Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/vNJyBtTqHBeZaDkmlt_Vsq7gGbU.roa
File: vNJyBtTqHBeZaDkmlt_Vsq7gGbU.roa (raw, json)
Hash identifier: Jr66b79j8glr/xZk+3PbFwFrxSpEQuNHDtemjn8XLvE=
Subject key identifier: BC:D2:72:06:D4:EA:1C:17:99:68:39:26:96:DF:D5:B2:AE:E0:19:B5
Certificate issuer: /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial: 018EEC181917E7ACF40A8A1B0ACB7A494BA2
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/vNJyBtTqHBeZaDkmlt_Vsq7gGbU.roa
Signing time: Wed 17 Apr 2024 12:46:25 +0000
ROA not before: Wed 17 Apr 2024 12:46:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57030
IP address blocks: 45.12.36.0/22 maxlen: 24
176.62.200.0/21 maxlen: 21
185.66.0.0/22 maxlen: 22
195.42.150.0/24 maxlen: 24
195.42.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.mft
rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:18:19:17:e7:ac:f4:0a:8a:1b:0a:cb:7a:49:4b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
Validity
Not Before: Apr 17 12:46:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcd27206d4ea1c179968392696dfd5b2aee019b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3c:06:c9:c3:67:64:fd:cb:da:01:2d:6c:4d:
c1:df:50:97:a3:41:a3:44:e8:d2:41:8e:97:8c:03:
36:b6:50:87:bd:8f:f9:23:af:ea:01:37:19:83:a4:
ce:6f:be:b6:0f:82:e0:a2:dd:2a:69:15:b8:d7:3c:
29:79:49:d0:8a:fe:96:7a:40:93:b9:91:38:e1:48:
de:aa:04:8f:e5:c5:be:31:91:6b:2f:8b:6f:ba:43:
1b:44:a7:04:69:10:70:b6:82:8b:ad:f8:7f:78:73:
53:ef:39:60:d3:0f:e3:28:1c:bc:e6:a6:d5:06:c0:
3a:cd:ea:f4:89:ac:ef:0f:8e:58:15:08:9a:b4:38:
b6:8e:bf:c2:0e:f4:03:16:a7:93:cd:58:da:e8:32:
93:22:51:30:76:e4:16:76:bd:e7:99:c6:cc:ca:b0:
2c:f6:8a:01:3c:7c:b1:bc:6e:bb:25:0c:28:19:8f:
11:6e:53:8f:6a:7a:a4:0e:de:cc:d4:b3:e0:05:f5:
7c:12:66:9b:26:10:29:50:d8:26:3d:7a:28:54:f9:
39:ff:59:37:0f:5c:bf:78:4f:8f:b3:55:47:29:3f:
dd:0f:55:0d:a2:d8:dc:6a:db:5b:00:fb:81:25:7c:
a1:f4:84:48:75:05:8d:68:52:f1:32:34:9b:9c:41:
fa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D2:72:06:D4:EA:1C:17:99:68:39:26:96:DF:D5:B2:AE:E0:19:B5
X509v3 Authority Key Identifier:
keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/vNJyBtTqHBeZaDkmlt_Vsq7gGbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.36.0/22
176.62.200.0/21
185.66.0.0/22
195.42.150.0/23
Signature Algorithm: sha256WithRSAEncryption
82:be:35:00:c9:82:8f:4b:af:3c:2d:73:c7:75:8b:f9:6d:a9:
55:49:50:bf:21:51:8c:c2:ed:70:a8:ce:60:b3:07:f8:08:4f:
41:f3:36:42:cd:12:f1:dd:0d:fa:e6:cd:8b:26:a8:47:6c:01:
c1:f8:f8:83:42:c5:5c:62:fe:e4:94:bb:ba:44:8e:fa:e1:4e:
2f:74:2e:71:0f:08:d0:a9:a0:61:7d:eb:ca:14:a6:b1:6a:6b:
cf:4e:ae:5f:49:05:18:c7:5e:76:35:15:21:f7:f2:b6:72:96:
16:40:db:05:e4:ca:8c:7e:73:f3:15:03:16:61:4e:d7:d5:cb:
dc:90:ce:bb:46:07:2c:37:4e:4c:40:7b:82:b6:e5:b5:b4:29:
a1:ef:36:83:3c:71:06:e6:5f:63:88:e9:2e:dd:1c:77:f9:3f:
a2:ee:74:56:34:c6:52:e5:51:18:39:48:eb:37:28:3f:6d:14:
55:00:2a:6c:1a:62:89:50:e4:69:ef:e4:de:56:d6:01:9a:f4:
54:8e:67:c6:52:59:82:74:b0:03:d1:f8:9b:8f:8e:ed:63:b9:
e7:4d:1b:71:1e:8c:8f:73:4b:54:99:12:67:c9:5c:8f:eb:b6:
37:59:3a:49:55:88:0a:3b:0f:fc:ae:96:a4:4c:02:00:d4:b0:
05:13:f9:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7sGBkX56z0CoobCst6SUuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjQwNDE3MTI0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QyNzIwNmQ0ZWExYzE3OTk2ODM5MjY5NmRmZDViMmFlZTAxOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzwGycNnZP3L2gEtbE3B31CXo0Gj
ROjSQY6XjAM2tlCHvY/5I6/qATcZg6TOb762D4Lgot0qaRW41zwpeUnQiv6WekCT
uZE44UjeqgSP5cW+MZFrL4tvukMbRKcEaRBwtoKLrfh/eHNT7zlg0w/jKBy85qbV
BsA6zer0iazvD45YFQiatDi2jr/CDvQDFqeTzVja6DKTIlEwduQWdr3nmcbMyrAs
9ooBPHyxvG67JQwoGY8RblOPanqkDt7M1LPgBfV8EmabJhApUNgmPXooVPk5/1k3
D1y/eE+Ps1VHKT/dD1UNotjcattbAPuBJXyh9IRIdQWNaFLxMjSbnEH6owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLzScgbU6hwXmWg5Jpbf1bKu4Bm1MB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvdk5KeUJ0VHFIQmVaYURrbWx0X1ZzcTdnR2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQwkAwQD
sD7IAwQCuUIAAwQBwyqWMA0GCSqGSIb3DQEBCwUAA4IBAQCCvjUAyYKPS688LXPH
dYv5balVSVC/IVGMwu1wqM5gswf4CE9B8zZCzRLx3Q365s2LJqhHbAHB+PiDQsVc
Yv7klLu6RI764U4vdC5xDwjQqaBhfevKFKaxamvPTq5fSQUYx152NRUh9/K2cpYW
QNsF5MqMfnPzFQMWYU7X1cvckM67RgcsN05MQHuCtuW1tCmh7zaDPHEG5l9jiOku
3Rx3+T+i7nRWNMZS5VEYOUjrNyg/bRRVACpsGmKJUORp7+TeVtYBmvRUjmfGUlmC
dLAD0fibj47tY7nnTRtxHoyPc0tUmRJnyVyP67Y3WTpJVYgKOw/8rpakTAIA1LAF
E/mB
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:32:18 2024 by rpki-client on console-ams.rpki-client.org