Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/VAbOo840mwAjzC1WxtuGR0sTtUE.roa
File: VAbOo840mwAjzC1WxtuGR0sTtUE.roa (raw, json)
Hash identifier: ayKTZhMZRPDczD5lOpft4Ym+EGpYcxQdrPO/wGiVwqk=
Subject key identifier: 54:06:CE:A3:CE:34:9B:00:23:CC:2D:56:C6:DB:86:47:4B:13:B5:41
Certificate issuer: /CN=128d0d03d01d8a3e2dfaddf2dbd8f97e090f80e9
Certificate serial: 01907833CA5D2D9C080B24F308EAF1BE0CB6
Authority key identifier: 12:8D:0D:03:D0:1D:8A:3E:2D:FA:DD:F2:DB:D8:F9:7E:09:0F:80:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo0NA9Adij4t-t3y29j5fgkPgOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/VAbOo840mwAjzC1WxtuGR0sTtUE.roa
Signing time: Wed 03 Jul 2024 10:46:18 +0000
ROA not before: Wed 03 Jul 2024 10:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5539
IP address blocks: 31.214.222.0/23 maxlen: 23
45.15.240.0/24 maxlen: 24
109.230.244.0/23 maxlen: 23
185.143.68.0/23 maxlen: 23
2a07:3340::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/Eo0NA9Adij4t-t3y29j5fgkPgOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/Eo0NA9Adij4t-t3y29j5fgkPgOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eo0NA9Adij4t-t3y29j5fgkPgOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:33:ca:5d:2d:9c:08:0b:24:f3:08:ea:f1:be:0c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128d0d03d01d8a3e2dfaddf2dbd8f97e090f80e9
Validity
Not Before: Jul 3 10:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5406cea3ce349b0023cc2d56c6db86474b13b541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:01:1c:54:b3:a0:af:80:ee:14:5f:c0:e6:8f:
b9:9d:28:83:8d:bc:46:11:a6:a1:04:c7:6b:14:3b:
0f:4e:e5:c0:05:59:87:37:f2:f8:4a:34:e4:5e:26:
0e:5e:a2:ff:b1:6a:4f:9f:20:3a:f5:81:e6:47:58:
26:17:83:89:1d:21:b0:b0:0e:67:29:0d:7e:66:84:
55:e3:0a:10:e4:2d:f6:2e:b8:53:d4:03:62:d5:93:
d5:77:ba:52:a1:36:d8:74:e5:b8:6a:fa:a6:ec:06:
b6:87:aa:6c:8d:f0:4a:79:ec:5e:f8:ed:09:08:ee:
a1:b5:df:00:c6:19:ae:70:fc:91:20:76:1e:29:a8:
15:64:7a:fe:55:e4:ca:1a:0c:d8:7e:73:23:e7:ba:
c9:84:20:83:94:55:fc:54:4a:f1:2b:55:83:89:38:
53:3e:3d:4e:79:db:b4:36:26:73:c4:68:07:b6:50:
60:95:9f:6b:08:9d:02:10:eb:ed:0a:57:dd:b9:5e:
28:4a:a8:73:43:3e:09:46:a2:e1:6f:e0:9f:70:53:
2d:1b:f9:81:91:dc:ad:41:df:c1:c5:e4:40:56:92:
2b:09:20:db:6e:35:7a:13:a9:6c:25:0e:7e:4f:5a:
3b:43:2c:07:8e:e0:6d:ae:35:71:49:b5:18:6b:21:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:06:CE:A3:CE:34:9B:00:23:CC:2D:56:C6:DB:86:47:4B:13:B5:41
X509v3 Authority Key Identifier:
keyid:12:8D:0D:03:D0:1D:8A:3E:2D:FA:DD:F2:DB:D8:F9:7E:09:0F:80:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo0NA9Adij4t-t3y29j5fgkPgOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/VAbOo840mwAjzC1WxtuGR0sTtUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dbc6fa-c474-46c3-8945-af50fb5cc77a/1/Eo0NA9Adij4t-t3y29j5fgkPgOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.222.0/23
45.15.240.0/24
109.230.244.0/23
185.143.68.0/23
IPv6:
2a07:3340::/48
Signature Algorithm: sha256WithRSAEncryption
81:c2:c6:23:4a:c3:a5:32:0c:b5:d3:2a:b9:7d:ab:37:39:0f:
98:fa:34:38:0e:72:64:0e:dd:8c:66:74:21:18:b5:5c:15:b5:
c7:ff:8e:95:0e:8a:9f:ad:59:ca:70:01:66:b7:c4:36:8c:e0:
83:38:b6:52:b8:f7:c5:af:a3:61:ff:28:21:cc:b3:8a:10:be:
5b:dc:6a:96:61:65:1a:5a:da:23:8b:35:02:b4:4a:23:9b:f8:
c9:2e:97:26:2f:65:15:4b:d7:17:37:11:74:81:7d:b6:75:b7:
d1:63:b7:20:e3:62:65:b5:5f:94:aa:7e:9b:ad:72:c7:08:8f:
00:92:1a:73:c5:d3:26:b8:3b:98:6c:91:52:c3:15:ab:db:97:
f2:13:8f:84:c1:60:48:a6:49:65:60:05:59:54:33:e6:8e:49:
a4:dc:de:01:17:96:c2:8f:7e:a8:d1:66:9e:cd:73:87:64:37:
8a:b2:cf:98:77:1c:aa:cc:08:f6:72:82:e5:48:3e:7e:49:28:
a0:bb:5b:79:f1:e3:bb:84:15:1b:03:49:74:1f:85:ee:b6:0e:
fa:01:94:15:2e:6d:1b:34:b9:ab:bb:dd:f4:ec:9d:8f:29:c7:
9d:13:e6:ed:1a:b2:3f:d9:99:84:9b:bf:f3:30:d8:9c:d9:98:
e6:77:72:38
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZB4M8pdLZwICyTzCOrxvgy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOGQwZDAzZDAxZDhhM2UyZGZhZGRmMmRiZDhmOTdlMDkw
ZjgwZTkwHhcNMjQwNzAzMTA0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDA2Y2VhM2NlMzQ5YjAwMjNjYzJkNTZjNmRiODY0NzRiMTNiNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAEcVLOgr4DuFF/A5o+5nSiDjbxG
EaahBMdrFDsPTuXABVmHN/L4SjTkXiYOXqL/sWpPnyA69YHmR1gmF4OJHSGwsA5n
KQ1+ZoRV4woQ5C32LrhT1ANi1ZPVd7pSoTbYdOW4avqm7Aa2h6psjfBKeexe+O0J
CO6htd8AxhmucPyRIHYeKagVZHr+VeTKGgzYfnMj57rJhCCDlFX8VErxK1WDiThT
Pj1Oedu0NiZzxGgHtlBglZ9rCJ0CEOvtClfduV4oSqhzQz4JRqLhb+CfcFMtG/mB
kdytQd/BxeRAVpIrCSDbbjV6E6lsJQ5+T1o7QywHjuBtrjVxSbUYayHucQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFQGzqPONJsAI8wtVsbbhkdLE7VBMB8GA1UdIwQY
MBaAFBKNDQPQHYo+Lfrd8tvY+X4JD4DpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW8wTkE5QWRpajR0LXQzeTI5ajVmZ2tQZ09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kYmM2ZmEtYzQ3NC00NmMzLTg5NDUt
YWY1MGZiNWNjNzdhLzEvVkFiT284NDBtd0FqekMxV3h0dUdSMHNUdFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kYmM2ZmEtYzQ3NC00NmMzLTg5NDUtYWY1MGZiNWNjNzdh
LzEvRW8wTkE5QWRpajR0LXQzeTI5ajVmZ2tQZ09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBH9beAwQA
LQ/wAwQBbeb0AwQBuY9EMA8EAgACMAkDBwAqBzNAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAIHCxiNKw6UyDLXTKrl9qzc5D5j6NDgOcmQO3YxmdCEYtVwVtcf/jpUOip+t
WcpwAWa3xDaM4IM4tlK498Wvo2H/KCHMs4oQvlvcapZhZRpa2iOLNQK0SiOb+Mku
lyYvZRVL1xc3EXSBfbZ1t9FjtyDjYmW1X5SqfputcscIjwCSGnPF0ya4O5hskVLD
Favbl/ITj4TBYEimSWVgBVlUM+aOSaTc3gEXlsKPfqjRZp7Nc4dkN4qyz5h3HKrM
CPZyguVIPn5JKKC7W3nx47uEFRsDSXQfhe62DvoBlBUubRs0uau73fTsnY8px50T
5u0asj/ZmYSbv/Mw2JzZmOZ3cjg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:46:57 2024 by rpki-client on console-fra.rpki-client.org