Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/FoVdP2zXQO7JmuUnUjOTZep-vgw.roa
File: FoVdP2zXQO7JmuUnUjOTZep-vgw.roa (raw, json)
Hash identifier: ZOk3u6PTcx4pIna4BmuFtp/Z7fekpAtw0hyzoJOXo8c=
Subject key identifier: 16:85:5D:3F:6C:D7:40:EE:C9:9A:E5:27:52:33:93:65:EA:7E:BE:0C
Certificate issuer: /CN=05f59aedc28296e291724f7937de788e27216408
Certificate serial: 018CC42534FC3DF236F5C455C85177958B13
Authority key identifier: 05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/FoVdP2zXQO7JmuUnUjOTZep-vgw.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198638
IP address blocks: 185.22.20.0/22 maxlen: 22
2a00:5ae0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 18:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:34:fc:3d:f2:36:f5:c4:55:c8:51:77:95:8b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f59aedc28296e291724f7937de788e27216408
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16855d3f6cd740eec99ae52752339365ea7ebe0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:d1:3d:0d:48:64:11:8f:d1:74:50:44:be:
84:35:53:13:30:0b:0b:72:fc:8c:c0:eb:af:ca:f5:
a5:35:c4:5f:5b:58:46:b2:96:8a:73:3e:07:4d:c2:
bd:a8:28:f1:e1:93:f0:e1:4a:6a:7e:88:f8:14:a4:
6e:6d:0a:18:d1:25:f6:3a:aa:18:4f:e1:e1:ce:95:
02:28:87:b1:da:6a:8c:43:2a:78:a6:4f:5f:9c:4a:
87:7e:5c:c3:4f:9d:a9:92:a4:54:b4:e8:77:44:6e:
fa:09:25:d5:19:84:a4:1a:b1:a0:49:33:c2:be:d5:
33:15:34:f6:b3:a7:e6:88:af:b0:c5:1e:fb:af:0a:
8c:f1:15:ca:f4:22:95:fe:a3:7f:ef:0e:f5:2a:31:
e5:53:e6:39:33:8a:4f:08:74:31:af:01:3a:46:38:
2d:be:73:58:e0:99:d3:fb:bd:e6:b1:61:0f:7c:c4:
2b:14:3c:3f:3b:ea:c5:bb:49:3d:f5:20:5c:c5:38:
a5:28:c5:d4:a2:ff:e1:ab:72:82:2e:a1:88:1a:63:
1a:d0:26:81:c6:2d:f6:25:5c:ce:86:3e:ec:f4:9e:
61:9e:90:a8:9b:4c:48:a5:1e:93:ce:30:03:2a:82:
c1:c8:8f:1e:55:cc:17:a4:1e:ca:18:c5:20:26:03:
32:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:85:5D:3F:6C:D7:40:EE:C9:9A:E5:27:52:33:93:65:EA:7E:BE:0C
X509v3 Authority Key Identifier:
keyid:05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/FoVdP2zXQO7JmuUnUjOTZep-vgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.20.0/22
IPv6:
2a00:5ae0:100::/48
Signature Algorithm: sha256WithRSAEncryption
77:6f:34:ae:44:11:25:e7:22:9f:76:60:da:c0:39:37:34:94:
fd:72:8c:ef:14:1d:85:e8:de:86:68:ca:3a:c0:cb:db:fb:5c:
b0:8f:dc:ea:7b:9b:6e:52:81:da:90:26:48:5b:e6:96:f5:16:
95:6d:9e:4f:6c:78:f0:bc:05:35:0e:f4:4e:94:2f:31:09:21:
af:af:d7:e7:fa:9e:70:e4:82:96:69:e7:b9:67:95:0f:28:82:
9a:a3:56:5e:1e:6e:fb:73:93:a2:21:fb:b1:d5:54:9b:40:98:
89:84:9f:48:a8:d3:e8:7e:75:ff:39:a7:f5:c2:a9:59:f6:97:
9d:22:69:70:60:1a:62:91:4e:96:67:0b:70:28:ec:f9:27:1e:
93:84:40:67:ef:41:64:9b:89:5e:b6:a7:90:8f:e6:68:a1:2c:
39:ab:d5:65:a5:04:9c:39:f5:35:57:37:f6:0f:73:4c:57:6d:
c6:3d:b5:50:33:c6:ab:92:d6:18:62:da:42:2e:6b:2d:61:8b:
29:d3:21:b0:9c:ad:0e:3d:6b:8e:bc:98:5f:78:fd:55:af:6b:
0a:54:f7:95:2c:5b:47:73:36:91:d4:94:ce:53:bc:6e:63:0b:
6f:5c:0c:fd:8e:70:93:5a:f8:fd:dc:55:d0:f7:38:3c:41:d7:
34:77:86:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJTT8PfI29cRVyFF3lYsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjU5YWVkYzI4Mjk2ZTI5MTcyNGY3OTM3ZGU3ODhlMjcy
MTY0MDgwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg1NWQzZjZjZDc0MGVlYzk5YWU1Mjc1MjMzOTM2NWVhN2ViZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxnRPQ1IZBGP0XRQRL6ENVMTMAsL
cvyMwOuvyvWlNcRfW1hGspaKcz4HTcK9qCjx4ZPw4Upqfoj4FKRubQoY0SX2OqoY
T+HhzpUCKIex2mqMQyp4pk9fnEqHflzDT52pkqRUtOh3RG76CSXVGYSkGrGgSTPC
vtUzFTT2s6fmiK+wxR77rwqM8RXK9CKV/qN/7w71KjHlU+Y5M4pPCHQxrwE6Rjgt
vnNY4JnT+73msWEPfMQrFDw/O+rFu0k99SBcxTilKMXUov/hq3KCLqGIGmMa0CaB
xi32JVzOhj7s9J5hnpCom0xIpR6TzjADKoLByI8eVcwXpB7KGMUgJgMyAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBaFXT9s10DuyZrlJ1Izk2Xqfr4MMB8GA1UdIwQY
MBaAFAX1mu3CgpbikXJPeTfeeI4nIWQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2Mt
ZDY0MzY4MjA4MTMxLzEvRm9WZFAyelhRTzdKbXVVblVqT1RaZXAtdmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2MtZDY0MzY4MjA4MTMx
LzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuRYUMA8E
AgACMAkDBwAqAFrgAQAwDQYJKoZIhvcNAQELBQADggEBAHdvNK5EESXnIp92YNrA
OTc0lP1yjO8UHYXo3oZoyjrAy9v7XLCP3Op7m25SgdqQJkhb5pb1FpVtnk9sePC8
BTUO9E6ULzEJIa+v1+f6nnDkgpZp57lnlQ8ogpqjVl4ebvtzk6Ih+7HVVJtAmImE
n0io0+h+df85p/XCqVn2l50iaXBgGmKRTpZnC3Ao7PknHpOEQGfvQWSbiV62p5CP
5mihLDmr1WWlBJw59TVXN/YPc0xXbcY9tVAzxquS1hhi2kIuay1hiynTIbCcrQ49
a468mF94/VWvawpU95UsW0dzNpHUlM5TvG5jC29cDP2OcJNa+P3cVdD3ODxB1zR3
hrM=
-----END CERTIFICATE-----
Generated at Sun May 26 00:28:11 2024 by rpki-client on console-ams.rpki-client.org