaF8YqLPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/VxDiFtAsxhBCLmbbvBbFf_-C9Lw.roa
Signing time: Tue 02 Jan 2024 14:35:35 +0000
ROA not before: Tue 02 Jan 2024 14:35:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201602
IP address blocks: 134.19.170.0/24 maxlen: 24
134.19.171.0/24 maxlen: 24
134.19.172.0/24 maxlen: 24
134.19.168.0/24 maxlen: 24
134.19.169.0/24 maxlen: 24
134.19.173.0/24 maxlen: 24
134.19.174.0/24 maxlen: 24
134.19.175.0/24 maxlen: 24
185.203.104.0/24 maxlen: 24
185.203.105.0/24 maxlen: 24
185.203.106.0/24 maxlen: 24
185.203.107.0/24 maxlen: 24
185.66.24.0/24 maxlen: 24
188.241.140.0/24 maxlen: 24
188.241.141.0/24 maxlen: 24
185.66.26.0/24 maxlen: 24
185.66.27.0/24 maxlen: 24
185.66.25.0/24 maxlen: 24
31.187.104.0/24 maxlen: 24
31.187.105.0/24 maxlen: 24
31.187.111.0/24 maxlen: 24
31.187.107.0/24 maxlen: 24
31.187.108.0/24 maxlen: 24
31.187.109.0/24 maxlen: 24
31.187.110.0/24 maxlen: 24
31.187.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/BVYYphlfHsrLCFztOwoaF8YqLPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/BVYYphlfHsrLCFztOwoaF8YqLPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BVYYphlfHsrLCFztOwoaF8YqLPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:f2:2f:65:66:b6:4a:48:28:0a:84:2f:fd:1a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=055618a6195f1ecacb085ced3b0a1a17c62a2cfa
Validity
Not Before: Jan 2 14:35:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5710e216d02cc610422e66dbbc16c57fff82f4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7d:81:83:6c:48:07:ac:c6:a8:ee:65:c8:a7:
70:33:40:6a:c3:34:5c:74:82:65:b4:7f:f5:eb:4c:
98:75:6a:b8:4f:4b:62:8d:df:a5:19:28:60:42:16:
f5:23:6f:78:df:f4:ed:42:46:9c:8c:6d:ec:42:30:
da:e5:a3:85:cf:ec:76:e2:81:bf:d5:14:32:ab:ff:
64:b6:14:f2:73:24:f7:ff:1d:09:21:1e:34:cf:6e:
9d:67:46:16:7e:30:d4:34:04:ff:a4:3b:1c:28:cf:
da:c0:c9:c8:6e:f7:51:2d:d6:ba:f3:06:b9:1f:e9:
02:58:fe:1b:2d:97:0a:d2:e7:54:f9:fa:e6:98:f3:
cb:84:d3:9a:03:98:da:27:7a:79:7e:c5:34:bf:51:
17:3b:1f:90:31:55:54:fb:3d:9d:8e:8c:b0:b9:68:
16:a0:d6:f2:d8:f1:eb:12:0b:66:52:be:a2:0a:ae:
6c:94:05:10:6b:b0:91:43:4a:cf:9c:1a:68:c9:b5:
cb:f8:27:85:e4:62:7d:8c:4c:57:99:00:a4:65:1b:
e1:b3:06:93:96:18:c8:5f:cd:b9:f5:e3:b1:ab:53:
9b:9f:fa:fe:bf:76:a3:19:d4:ac:f5:32:5e:7c:59:
df:45:7a:6e:91:70:01:5c:02:9d:c9:13:3a:3e:75:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:10:E2:16:D0:2C:C6:10:42:2E:66:DB:BC:16:C5:7F:FF:82:F4:BC
X509v3 Authority Key Identifier:
keyid:05:56:18:A6:19:5F:1E:CA:CB:08:5C:ED:3B:0A:1A:17:C6:2A:2C:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVYYphlfHsrLCFztOwoaF8YqLPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/VxDiFtAsxhBCLmbbvBbFf_-C9Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/eae333-30c4-43ff-b23d-5ae5bca6f48c/1/BVYYphlfHsrLCFztOwoaF8YqLPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.104.0/21
134.19.168.0/21
185.66.24.0/22
185.203.104.0/22
188.241.140.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:bc:20:dd:00:c0:1c:10:70:6f:2c:3b:63:8c:5d:41:bf:79:
16:e2:e9:71:01:c2:9a:6e:68:c6:dd:5a:8b:f1:81:40:0a:49:
cf:23:f1:10:f5:37:43:c2:c1:47:5c:b3:c3:95:6b:c0:a3:45:
cc:b2:da:4e:fe:3c:90:8a:51:5f:23:fa:a5:b1:ba:c5:0d:13:
ef:4e:62:04:cd:5f:89:d3:b7:2a:24:ee:42:dc:7b:d8:a6:8c:
80:23:c8:e1:4e:1c:93:31:0b:78:cb:41:73:03:3d:b3:89:6b:
e4:05:c3:cf:5c:4e:c8:5b:28:de:ec:99:23:ce:f0:fa:39:d5:
7c:12:08:b0:e3:8c:a0:ff:a3:92:ef:1a:93:29:69:16:77:f6:
c1:78:e3:b8:29:a3:12:73:f3:7a:4f:ba:5f:8d:9a:fe:fe:52:
a9:b5:48:41:12:dc:ae:e7:76:e6:15:4d:0f:f1:13:5d:79:bd:
00:f9:de:db:47:15:28:d8:27:8b:2f:29:13:c1:3c:eb:8d:ac:
02:9e:01:3b:2d:19:ff:87:2f:ec:8f:f7:d3:13:44:bb:6e:be:
b0:f6:96:e2:9b:32:16:c9:8b:c0:3f:5b:48:e1:7c:4e:df:1e:
64:a2:8a:7f:93:e6:d7:44:f5:18:30:cc:b9:b3:2a:58:f6:3f:
fe:2a:5a:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKmfIvZWa2SkgoCoQv/RprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTYxOGE2MTk1ZjFlY2FjYjA4NWNlZDNiMGExYTE3YzYy
YTJjZmEwHhcNMjQwMTAyMTQzNTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzEwZTIxNmQwMmNjNjEwNDIyZTY2ZGJiYzE2YzU3ZmZmODJmNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH2Bg2xIB6zGqO5lyKdwM0BqwzRc
dIJltH/160yYdWq4T0tijd+lGShgQhb1I2943/TtQkacjG3sQjDa5aOFz+x24oG/
1RQyq/9kthTycyT3/x0JIR40z26dZ0YWfjDUNAT/pDscKM/awMnIbvdRLda68wa5
H+kCWP4bLZcK0udU+frmmPPLhNOaA5jaJ3p5fsU0v1EXOx+QMVVU+z2djoywuWgW
oNby2PHrEgtmUr6iCq5slAUQa7CRQ0rPnBpoybXL+CeF5GJ9jExXmQCkZRvhswaT
lhjIX8259eOxq1Obn/r+v3ajGdSs9TJefFnfRXpukXABXAKdyRM6PnVXfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFcQ4hbQLMYQQi5m27wWxX//gvS8MB8GA1UdIwQY
MBaAFAVWGKYZXx7Kywhc7TsKGhfGKiz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZZWXBobGZIc3JMQ0Z6dE93b2FGOFlxTFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lYWUzMzMtMzBjNC00M2ZmLWIyM2Qt
NWFlNWJjYTZmNDhjLzEvVnhEaUZ0QXN4aEJDTG1iYnZCYkZmXy1DOUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lYWUzMzMtMzBjNC00M2ZmLWIyM2QtNWFlNWJjYTZmNDhj
LzEvQlZZWXBobGZIc3JMQ0Z6dE93b2FGOFlxTFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH7toAwQD
hhOoAwQCuUIYAwQCuctoAwQBvPGMMA0GCSqGSIb3DQEBCwUAA4IBAQBvvCDdAMAc
EHBvLDtjjF1Bv3kW4ulxAcKabmjG3VqL8YFACknPI/EQ9TdDwsFHXLPDlWvAo0XM
stpO/jyQilFfI/qlsbrFDRPvTmIEzV+J07cqJO5C3HvYpoyAI8jhThyTMQt4y0Fz
Az2ziWvkBcPPXE7IWyje7JkjzvD6OdV8Egiw44yg/6OS7xqTKWkWd/bBeOO4KaMS
c/N6T7pfjZr+/lKptUhBEtyu53bmFU0P8RNdeb0A+d7bRxUo2CeLLykTwTzrjawC
ngE7LRn/hy/sj/fTE0S7br6w9pbimzIWyYvAP1tI4XxO3x5koop/k+bXRPUYMMy5
sypY9j/+KlpY
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:05 2024 by rpki-client on console-fra.rpki-client.org