Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/vcZyQNxSmk4am9Tz9L3m0xekmio.roa
File: vcZyQNxSmk4am9Tz9L3m0xekmio.roa (raw, json)
Hash identifier: 7AGhV9Sa4PzaqATRYb3DH2DHvhCaSm8WM4dJU5hXgCU=
Subject key identifier: BD:C6:72:40:DC:52:9A:4E:1A:9B:D4:F3:F4:BD:E6:D3:17:A4:9A:2A
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 018CC3B69B5E21F2F6C7EA581F0956250700
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/vcZyQNxSmk4am9Tz9L3m0xekmio.roa
Signing time: Mon 01 Jan 2024 06:29:33 +0000
ROA not before: Mon 01 Jan 2024 06:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.55.220.0/22 maxlen: 22
87.237.216.0/21 maxlen: 21
206.195.32.0/19 maxlen: 19
2a04:5780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9b:5e:21:f2:f6:c7:ea:58:1f:09:56:25:07:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 06:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdc67240dc529a4e1a9bd4f3f4bde6d317a49a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4d:ed:1e:7e:ad:54:92:7e:af:ca:04:98:f4:
a3:00:a6:74:17:7e:3a:87:03:cf:5f:11:8a:c4:c4:
08:b6:93:89:10:ce:29:91:39:37:d5:93:8c:ff:6a:
db:f9:9b:24:c1:e8:59:ac:a2:78:a4:3d:20:02:9e:
c8:05:33:d0:02:bd:0f:f3:f8:b7:e7:41:99:35:d1:
a8:3f:13:15:7f:6f:03:7e:8e:bf:90:8e:36:cb:73:
05:47:e0:84:1c:8a:a7:0e:8a:f8:fe:09:09:fa:ec:
7c:b4:a3:46:a6:b4:b9:2e:de:78:74:9f:8e:79:b6:
ed:0d:b1:1d:9e:8b:3e:cb:67:bd:a6:bb:30:e5:08:
cc:b9:c1:f2:dc:6d:28:e2:c8:95:dc:ce:65:5a:88:
a8:ba:3e:bb:cc:90:f0:f3:d0:8a:ac:e8:d7:ac:2a:
6e:f5:97:02:62:bb:ad:d8:10:a7:6f:c4:81:21:d8:
1e:96:9b:c4:e0:e9:8c:93:78:3a:5c:84:f7:48:48:
02:0b:6a:9b:aa:80:bc:04:ce:c8:69:7a:75:3a:84:
6c:d0:a0:43:08:35:bc:cb:ba:f9:3a:8d:06:c8:5f:
11:fb:6b:af:85:79:44:76:3c:24:ee:55:f7:ee:5f:
7b:e2:28:75:b7:39:e2:90:5b:34:20:94:c0:1f:0d:
13:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C6:72:40:DC:52:9A:4E:1A:9B:D4:F3:F4:BD:E6:D3:17:A4:9A:2A
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/vcZyQNxSmk4am9Tz9L3m0xekmio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.216.0/21
185.55.220.0/22
206.195.32.0/19
IPv6:
2a04:5780::/29
Signature Algorithm: sha256WithRSAEncryption
03:e9:4e:24:be:d7:21:fa:42:32:9a:0c:62:2a:82:7f:bc:21:
0e:8d:0b:a5:fb:8f:04:bd:74:c3:a3:e1:7c:e7:c2:bc:9b:28:
05:a1:8c:cb:0d:08:16:75:9b:7e:da:8b:83:63:36:66:5e:43:
65:d2:cc:ba:17:f7:c0:09:3d:df:c7:70:50:19:53:fc:4b:a5:
df:96:af:ed:24:52:b9:e3:1e:c8:83:cd:0d:8a:dc:26:9b:5e:
93:40:5c:bf:bc:03:ba:d4:49:59:df:23:88:8c:01:91:ea:46:
6f:e8:e5:a7:68:dc:68:87:68:7c:48:3d:b5:79:e0:da:a4:45:
1e:90:fc:47:2f:48:c9:ba:d2:fe:69:07:21:52:7d:b1:98:ae:
56:a5:8f:6f:41:fc:6e:8d:13:a7:26:b9:05:e7:bb:e9:89:67:
bc:07:5d:3f:db:e1:c8:51:f9:cd:df:96:c8:f6:00:db:e9:66:
e3:9c:dc:5e:9d:b9:87:a0:c6:a5:17:0d:87:85:cc:01:3d:a4:
74:e1:50:3e:b9:d0:5b:de:b3:62:69:fe:4d:fd:3b:5c:cc:f2:
e8:da:2e:f0:b4:ea:6c:be:17:6b:ef:26:82:08:87:8e:1f:83:
fc:53:de:60:1e:e0:e3:78:f3:a2:40:10:f1:16:7c:4e:ab:91:
31:84:93:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtpteIfL2x+pYHwlWJQcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjQwMTAxMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM2NzI0MGRjNTI5YTRlMWE5YmQ0ZjNmNGJkZTZkMzE3YTQ5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE3tHn6tVJJ+r8oEmPSjAKZ0F346
hwPPXxGKxMQItpOJEM4pkTk31ZOM/2rb+ZskwehZrKJ4pD0gAp7IBTPQAr0P8/i3
50GZNdGoPxMVf28Dfo6/kI42y3MFR+CEHIqnDor4/gkJ+ux8tKNGprS5Lt54dJ+O
ebbtDbEdnos+y2e9prsw5QjMucHy3G0o4siV3M5lWoiouj67zJDw89CKrOjXrCpu
9ZcCYrut2BCnb8SBIdgelpvE4OmMk3g6XIT3SEgCC2qbqoC8BM7IaXp1OoRs0KBD
CDW8y7r5Oo0GyF8R+2uvhXlEdjwk7lX37l974ih1tznikFs0IJTAHw0TqwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL3GckDcUppOGpvU8/S95tMXpJoqMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvdmNaeVFOeFNtazRhbTlUejlMM20weGVrbWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDV+3YAwQC
uTfcAwQFzsMgMA0EAgACMAcDBQMqBFeAMA0GCSqGSIb3DQEBCwUAA4IBAQAD6U4k
vtch+kIymgxiKoJ/vCEOjQul+48EvXTDo+F858K8mygFoYzLDQgWdZt+2ouDYzZm
XkNl0sy6F/fACT3fx3BQGVP8S6Xflq/tJFK54x7Ig80Nitwmm16TQFy/vAO61ElZ
3yOIjAGR6kZv6OWnaNxoh2h8SD21eeDapEUekPxHL0jJutL+aQchUn2xmK5WpY9v
QfxujROnJrkF57vpiWe8B10/2+HIUfnN35bI9gDb6WbjnNxenbmHoMalFw2HhcwB
PaR04VA+udBb3rNiaf5N/TtczPLo2i7wtOpsvhdr7yaCCIeOH4P8U95gHuDjePOi
QBDxFnxOq5ExhJNv
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:25:30 2024 by rpki-client on console-ams.rpki-client.org