Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/vpKsNwxiB_lLYGbWT-Fv720XNpY.roa
File: vpKsNwxiB_lLYGbWT-Fv720XNpY.roa (raw, json)
Hash identifier: EHx5CV6Ugyva/iOpJgKyEELm267LcWT3sT31VUPGw7g=
Subject key identifier: BE:92:AC:37:0C:62:07:F9:4B:60:66:D6:4F:E1:6F:EF:6D:17:36:96
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 018CC26D468664C68FD84D5D6DF16D25A34D
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/vpKsNwxiB_lLYGbWT-Fv720XNpY.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 83.229.66.0/24 maxlen: 32
193.32.96.0/23 maxlen: 32
193.32.98.0/23 maxlen: 32
80.240.98.0/23 maxlen: 32
217.194.136.0/24 maxlen: 32
217.194.136.0/23 maxlen: 32
193.47.56.0/22 maxlen: 32
195.216.128.0/22 maxlen: 32
103.14.104.0/22 maxlen: 32
194.99.60.0/23 maxlen: 32
194.99.62.0/23 maxlen: 32
212.103.56.0/22 maxlen: 32
185.18.40.0/22 maxlen: 32
31.12.76.0/23 maxlen: 32
31.12.78.0/23 maxlen: 32
185.51.23.0/24 maxlen: 32
46.149.160.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:86:64:c6:8f:d8:4d:5d:6d:f1:6d:25:a3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be92ac370c6207f94b6066d64fe16fef6d173696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:12:bd:7e:79:23:3e:3c:3a:ad:c3:b5:56:ac:
5a:7b:fc:68:e9:76:bd:63:42:f9:22:fc:c4:ee:86:
0d:13:4b:1b:06:fe:87:a6:ce:cb:83:cd:2e:b2:43:
ee:7d:7d:e3:ad:66:70:72:a0:c0:38:c5:9c:4d:38:
30:3a:1b:59:1b:58:62:5a:6f:7e:e4:14:74:c9:51:
96:5e:82:35:65:fc:51:19:96:b1:7b:7e:20:02:3f:
e3:ed:17:60:e2:5f:3e:16:c7:5d:a0:14:8f:2d:1d:
3a:69:71:3c:d4:5a:bf:81:ec:6c:5b:fb:76:15:da:
a0:13:a1:30:e4:0d:28:fa:75:2e:87:12:64:83:42:
98:d2:9a:29:fc:34:78:bc:64:1c:07:e3:f8:b6:eb:
51:3c:a5:a2:33:3e:81:8f:ae:06:82:ee:ff:1f:a0:
2f:35:70:0d:13:c2:0c:9f:a4:c9:0c:a2:a3:fa:47:
bf:6b:8c:1c:44:e2:dc:a1:b7:bc:66:20:52:83:66:
1e:35:4d:df:9e:d2:a6:f0:5e:d4:d3:a3:e4:80:ce:
9a:c1:4a:e7:b9:84:20:11:99:de:24:aa:1c:cd:e3:
44:bb:18:61:fb:75:dd:b7:83:59:2a:d3:d6:0e:9f:
b0:04:cb:95:a5:d9:92:2a:ff:b5:7d:f4:85:af:c3:
21:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:92:AC:37:0C:62:07:F9:4B:60:66:D6:4F:E1:6F:EF:6D:17:36:96
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/vpKsNwxiB_lLYGbWT-Fv720XNpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.76.0/22
46.149.160.0/22
80.240.98.0/23
83.229.66.0/24
103.14.104.0/22
185.18.40.0/22
185.51.23.0/24
193.32.96.0/22
193.47.56.0/22
194.99.60.0/22
195.216.128.0/22
212.103.56.0/22
217.194.136.0/23
Signature Algorithm: sha256WithRSAEncryption
38:21:2a:d7:5e:5a:b1:25:ca:2f:cc:09:d4:05:01:27:1b:18:
fe:49:5d:69:aa:06:0a:6b:4e:8f:89:ab:59:23:88:24:1c:5a:
05:7b:c3:d7:fd:13:c0:00:1c:c0:bc:36:3a:8c:23:97:78:89:
87:f8:02:d9:70:2b:69:5e:8b:4e:93:38:0d:b9:2f:11:83:87:
18:37:90:f5:d3:64:bc:95:90:e3:a7:1a:17:2f:6a:b0:e1:c8:
b2:e9:f2:a8:ce:0f:44:9b:8c:c4:37:d3:55:3a:70:28:be:6d:
4a:e2:02:9b:92:ea:17:fa:34:59:c5:71:3b:de:c4:cd:7a:46:
c3:15:10:2c:c5:59:95:78:3a:3b:59:89:92:03:d3:d9:04:c2:
88:59:90:88:d2:96:12:6a:0b:68:29:04:58:02:8d:ad:32:59:
89:a8:5b:81:56:c5:a4:5d:9d:31:6b:8d:c4:69:25:b5:75:26:
ce:46:48:25:11:ac:4c:7e:62:62:38:9f:ca:6e:12:55:08:82:
ea:9b:73:ee:4c:e5:ac:66:f7:2a:6d:0e:e6:cf:6e:7d:3a:20:
1f:27:69:19:e6:fa:1c:87:5a:49:0f:a5:93:6e:38:0a:75:da:
e0:e9:98:83:84:3b:d7:7d:64:57:7e:1e:7c:91:78:a4:81:69:
69:18:89:35
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzCbUaGZMaP2E1dbfFtJaNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTkyYWMzNzBjNjIwN2Y5NGI2MDY2ZDY0ZmUxNmZlZjZkMTczNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK9fnkjPjw6rcO1Vqxae/xo6Xa9
Y0L5IvzE7oYNE0sbBv6Hps7Lg80uskPufX3jrWZwcqDAOMWcTTgwOhtZG1hiWm9+
5BR0yVGWXoI1ZfxRGZaxe34gAj/j7Rdg4l8+FsddoBSPLR06aXE81Fq/gexsW/t2
FdqgE6Ew5A0o+nUuhxJkg0KY0pop/DR4vGQcB+P4tutRPKWiMz6Bj64Ggu7/H6Av
NXANE8IMn6TJDKKj+ke/a4wcROLcobe8ZiBSg2YeNU3fntKm8F7U06PkgM6awUrn
uYQgEZneJKoczeNEuxhh+3Xdt4NZKtPWDp+wBMuVpdmSKv+1ffSFr8Mh8wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFL6SrDcMYgf5S2Bm1k/hb+9tFzaWMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvdnBLc053eGlCX2xMWUdiV1QtRnY3MjBYTnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCHwxMAwQC
LpWgAwQBUPBiAwQAU+VCAwQCZw5oAwQCuRIoAwQAuTMXAwQCwSBgAwQCwS84AwQC
wmM8AwQCw9iAAwQC1Gc4AwQB2cKIMA0GCSqGSIb3DQEBCwUAA4IBAQA4ISrXXlqx
JcovzAnUBQEnGxj+SV1pqgYKa06PiatZI4gkHFoFe8PX/RPAABzAvDY6jCOXeImH
+ALZcCtpXotOkzgNuS8Rg4cYN5D102S8lZDjpxoXL2qw4ciy6fKozg9Em4zEN9NV
OnAovm1K4gKbkuoX+jRZxXE73sTNekbDFRAsxVmVeDo7WYmSA9PZBMKIWZCI0pYS
agtoKQRYAo2tMlmJqFuBVsWkXZ0xa43EaSW1dSbORkglEaxMfmJiOJ/KbhJVCILq
m3PuTOWsZvcqbQ7mz259OiAfJ2kZ5voch1pJD6WTbjgKddrg6ZiDhDvXfWRXfh58
kXikgWlpGIk1
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:49 2024 by rpki-client on console-ams.rpki-client.org