Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/vt3FUiD-NegcnWiX5N06B_7BzKk.roa
File: vt3FUiD-NegcnWiX5N06B_7BzKk.roa (raw, json)
Hash identifier: ACPD2OZxmHt9JV3H5ZlYo2SQLJSh47okyOg8PC7MgRM=
Subject key identifier: BE:DD:C5:52:20:FE:35:E8:1C:9D:68:97:E4:DD:3A:07:FE:C1:CC:A9
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 018DEEBB48A4CF15DA9213613DBBC023F474
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/vt3FUiD-NegcnWiX5N06B_7BzKk.roa
Signing time: Wed 28 Feb 2024 08:01:07 +0000
ROA not before: Wed 28 Feb 2024 08:01:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.25.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:bb:48:a4:cf:15:da:92:13:61:3d:bb:c0:23:f4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Feb 28 08:01:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beddc55220fe35e81c9d6897e4dd3a07fec1cca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:35:60:1d:70:85:2e:8d:ec:67:6c:93:ec:ba:
44:a0:28:6d:ed:b0:c3:2f:47:ba:34:5f:a3:7d:46:
e1:f7:a1:94:1e:a2:45:18:7a:30:99:51:c5:34:53:
74:98:e7:57:fa:b8:16:96:cd:fe:8a:51:d7:da:c6:
d3:b0:1b:67:bf:c4:a7:69:e4:85:25:4b:aa:0e:ab:
49:ca:66:38:92:8a:0c:a8:00:30:80:5b:55:18:e9:
67:a5:71:23:24:2c:ab:d3:dc:b9:ba:4b:10:db:3d:
1d:7b:91:b3:75:c4:9a:32:0f:ba:a7:41:69:07:0b:
18:45:df:f3:87:78:5b:af:40:c7:a7:45:f9:67:b8:
bd:b1:b9:67:31:2b:4f:cf:f1:e9:58:86:ef:b5:00:
70:70:9e:70:f3:9a:fe:7b:5e:b3:52:10:d7:32:5b:
ba:6b:91:af:50:8f:3e:b4:04:ae:e0:44:00:26:c7:
41:f0:73:dd:fd:61:af:c0:04:57:29:11:3a:86:88:
da:1a:16:34:d4:36:ec:5d:a7:1d:f2:d7:96:8d:40:
49:dc:e8:8d:d1:c8:c4:ef:2e:fc:91:f5:a4:8e:8f:
5b:54:d3:04:61:d5:da:9a:c5:17:6d:83:40:4a:e2:
91:ed:0b:a1:4b:b1:68:7a:67:7c:31:da:7b:bb:3a:
2c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DD:C5:52:20:FE:35:E8:1C:9D:68:97:E4:DD:3A:07:FE:C1:CC:A9
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/vt3FUiD-NegcnWiX5N06B_7BzKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e9:2e:17:5b:26:6f:3e:0c:0c:67:8d:2c:8d:0f:53:07:1d:
2f:ed:7b:18:d5:43:22:51:ca:b2:22:02:da:95:0a:4e:fc:2d:
51:b4:b1:02:d7:1f:13:26:99:1e:8d:62:d0:50:ce:31:af:be:
3f:71:75:98:8f:12:4a:61:23:24:6c:77:fa:c2:02:a4:57:c8:
b0:ab:cc:de:d2:ac:55:5d:a0:17:7f:df:b7:b8:05:ff:49:51:
76:b6:10:0c:55:2f:ad:67:06:1b:dc:56:66:40:2d:dc:93:f2:
dd:60:46:6f:9a:cb:1f:34:27:71:6b:0a:08:f4:07:e1:06:e6:
95:14:ec:a1:28:a8:49:f4:df:da:49:a3:d7:71:d3:fe:2c:bc:
5b:c9:c6:ee:c8:b5:14:e7:74:27:54:03:3c:88:a7:ab:55:a3:
8b:6e:c2:ed:9c:f7:f4:d8:bb:69:80:77:09:04:cf:ed:cd:3e:
82:40:e9:e1:51:70:af:e9:b0:e6:4e:04:72:d6:13:1e:04:08:
81:7c:86:b1:54:81:3c:83:da:e0:fb:8f:37:3a:63:ea:52:a0:
32:e5:90:70:01:85:b9:87:62:9c:0a:4c:88:8c:01:98:ad:0a:
17:2b:3f:6f:09:79:5a:3b:44:ca:e4:63:46:05:ee:f2:85:5a:
09:24:3c:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3uu0ikzxXakhNhPbvAI/R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjQwMjI4MDgwMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWRkYzU1MjIwZmUzNWU4MWM5ZDY4OTdlNGRkM2EwN2ZlYzFjY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DVgHXCFLo3sZ2yT7LpEoCht7bDD
L0e6NF+jfUbh96GUHqJFGHowmVHFNFN0mOdX+rgWls3+ilHX2sbTsBtnv8SnaeSF
JUuqDqtJymY4kooMqAAwgFtVGOlnpXEjJCyr09y5uksQ2z0de5GzdcSaMg+6p0Fp
BwsYRd/zh3hbr0DHp0X5Z7i9sblnMStPz/HpWIbvtQBwcJ5w85r+e16zUhDXMlu6
a5GvUI8+tASu4EQAJsdB8HPd/WGvwARXKRE6hojaGhY01DbsXacd8teWjUBJ3OiN
0cjE7y78kfWkjo9bVNMEYdXamsUXbYNASuKR7QuhS7Foemd8Mdp7uzos9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7dxVIg/jXoHJ1ol+TdOgf+wcypMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvdnQzRlVpRC1OZWdjbldpWDVOMDZCXzdCektrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxkLMA0G
CSqGSIb3DQEBCwUAA4IBAQCb6S4XWyZvPgwMZ40sjQ9TBx0v7XsY1UMiUcqyIgLa
lQpO/C1RtLEC1x8TJpkejWLQUM4xr74/cXWYjxJKYSMkbHf6wgKkV8iwq8ze0qxV
XaAXf9+3uAX/SVF2thAMVS+tZwYb3FZmQC3ck/LdYEZvmssfNCdxawoI9AfhBuaV
FOyhKKhJ9N/aSaPXcdP+LLxbycbuyLUU53QnVAM8iKerVaOLbsLtnPf02LtpgHcJ
BM/tzT6CQOnhUXCv6bDmTgRy1hMeBAiBfIaxVIE8g9rg+483OmPqUqAy5ZBwAYW5
h2KcCkyIjAGYrQoXKz9vCXlaO0TK5GNGBe7yhVoJJDz3
-----END CERTIFICATE-----
Generated at Thu May 2 09:08:44 2024 by rpki-client on console-ams.rpki-client.org