Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/VntJQz0JEIP7O0_CULKybiNM_kY.roa
File: VntJQz0JEIP7O0_CULKybiNM_kY.roa (raw, json)
Hash identifier: WIne9dIJ2wUrmizjmJSF2mRuI04wm1dV3TfZ6GFXgjU=
Subject key identifier: 56:7B:49:43:3D:09:10:83:FB:3B:4F:C2:50:B2:B2:6E:23:4C:FE:46
Certificate issuer: /CN=9bd6c860342cc799c28074f699768a8ecbdaa52e
Certificate serial: 018CC56EC335C46924EAE28EF18F4E82DE5D
Authority key identifier: 9B:D6:C8:60:34:2C:C7:99:C2:80:74:F6:99:76:8A:8E:CB:DA:A5:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9bIYDQsx5nCgHT2mXaKjsvapS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/VntJQz0JEIP7O0_CULKybiNM_kY.roa
Signing time: Mon 01 Jan 2024 14:30:19 +0000
ROA not before: Mon 01 Jan 2024 14:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56642
IP address blocks: 92.118.152.0/23 maxlen: 23
92.118.154.0/23 maxlen: 23
185.155.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/m9bIYDQsx5nCgHT2mXaKjsvapS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/m9bIYDQsx5nCgHT2mXaKjsvapS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9bIYDQsx5nCgHT2mXaKjsvapS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c3:35:c4:69:24:ea:e2:8e:f1:8f:4e:82:de:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd6c860342cc799c28074f699768a8ecbdaa52e
Validity
Not Before: Jan 1 14:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=567b49433d091083fb3b4fc250b2b26e234cfe46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1a:a8:bb:cc:37:ca:b0:c7:1f:19:e5:c1:47:
b1:7b:88:75:25:7b:bd:03:44:25:bd:15:a5:9f:0a:
2c:de:f3:ee:34:72:f9:9f:44:c7:3e:88:68:dc:c4:
2d:d4:b8:39:29:e9:a0:56:74:3a:60:cd:c6:3d:c4:
48:fc:bd:cc:72:5a:3a:f3:1e:5a:5c:f5:1f:af:d8:
f3:bc:f0:44:7e:98:b6:b2:18:0d:bc:cf:2a:0c:5e:
79:38:4d:ea:bf:ed:25:ca:92:90:fc:2a:18:a0:f2:
ad:61:a5:e5:74:42:f7:c9:db:14:a1:5d:19:c6:2f:
d0:d4:57:d0:a9:6f:eb:72:ce:c5:92:86:96:5d:dc:
64:ae:ac:ad:f2:55:47:82:19:c1:d5:84:19:7b:b9:
24:59:fe:7d:e3:35:c4:91:07:7e:1f:4d:af:52:0b:
96:5b:29:90:98:39:6f:33:0e:45:3b:f8:51:b5:54:
d3:86:8c:23:4f:07:1d:1b:0f:06:e8:a7:1d:61:ce:
e2:5a:76:d6:32:a2:70:4b:86:5b:41:1c:c6:8d:37:
40:14:06:24:70:ec:63:59:a7:62:95:8a:0a:bc:53:
f2:b0:d0:4e:8f:e4:3a:86:c7:7c:eb:27:b8:6b:39:
0a:cb:e8:20:59:ad:99:89:80:d1:ff:99:9e:a2:8a:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7B:49:43:3D:09:10:83:FB:3B:4F:C2:50:B2:B2:6E:23:4C:FE:46
X509v3 Authority Key Identifier:
keyid:9B:D6:C8:60:34:2C:C7:99:C2:80:74:F6:99:76:8A:8E:CB:DA:A5:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9bIYDQsx5nCgHT2mXaKjsvapS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/VntJQz0JEIP7O0_CULKybiNM_kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/afa69d-e143-4bf7-b743-42e3ef4f8b91/1/m9bIYDQsx5nCgHT2mXaKjsvapS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.152.0/22
185.155.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:ce:f9:5c:23:ce:7a:53:1d:4b:c7:35:04:ca:d4:0c:c2:b7:
94:c0:ea:96:74:15:4c:48:65:fc:26:fe:fe:ce:68:58:e1:6a:
da:3a:e9:21:c4:64:c7:03:86:e4:14:67:ea:bd:9d:0a:14:bb:
16:3f:13:b0:07:7b:db:ee:34:53:45:64:c0:a9:84:83:33:5a:
68:6f:05:05:8f:ac:e1:6f:b8:27:c7:ad:58:9a:a0:cd:2c:3f:
f8:a9:e2:3d:14:2e:bc:72:f1:23:40:46:75:b3:b3:a1:cb:a7:
75:1e:57:18:2b:62:5b:00:e2:0a:a5:07:8a:8f:65:25:76:e2:
21:53:4a:8e:de:84:50:53:14:45:93:5a:da:8c:cf:7a:d1:e3:
2d:3b:50:12:24:af:82:66:bd:bb:36:2c:1f:25:a8:a8:fe:c9:
77:83:79:7f:d0:20:2d:49:7f:d1:b9:27:83:6a:11:72:6c:42:
13:fa:02:fc:4c:3d:bd:ab:91:3e:bd:3b:72:14:e1:2b:3a:a9:
31:f4:86:be:5d:77:88:69:3b:ab:ce:1e:45:8d:40:c6:33:be:
a3:11:02:43:13:21:69:7c:36:d8:cc:2a:26:1b:96:8e:40:a1:
d5:4a:5c:37:c5:d7:0a:c8:20:2a:4d:c5:df:64:c7:ec:a0:34:
f4:af:e0:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbsM1xGkk6uKO8Y9Ogt5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZDZjODYwMzQyY2M3OTljMjgwNzRmNjk5NzY4YThlY2Jk
YWE1MmUwHhcNMjQwMTAxMTQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdiNDk0MzNkMDkxMDgzZmIzYjRmYzI1MGIyYjI2ZTIzNGNmZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhqou8w3yrDHHxnlwUexe4h1JXu9
A0QlvRWlnwos3vPuNHL5n0THPoho3MQt1Lg5KemgVnQ6YM3GPcRI/L3Mclo68x5a
XPUfr9jzvPBEfpi2shgNvM8qDF55OE3qv+0lypKQ/CoYoPKtYaXldEL3ydsUoV0Z
xi/Q1FfQqW/rcs7FkoaWXdxkrqyt8lVHghnB1YQZe7kkWf594zXEkQd+H02vUguW
WymQmDlvMw5FO/hRtVTThowjTwcdGw8G6KcdYc7iWnbWMqJwS4ZbQRzGjTdAFAYk
cOxjWadilYoKvFPysNBOj+Q6hsd86ye4azkKy+ggWa2ZiYDR/5meoopavwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFZ7SUM9CRCD+ztPwlCysm4jTP5GMB8GA1UdIwQY
MBaAFJvWyGA0LMeZwoB09pl2io7L2qUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTliSVlEUXN4NW5DZ0hUMm1YYUtqc3ZhcFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hZmE2OWQtZTE0My00YmY3LWI3NDMt
NDJlM2VmNGY4YjkxLzEvVm50SlF6MEpFSVA3TzBfQ1VMS3liaU5NX2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hZmE2OWQtZTE0My00YmY3LWI3NDMtNDJlM2VmNGY4Yjkx
LzEvbTliSVlEUXN4NW5DZ0hUMm1YYUtqc3ZhcFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXHaYAwQC
uZv4MA0GCSqGSIb3DQEBCwUAA4IBAQCozvlcI856Ux1LxzUEytQMwreUwOqWdBVM
SGX8Jv7+zmhY4WraOukhxGTHA4bkFGfqvZ0KFLsWPxOwB3vb7jRTRWTAqYSDM1po
bwUFj6zhb7gnx61YmqDNLD/4qeI9FC68cvEjQEZ1s7Ohy6d1HlcYK2JbAOIKpQeK
j2UlduIhU0qO3oRQUxRFk1rajM960eMtO1ASJK+CZr27NiwfJaio/sl3g3l/0CAt
SX/RuSeDahFybEIT+gL8TD29q5E+vTtyFOErOqkx9Ia+XXeIaTurzh5FjUDGM76j
EQJDEyFpfDbYzComG5aOQKHVSlw3xdcKyCAqTcXfZMfsoDT0r+Bw
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:43 2024 by rpki-client on console-ams.rpki-client.org