Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/bvgJS61kGIDiVnW4Hp0ZiepomG8.roa
File: bvgJS61kGIDiVnW4Hp0ZiepomG8.roa (raw, json)
Hash identifier: yIYC7aHQ+I4vOJTq+fVd9ctLTF3krLil9lfnnBN4c/U=
Subject key identifier: 6E:F8:09:4B:AD:64:18:80:E2:56:75:B8:1E:9D:19:89:EA:68:98:6F
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018FED63FCF7A6604F6AFBB3B6EA594653BA
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/bvgJS61kGIDiVnW4Hp0ZiepomG8.roa
Signing time: Thu 06 Jun 2024 11:51:44 +0000
ROA not before: Thu 06 Jun 2024 11:51:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216279
IP address blocks: 185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
2a03:3a60:a22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Nov 2024 22:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:63:fc:f7:a6:60:4f:6a:fb:b3:b6:ea:59:46:53:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jun 6 11:51:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef8094bad641880e25675b81e9d1989ea68986f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9a:06:55:1f:54:ea:86:c4:2e:8e:89:65:ff:
f8:ae:b0:a7:b6:fd:9f:8a:bf:11:aa:da:b0:d4:78:
8e:55:a5:cf:42:67:86:7b:a0:45:11:3b:19:c9:08:
87:7c:f1:f4:2d:c4:5a:17:36:38:ea:8a:61:19:0e:
46:79:57:42:13:27:4d:b8:dd:4e:92:70:1b:05:1e:
f6:49:5e:13:1a:ec:ff:ce:9a:fa:5f:05:20:4e:77:
7b:5e:69:e1:c8:48:eb:c3:d0:95:0e:5d:0c:a6:93:
c0:b4:89:32:ef:bb:c3:e4:db:64:71:a3:2b:b4:fb:
66:4e:ea:6f:54:a9:f4:f6:77:23:c2:35:59:d2:90:
bd:f8:e6:28:49:43:f0:9e:f3:dc:30:18:ce:8c:de:
63:cd:66:f2:90:97:42:d7:db:b6:cf:7f:eb:c0:85:
bb:af:98:1e:68:a2:f4:92:d5:c0:95:c7:99:a2:b1:
a3:44:f4:3f:ed:d0:0e:47:5f:ce:85:2d:18:a7:2c:
5c:45:5d:89:5f:e0:b8:70:e8:cf:cd:a3:a7:be:e8:
5f:58:dc:70:e1:1d:4d:11:d1:3d:ab:f5:5e:3b:68:
91:da:77:7b:87:f6:22:30:7f:0f:02:33:3b:42:22:
01:0b:d9:3f:67:a0:10:04:b1:64:b4:78:29:06:74:
a2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F8:09:4B:AD:64:18:80:E2:56:75:B8:1E:9D:19:89:EA:68:98:6F
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/bvgJS61kGIDiVnW4Hp0ZiepomG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
84:e8:2b:54:26:77:e9:bf:78:4f:05:3d:45:1c:50:45:78:ad:
eb:3f:67:22:e4:f6:44:74:8d:e6:0d:08:33:81:19:53:f8:2d:
f8:25:fd:2b:5b:8b:83:dc:10:47:86:13:30:e8:b6:f5:54:cb:
e4:43:76:14:1c:92:42:21:d4:50:d7:99:94:17:74:17:08:a1:
bb:23:31:d3:be:64:e9:6e:5f:79:70:1d:2a:fe:5f:71:3d:ee:
88:b5:35:b6:7d:d9:cb:44:23:7a:87:d7:56:cf:c5:a1:7e:46:
22:69:9a:1e:c4:12:d9:53:72:8e:b1:5f:2a:1f:64:10:51:e7:
0a:07:b7:62:33:ac:a8:ef:6a:b2:c4:fc:dd:76:40:52:58:0d:
7c:ec:48:85:e0:f0:33:10:b8:75:38:b1:62:0d:a0:d9:11:06:
94:2a:27:46:14:2c:2f:a6:d0:85:8b:b6:62:80:34:6d:95:c6:
c9:34:25:d5:54:8e:ae:99:ef:39:ab:bc:78:c4:d6:7c:82:68:
0d:20:50:7a:00:5f:33:7a:20:aa:a2:39:97:f7:f9:49:24:05:
92:1b:9b:d9:dc:d6:6a:58:20:0a:c0:2e:31:92:13:64:72:a6:
8c:d3:bb:19:31:00:33:75:7e:51:f3:ea:b5:4f:d7:4d:4e:a7:
56:da:36:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/tY/z3pmBPavuztupZRlO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwNjA2MTE1MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY4MDk0YmFkNjQxODgwZTI1Njc1YjgxZTlkMTk4OWVhNjg5ODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JoGVR9U6obELo6JZf/4rrCntv2f
ir8Rqtqw1HiOVaXPQmeGe6BFETsZyQiHfPH0LcRaFzY46ophGQ5GeVdCEydNuN1O
knAbBR72SV4TGuz/zpr6XwUgTnd7XmnhyEjrw9CVDl0MppPAtIky77vD5NtkcaMr
tPtmTupvVKn09ncjwjVZ0pC9+OYoSUPwnvPcMBjOjN5jzWbykJdC19u2z3/rwIW7
r5geaKL0ktXAlceZorGjRPQ/7dAOR1/OhS0YpyxcRV2JX+C4cOjPzaOnvuhfWNxw
4R1NEdE9q/VeO2iR2nd7h/YiMH8PAjM7QiIBC9k/Z6AQBLFktHgpBnSiBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG74CUutZBiA4lZ1uB6dGYnqaJhvMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvYnZnSlM2MWtHSURpVm5XNEhwMFppZXBvbUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXKcAwQC
ueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQCE6CtUJnfpv3hP
BT1FHFBFeK3rP2ci5PZEdI3mDQgzgRlT+C34Jf0rW4uD3BBHhhMw6Lb1VMvkQ3YU
HJJCIdRQ15mUF3QXCKG7IzHTvmTpbl95cB0q/l9xPe6ItTW2fdnLRCN6h9dWz8Wh
fkYiaZoexBLZU3KOsV8qH2QQUecKB7diM6yo72qyxPzddkBSWA187EiF4PAzELh1
OLFiDaDZEQaUKidGFCwvptCFi7ZigDRtlcbJNCXVVI6ume85q7x4xNZ8gmgNIFB6
AF8zeiCqojmX9/lJJAWSG5vZ3NZqWCAKwC4xkhNkcqaM07sZMQAzdX5R8+q1T9dN
TqdW2jZ7
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:37:31 2024 by rpki-client on console-fra.rpki-client.org