Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/VhC1WinLvrdcU3ng-7Bl7zWD9f0.roa
File: VhC1WinLvrdcU3ng-7Bl7zWD9f0.roa (raw, json)
Hash identifier: jQOqgvg0Mjk9TNcQzTUNUpGwQEHskTA+8BGF0gwKb3Q=
Subject key identifier: 56:10:B5:5A:29:CB:BE:B7:5C:53:79:E0:FB:B0:65:EF:35:83:F5:FD
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 018CC500B9828F4C5644FFAC49176FEB8A1C
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/VhC1WinLvrdcU3ng-7Bl7zWD9f0.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50374
IP address blocks: 109.236.240.0/24 maxlen: 24
109.236.241.0/24 maxlen: 24
185.216.100.0/22 maxlen: 22
45.146.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b9:82:8f:4c:56:44:ff:ac:49:17:6f:eb:8a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5610b55a29cbbeb75c5379e0fbb065ef3583f5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:c9:d9:3a:68:ea:c3:16:77:ba:40:f4:7a:
b2:91:f0:45:3a:a7:b6:c1:22:d6:89:ab:b8:b6:62:
6c:cc:b8:90:8d:71:65:75:5d:ca:7e:68:e5:d6:0c:
09:93:55:7c:54:32:de:10:d7:f2:62:79:71:53:58:
b1:b1:eb:48:d9:e9:27:d7:c5:be:fa:8a:a8:e3:0d:
0a:bd:c6:d8:5b:3a:ab:eb:54:eb:a3:58:57:74:3d:
23:8f:a1:54:be:c1:95:ba:1f:84:87:8b:b8:12:6a:
0e:93:a4:00:ed:84:76:3d:ba:dc:93:a3:d6:a2:cc:
b7:b8:07:85:8b:7c:77:57:2e:e3:0d:58:33:02:1b:
d3:75:ee:3a:01:a2:09:2b:7e:69:3e:c4:d4:e6:1d:
50:7a:ef:e3:ba:c9:33:81:b8:44:8e:15:24:a4:b5:
60:5f:1d:58:f7:9b:34:41:a4:6b:f2:25:82:4c:97:
35:bc:f5:fd:9e:7a:9b:37:f6:b1:e5:c2:09:aa:85:
23:d3:82:ce:4b:3f:e8:98:4b:7e:b3:df:94:dd:10:
7c:98:d9:c1:e1:49:cb:54:fb:45:ca:90:c9:a1:22:
5a:21:5a:02:6b:03:73:7f:13:5e:12:f1:13:3b:0b:
72:38:a2:36:61:a0:dd:51:11:3d:a9:98:43:c0:41:
6b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:10:B5:5A:29:CB:BE:B7:5C:53:79:E0:FB:B0:65:EF:35:83:F5:FD
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/VhC1WinLvrdcU3ng-7Bl7zWD9f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.64.0/22
109.236.240.0/23
185.216.100.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:84:73:3f:bf:02:cd:6e:5f:a2:b1:97:cf:8f:9b:0a:1f:1f:
9c:ed:16:e7:ad:2e:3c:b2:30:3d:a9:db:cc:77:4f:7b:75:79:
a0:9e:79:87:4e:00:c8:27:26:72:3a:f0:43:3f:d1:e0:14:2d:
c2:40:22:52:da:3a:6e:20:13:13:98:d9:33:ba:c2:da:c5:6f:
84:ca:72:c7:da:2b:4b:27:46:eb:a6:44:fb:b8:1d:94:12:74:
7e:eb:2a:91:29:d8:04:a4:46:a8:18:79:2d:91:a2:86:a2:fe:
d1:f8:d2:85:0c:0f:16:3b:c5:d8:00:1e:e9:06:48:96:08:b8:
06:56:bb:4f:13:4f:ac:05:05:9d:7a:98:0d:40:b8:ff:d0:5f:
d5:07:4c:28:dd:5f:9b:d2:59:d2:50:07:e5:5e:61:b0:78:f4:
0f:07:3f:91:39:47:df:f1:98:ad:08:0d:4d:cb:95:5b:75:db:
fc:e1:7a:36:79:29:21:e5:5a:a7:94:de:e8:a1:93:9d:36:58:
85:be:b5:74:2d:d1:0f:d8:f5:c7:63:2c:24:2f:37:c0:46:f2:
5e:0f:b2:1b:a0:a4:4b:43:83:09:a7:ee:0f:89:bf:fa:5a:20:
8d:9e:fd:6e:23:be:aa:d6:6c:30:09:24:41:d4:7c:87:2b:96:
ed:9b:d5:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFALmCj0xWRP+sSRdv64ocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjEwYjU1YTI5Y2JiZWI3NWM1Mzc5ZTBmYmIwNjVlZjM1ODNmNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOPJ2Tpo6sMWd7pA9HqykfBFOqe2
wSLWiau4tmJszLiQjXFldV3Kfmjl1gwJk1V8VDLeENfyYnlxU1ixsetI2ekn18W+
+oqo4w0KvcbYWzqr61Tro1hXdD0jj6FUvsGVuh+Eh4u4EmoOk6QA7YR2Pbrck6PW
osy3uAeFi3x3Vy7jDVgzAhvTde46AaIJK35pPsTU5h1Qeu/juskzgbhEjhUkpLVg
Xx1Y95s0QaRr8iWCTJc1vPX9nnqbN/ax5cIJqoUj04LOSz/omEt+s9+U3RB8mNnB
4UnLVPtFypDJoSJaIVoCawNzfxNeEvETOwtyOKI2YaDdURE9qZhDwEFrjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFYQtVopy763XFN54PuwZe81g/X9MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvVmhDMVdpbkx2cmRjVTNuZy03Qmw3eldEOWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZJAAwQB
bezwAwQCudhkMA0GCSqGSIb3DQEBCwUAA4IBAQDDhHM/vwLNbl+isZfPj5sKHx+c
7RbnrS48sjA9qdvMd097dXmgnnmHTgDIJyZyOvBDP9HgFC3CQCJS2jpuIBMTmNkz
usLaxW+EynLH2itLJ0brpkT7uB2UEnR+6yqRKdgEpEaoGHktkaKGov7R+NKFDA8W
O8XYAB7pBkiWCLgGVrtPE0+sBQWdepgNQLj/0F/VB0wo3V+b0lnSUAflXmGwePQP
Bz+ROUff8ZitCA1Ny5Vbddv84Xo2eSkh5VqnlN7ooZOdNliFvrV0LdEP2PXHYywk
LzfARvJeD7IboKRLQ4MJp+4Pib/6WiCNnv1uI76q1mwwCSRB1HyHK5btm9U1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:43 2024 by rpki-client on console-ams.rpki-client.org