Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/Vriz_sDoxzm2GTzTd9rOzVQ8O80.roa
File: Vriz_sDoxzm2GTzTd9rOzVQ8O80.roa (raw, json)
Hash identifier: F31lTWld/XwMTfUNR4tEcugJ7CVr38EkkzBvLUHGa5w=
Subject key identifier: 56:B8:B3:FE:C0:E8:C7:39:B6:19:3C:D3:77:DA:CE:CD:54:3C:3B:CD
Certificate issuer: /CN=fbb26952b1213f9cbd1d8c9671fb22357ad8d322
Certificate serial: 018CCA99A6ED0EC5BFCF2FFAB755D295622A
Authority key identifier: FB:B2:69:52:B1:21:3F:9C:BD:1D:8C:96:71:FB:22:35:7A:D8:D3:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/Vriz_sDoxzm2GTzTd9rOzVQ8O80.roa
Signing time: Tue 02 Jan 2024 14:35:16 +0000
ROA not before: Tue 02 Jan 2024 14:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201928
IP address blocks: 185.115.41.0/24 maxlen: 24
185.59.44.0/24 maxlen: 24
185.115.40.0/24 maxlen: 24
185.115.43.0/24 maxlen: 24
185.115.42.0/24 maxlen: 24
185.59.47.0/24 maxlen: 24
185.59.46.0/24 maxlen: 24
185.59.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a6:ed:0e:c5:bf:cf:2f:fa:b7:55:d2:95:62:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbb26952b1213f9cbd1d8c9671fb22357ad8d322
Validity
Not Before: Jan 2 14:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56b8b3fec0e8c739b6193cd377dacecd543c3bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:07:7c:06:d1:5d:b8:39:71:e3:d2:18:d8:67:
bd:52:52:b1:82:6a:63:d0:20:93:95:1b:ca:fa:3f:
18:0b:ae:09:03:fe:87:60:4f:89:c9:90:23:25:db:
c5:63:d2:0c:72:d3:af:17:ec:fe:a2:92:a5:ce:75:
c2:46:e2:e8:70:7b:d6:46:b7:ef:d5:e1:b3:6e:6a:
06:39:ec:32:98:e2:ce:37:da:ca:69:b5:b0:16:63:
f6:d8:63:db:97:3b:72:bd:0a:9b:21:96:be:4b:08:
bc:da:bf:b9:22:5a:c3:ab:b6:cd:39:fa:71:27:71:
9e:7a:4d:f4:6d:f4:8f:c8:10:14:00:32:b8:fa:dd:
fa:1f:3c:47:42:5e:f1:19:65:6f:c1:c9:6a:03:98:
48:c5:01:fc:aa:77:40:57:a0:17:42:88:e3:88:d1:
74:2a:de:53:f7:5d:42:b1:78:7b:af:59:87:fe:10:
23:ae:b2:e5:48:94:c1:26:64:8b:c0:a0:f7:04:02:
3d:fb:7e:57:12:b0:61:a7:a2:ae:2b:a6:04:52:c2:
50:f5:88:d0:14:cc:85:22:b0:3f:5e:22:1f:9b:1c:
13:36:bc:bd:b4:40:a0:70:70:7d:eb:66:ca:22:87:
65:62:68:1a:f4:6e:ff:ee:41:e7:8f:76:94:da:c4:
25:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B8:B3:FE:C0:E8:C7:39:B6:19:3C:D3:77:DA:CE:CD:54:3C:3B:CD
X509v3 Authority Key Identifier:
keyid:FB:B2:69:52:B1:21:3F:9C:BD:1D:8C:96:71:FB:22:35:7A:D8:D3:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/Vriz_sDoxzm2GTzTd9rOzVQ8O80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/25998d-4b7a-42b2-b46d-dd23291f7a19/1/1-7JpUrEhP5y9HYyWcfsiNXrY0yI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.44.0/22
185.115.40.0/22
Signature Algorithm: sha256WithRSAEncryption
53:ef:2d:f2:fe:8e:fb:18:b0:fb:98:96:02:3d:f9:68:f2:96:
9f:88:d9:c4:cf:be:cc:df:df:81:e3:03:8f:d9:4a:c7:31:b8:
f4:aa:34:95:ea:ce:04:ec:0f:ad:da:f1:d0:f4:52:a2:01:ab:
4d:6c:9c:6c:f6:0a:48:6b:01:54:44:ab:b3:3f:b1:52:7c:c6:
93:fe:35:56:d4:da:ce:3e:95:5d:da:81:77:e8:5c:61:ad:2c:
90:58:4a:b3:95:35:da:3e:54:f7:b9:75:16:80:ea:7a:38:dc:
0b:6f:58:0c:fd:85:88:e9:0b:3b:32:0b:11:e3:82:e9:de:6e:
e6:2a:77:94:f0:9d:13:ca:2e:11:b7:79:af:f7:a4:3a:5f:35:
f7:80:f1:a4:52:69:7d:87:7a:c7:dc:fa:05:83:fa:23:a9:e6:
6b:a6:5f:20:f6:a2:d4:30:ba:d4:cc:b1:ed:34:b8:94:86:d9:
6e:da:d0:33:e7:5f:23:c4:df:78:91:44:cb:06:46:1b:64:2d:
79:6e:5f:1d:ae:0d:8a:93:39:59:4d:ec:c1:dc:8e:01:14:cd:
5c:d9:3e:ef:c9:fc:95:80:99:51:dc:05:d5:1a:f9:45:04:df:
ec:1a:11:4e:de:74:76:fb:c9:45:8c:bc:57:17:21:10:e4:2c:
be:b7:1e:9c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmabtDsW/zy/6t1XSlWIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYjI2OTUyYjEyMTNmOWNiZDFkOGM5NjcxZmIyMjM1N2Fk
OGQzMjIwHhcNMjQwMTAyMTQzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI4YjNmZWMwZThjNzM5YjYxOTNjZDM3N2RhY2VjZDU0M2MzYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ad8BtFduDlx49IY2Ge9UlKxgmpj
0CCTlRvK+j8YC64JA/6HYE+JyZAjJdvFY9IMctOvF+z+opKlznXCRuLocHvWRrfv
1eGzbmoGOewymOLON9rKabWwFmP22GPblztyvQqbIZa+Swi82r+5IlrDq7bNOfpx
J3Geek30bfSPyBAUADK4+t36HzxHQl7xGWVvwclqA5hIxQH8qndAV6AXQojjiNF0
Kt5T911CsXh7r1mH/hAjrrLlSJTBJmSLwKD3BAI9+35XErBhp6KuK6YEUsJQ9YjQ
FMyFIrA/XiIfmxwTNry9tECgcHB962bKIodlYmga9G7/7kHnj3aU2sQluwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFa4s/7A6Mc5thk803fazs1UPDvNMB8GA1UdIwQY
MBaAFPuyaVKxIT+cvR2MlnH7IjV62NMiMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03SnBVckVoUDV5OUhZeVdjZnNpTlhyWTB5SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvMjU5OThkLTRiN2EtNDJiMi1iNDZk
LWRkMjMyOTFmN2ExOS8xL1ZyaXpfc0RveHptMkdUelRkOXJPelZROE84MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvMjU5OThkLTRiN2EtNDJiMi1iNDZkLWRkMjMyOTFmN2Ex
OS8xLzEtN0pwVXJFaFA1eTlIWXlXY2ZzaU5YclkweUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5OywD
BAK5cygwDQYJKoZIhvcNAQELBQADggEBAFPvLfL+jvsYsPuYlgI9+Wjylp+I2cTP
vszf34HjA4/ZSscxuPSqNJXqzgTsD63a8dD0UqIBq01snGz2CkhrAVREq7M/sVJ8
xpP+NVbU2s4+lV3agXfoXGGtLJBYSrOVNdo+VPe5dRaA6no43AtvWAz9hYjpCzsy
CxHjgunebuYqd5TwnRPKLhG3ea/3pDpfNfeA8aRSaX2Hesfc+gWD+iOp5mumXyD2
otQwutTMse00uJSG2W7a0DPnXyPE33iRRMsGRhtkLXluXx2uDYqTOVlN7MHcjgEU
zVzZPu/J/JWAmVHcBdUa+UUE3+waEU7edHb7yUWMvFcXIRDkLL63Hpw=
-----END CERTIFICATE-----
Generated at Thu May 23 11:55:44 2024 by rpki-client on console-ams.rpki-client.org