Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/vds1NAP9UWs5trAaSpv_skorRfs.roa
File: vds1NAP9UWs5trAaSpv_skorRfs.roa (raw, json)
Hash identifier: 9oSMbD0fMvda+TUIirWRSF3DTRWOEPhDtAOCs1PEYU8=
Subject key identifier: BD:DB:35:34:03:FD:51:6B:39:B6:B0:1A:4A:9B:FF:B2:4A:2B:45:FB
Certificate issuer: /CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Certificate serial: 018CC4938BF7BFA8A476A81330BAD2304109
Authority key identifier: 16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/vds1NAP9UWs5trAaSpv_skorRfs.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49381
IP address blocks: 91.229.196.0/22 maxlen: 22
193.169.44.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/FpdnWF3O9z4fqfZNpsfydu2Hpx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/FpdnWF3O9z4fqfZNpsfydu2Hpx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8b:f7:bf:a8:a4:76:a8:13:30:ba:d2:30:41:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bddb353403fd516b39b6b01a4a9bffb24a2b45fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4e:c2:19:4b:4c:76:05:d1:50:88:13:f1:94:
ca:63:f1:09:a1:f4:7f:d4:50:48:71:e0:57:cd:48:
7f:7b:b8:fb:a8:fe:46:38:00:cf:86:5c:e1:53:6f:
5a:99:20:f3:db:3a:7e:fc:35:60:50:5b:e8:c0:a0:
50:d8:84:fd:a0:a6:d3:53:fa:51:75:dd:5a:fe:54:
f0:12:43:f3:13:1f:d6:8c:db:dc:fc:be:a6:d9:fc:
52:90:62:9b:ba:36:52:04:f8:f4:58:46:d5:28:dc:
7b:ef:f6:00:4f:bf:2a:13:20:7f:84:66:d8:1c:35:
1f:23:84:d5:a6:65:69:05:54:8e:74:18:13:4c:98:
6d:93:1f:9d:49:88:23:d6:5d:a0:59:4b:5b:ea:2f:
1d:fd:0d:75:a1:33:69:5e:50:19:f9:f3:83:6b:27:
36:b2:b0:ea:06:a3:59:ff:f2:b3:78:04:0a:ba:85:
13:49:1e:17:00:d7:af:06:ea:29:e2:63:c5:9c:a3:
f3:ef:0d:07:96:49:b5:46:30:2d:b3:aa:87:ca:b0:
53:95:5a:34:ad:a3:14:41:30:87:83:3e:b5:b8:7b:
2c:33:b5:60:b3:81:3c:31:36:73:8b:4b:80:06:55:
b9:40:22:24:e2:5d:ec:17:fe:7e:49:26:18:1a:fa:
05:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DB:35:34:03:FD:51:6B:39:B6:B0:1A:4A:9B:FF:B2:4A:2B:45:FB
X509v3 Authority Key Identifier:
keyid:16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/vds1NAP9UWs5trAaSpv_skorRfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/FpdnWF3O9z4fqfZNpsfydu2Hpx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.196.0/22
193.169.44.0/23
Signature Algorithm: sha256WithRSAEncryption
93:3d:e5:60:db:d3:27:e8:93:94:48:75:86:68:14:7e:4e:eb:
61:e7:77:5c:6c:16:30:f7:f3:4f:ae:bf:8b:e5:81:1c:79:fe:
cf:09:bb:04:04:af:53:6d:33:bf:2b:ec:a6:24:a0:c1:10:ee:
d0:34:5d:5f:65:d0:de:4f:14:22:c0:9b:fe:63:0d:a6:4f:1b:
b6:56:0d:f2:a4:37:33:2c:b9:f1:61:05:b9:c2:67:9b:6f:44:
e0:8f:17:28:6e:f3:f5:1e:55:e2:11:ef:db:a4:7e:67:c4:ea:
47:9d:b6:f4:ef:b1:76:a1:54:44:48:ed:97:fd:10:6c:d2:0f:
99:57:85:cd:bc:78:5e:e9:cf:af:f2:a3:12:98:e7:05:11:61:
49:b0:d8:d2:15:03:a0:39:3c:ff:15:41:c3:7d:bd:77:fb:6d:
cd:7c:b6:2b:32:db:50:43:81:27:ef:89:f7:77:2c:22:2e:0a:
50:61:6a:84:ac:1e:47:91:8e:70:a1:f6:b2:94:21:5e:62:2a:
a7:df:30:f4:78:76:2f:37:50:dd:35:ed:5c:d5:47:51:e2:99:
d1:fa:8b:2b:ae:c3:fc:5b:15:10:c4:db:56:b5:4b:dc:05:be:
3a:52:38:0a:47:f1:fb:4b:f0:f5:59:51:d2:e4:44:23:d9:bc:
fa:87:2b:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk4v3v6ikdqgTMLrSMEEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTc2NzU4NWRjZWY3M2UxZmE5ZjY0ZGE2YzdmMjc2ZWQ4
N2E3MWYwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRiMzUzNDAzZmQ1MTZiMzliNmIwMWE0YTliZmZiMjRhMmI0NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU7CGUtMdgXRUIgT8ZTKY/EJofR/
1FBIceBXzUh/e7j7qP5GOADPhlzhU29amSDz2zp+/DVgUFvowKBQ2IT9oKbTU/pR
dd1a/lTwEkPzEx/WjNvc/L6m2fxSkGKbujZSBPj0WEbVKNx77/YAT78qEyB/hGbY
HDUfI4TVpmVpBVSOdBgTTJhtkx+dSYgj1l2gWUtb6i8d/Q11oTNpXlAZ+fODayc2
srDqBqNZ//KzeAQKuoUTSR4XANevBuop4mPFnKPz7w0Hlkm1RjAts6qHyrBTlVo0
raMUQTCHgz61uHssM7Vgs4E8MTZzi0uABlW5QCIk4l3sF/5+SSYYGvoFlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3bNTQD/VFrObawGkqb/7JKK0X7MB8GA1UdIwQY
MBaAFBaXZ1hdzvc+H6n2TabH8nbth6cfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAt
NDdiNjMwOTUzYzUwLzEvdmRzMU5BUDlVV3M1dHJBYVNwdl9za29yUmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAtNDdiNjMwOTUzYzUw
LzEvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+XEAwQB
waksMA0GCSqGSIb3DQEBCwUAA4IBAQCTPeVg29Mn6JOUSHWGaBR+Tuth53dcbBYw
9/NPrr+L5YEcef7PCbsEBK9TbTO/K+ymJKDBEO7QNF1fZdDeTxQiwJv+Yw2mTxu2
Vg3ypDczLLnxYQW5wmebb0TgjxcobvP1HlXiEe/bpH5nxOpHnbb077F2oVRESO2X
/RBs0g+ZV4XNvHhe6c+v8qMSmOcFEWFJsNjSFQOgOTz/FUHDfb13+23NfLYrMttQ
Q4En74n3dywiLgpQYWqErB5HkY5wofaylCFeYiqn3zD0eHYvN1DdNe1c1UdR4pnR
+osrrsP8WxUQxNtWtUvcBb46UjgKR/H7S/D1WVHS5EQj2bz6hyt6
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:29:22 2024 by rpki-client on console-fra.rpki-client.org