Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/veNRJDzucxnvseDLHv14vf0EpNY.roa
File: veNRJDzucxnvseDLHv14vf0EpNY.roa (raw, json)
Hash identifier: /1XBQ1kxl7JWNV1/tez5dbM2XYnyvkSMFNLUwYOpWv0=
Subject key identifier: BD:E3:51:24:3C:EE:73:19:EF:B1:E0:CB:1E:FD:78:BD:FD:04:A4:D6
Certificate issuer: /CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Certificate serial: 018CC5DCB3A77ED6619553892FC0152CC82F
Authority key identifier: 7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/veNRJDzucxnvseDLHv14vf0EpNY.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50554
IP address blocks: 139.28.112.0/22 maxlen: 24
185.3.176.0/22 maxlen: 24
89.106.160.0/21 maxlen: 24
2a00:1bc8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b3:a7:7e:d6:61:95:53:89:2f:c0:15:2c:c8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bde351243cee7319efb1e0cb1efd78bdfd04a4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:57:72:e5:3d:78:a2:41:e5:ca:0d:1d:7d:56:
ad:12:ff:70:21:16:44:70:bc:4e:89:b3:05:2f:0e:
09:54:26:a8:f5:8d:80:17:0c:ef:e6:79:a2:ea:ef:
56:b3:c0:16:93:4d:75:17:f6:5d:87:0d:2b:d4:3b:
b9:8b:a5:06:61:ad:0a:a1:a2:0b:38:72:30:ef:96:
ca:f3:56:b9:2b:fe:f6:65:6c:8d:a8:9a:93:30:bd:
75:c6:7b:94:24:f1:3b:96:70:60:f3:c0:3d:51:ce:
15:33:d1:2c:32:d5:fe:e1:50:4b:b3:4d:e7:35:61:
26:86:e7:12:f9:64:b9:e1:b2:63:f7:14:04:1a:13:
40:67:15:a0:c9:eb:72:c5:70:3c:7e:9b:b3:b7:68:
dc:a3:f9:f2:27:c0:25:7f:ba:3d:31:fe:22:ce:2a:
e0:f3:3c:a1:2f:75:77:d6:3f:11:e0:5c:2b:93:55:
67:ea:2f:dc:01:f2:36:f6:a5:8e:0a:69:f2:b2:25:
30:51:fa:ee:7e:4f:31:29:bc:53:eb:d2:a5:8e:cf:
b0:e0:b6:d9:62:c9:7b:8d:62:bd:58:db:76:8b:4b:
7f:90:6a:41:fa:b4:60:d2:a4:d1:3c:8c:6e:5a:fe:
b0:52:7e:71:34:53:d7:be:26:6f:30:22:47:6c:94:
ea:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E3:51:24:3C:EE:73:19:EF:B1:E0:CB:1E:FD:78:BD:FD:04:A4:D6
X509v3 Authority Key Identifier:
keyid:7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/veNRJDzucxnvseDLHv14vf0EpNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.160.0/21
139.28.112.0/22
185.3.176.0/22
IPv6:
2a00:1bc8::/29
Signature Algorithm: sha256WithRSAEncryption
7c:ca:74:68:58:45:9b:d5:0b:38:27:d9:61:b8:97:1a:90:62:
01:5d:81:43:a7:42:78:89:6d:bc:1e:b7:5b:1a:3a:8c:89:25:
b8:67:b8:de:9c:64:4c:36:65:08:2a:5a:a0:31:3e:79:e7:b9:
51:a8:22:76:55:f6:3e:b9:10:e7:46:7e:06:3e:1f:70:61:7c:
16:24:a9:3c:4c:f4:50:e3:52:a3:a6:f9:35:b1:86:e2:e0:8b:
25:7c:b7:60:83:5d:69:f6:61:35:d0:c5:38:5d:e3:d1:20:6a:
70:ec:c2:c2:39:ec:36:5e:c4:dc:8f:01:c8:4e:6c:bd:07:50:
8e:ec:4b:55:52:1e:0e:41:d9:b2:53:3e:8f:88:65:64:91:6e:
c1:03:7a:bc:e6:4a:23:4a:7d:13:cc:7f:09:19:41:ec:86:40:
3f:29:a9:ae:9b:d6:b5:6b:8a:42:9f:7a:7c:ce:b4:76:5e:41:
27:c4:08:e5:90:15:a4:b3:08:ce:c4:b1:cb:7e:b1:6e:9d:b0:
c3:2c:50:e1:00:b9:ee:7f:91:c8:be:22:57:9c:c0:f8:31:2a:
1c:f1:01:13:e1:f0:16:0f:d2:ca:bc:e6:22:07:78:d3:c9:9f:
7f:cc:8f:1c:37:97:9a:06:4b:ce:cc:bc:39:93:bc:b0:64:1a:
9c:ca:9b:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3LOnftZhlVOJL8AVLMgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzVkNWFlNDE3ZjQ1ZWU4NTA1ZDc2Y2VhYTFiMzRjNDU4
Mzk0YTAwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGUzNTEyNDNjZWU3MzE5ZWZiMWUwY2IxZWZkNzhiZGZkMDRhNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkldy5T14okHlyg0dfVatEv9wIRZE
cLxOibMFLw4JVCao9Y2AFwzv5nmi6u9Ws8AWk011F/Zdhw0r1Du5i6UGYa0KoaIL
OHIw75bK81a5K/72ZWyNqJqTML11xnuUJPE7lnBg88A9Uc4VM9EsMtX+4VBLs03n
NWEmhucS+WS54bJj9xQEGhNAZxWgyetyxXA8fpuzt2jco/nyJ8Alf7o9Mf4izirg
8zyhL3V31j8R4Fwrk1Vn6i/cAfI29qWOCmnysiUwUfrufk8xKbxT69Kljs+w4LbZ
Ysl7jWK9WNt2i0t/kGpB+rRg0qTRPIxuWv6wUn5xNFPXviZvMCJHbJTq5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL3jUSQ87nMZ77Hgyx79eL39BKTWMB8GA1UdIwQY
MBaAFH811a5Bf0XuhQXXbOqhs0xFg5SgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQt
MzQ0NzNiYzkxZDgwLzEvdmVOUkpEenVjeG52c2VETEh2MTR2ZjBFcE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQtMzQ0NzNiYzkxZDgw
LzEvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWWqgAwQC
ixxwAwQCuQOwMA0EAgACMAcDBQMqABvIMA0GCSqGSIb3DQEBCwUAA4IBAQB8ynRo
WEWb1Qs4J9lhuJcakGIBXYFDp0J4iW28HrdbGjqMiSW4Z7jenGRMNmUIKlqgMT55
57lRqCJ2VfY+uRDnRn4GPh9wYXwWJKk8TPRQ41Kjpvk1sYbi4IslfLdgg11p9mE1
0MU4XePRIGpw7MLCOew2XsTcjwHITmy9B1CO7EtVUh4OQdmyUz6PiGVkkW7BA3q8
5kojSn0TzH8JGUHshkA/Kamum9a1a4pCn3p8zrR2XkEnxAjlkBWkswjOxLHLfrFu
nbDDLFDhALnuf5HIviJXnMD4MSoc8QET4fAWD9LKvOYiB3jTyZ9/zI8cN5eaBkvO
zLw5k7ywZBqcypvc
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:38 2024 by rpki-client on console-ams.rpki-client.org