Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/V8ynhZMh_t3EKef-VFAdD6p_oBw.roa
File: V8ynhZMh_t3EKef-VFAdD6p_oBw.roa (raw, json)
Hash identifier: MB3ThIwz9t5K6hMmrVO/TTspnoQrgikCZKSJ43EX4Ho=
Subject key identifier: 57:CC:A7:85:93:21:FE:DD:C4:29:E7:FE:54:50:1D:0F:AA:7F:A0:1C
Certificate issuer: /CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Certificate serial: 018CC4935DBF0864C98FA445A07906F371E3
Authority key identifier: C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/V8ynhZMh_t3EKef-VFAdD6p_oBw.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24956
IP address blocks: 194.45.135.0/24 maxlen: 24
185.220.200.0/22 maxlen: 22
217.13.64.0/20 maxlen: 20
2a00:1030::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/x-2m5S-HeWCp4PvJPmg_5khKawQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/x-2m5S-HeWCp4PvJPmg_5khKawQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5d:bf:08:64:c9:8f:a4:45:a0:79:06:f3:71:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57cca7859321feddc429e7fe54501d0faa7fa01c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1b:1f:0e:9a:91:c9:4e:59:6c:2d:c9:2d:aa:
0d:ee:82:31:f7:d2:e3:2f:5b:5c:00:fc:95:40:03:
47:fd:b3:9e:12:71:36:d0:f0:1a:0a:41:f9:70:9a:
b9:08:c9:9f:73:29:1b:a3:c8:75:81:58:b6:f6:1b:
a5:b7:e3:c6:3a:bb:20:a2:a6:21:d4:fd:63:d6:06:
68:13:27:3e:98:1d:37:19:4b:13:b4:ca:f6:e1:f7:
72:be:1a:41:04:bf:62:e1:2b:0f:30:4d:14:3a:7b:
75:f2:6d:b0:92:c5:22:e6:76:53:3f:fe:1d:8b:ca:
38:d3:34:dc:fa:da:f6:2d:08:80:de:eb:b7:32:60:
e4:f5:29:b2:78:ea:b2:a1:38:86:76:65:93:fc:55:
6a:47:ef:14:0a:11:f1:58:d0:e1:a6:bb:3e:3f:07:
f1:79:bc:05:0a:bb:1c:04:58:33:d9:8d:ef:43:e7:
c6:a0:25:d5:1e:a2:21:5d:c4:25:dc:4e:5e:23:7e:
d2:ec:93:e8:02:57:87:90:ee:a6:56:4e:9a:38:d0:
ce:44:3c:3c:65:b7:b4:61:c2:6f:04:3b:90:4f:f4:
cd:9b:95:1e:5a:f5:89:e5:f7:bc:bb:24:4e:64:07:
5b:fc:d1:9b:78:5f:9a:46:ec:49:f8:d8:c3:56:5d:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CC:A7:85:93:21:FE:DD:C4:29:E7:FE:54:50:1D:0F:AA:7F:A0:1C
X509v3 Authority Key Identifier:
keyid:C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/V8ynhZMh_t3EKef-VFAdD6p_oBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/x-2m5S-HeWCp4PvJPmg_5khKawQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.200.0/22
194.45.135.0/24
217.13.64.0/20
IPv6:
2a00:1030::/32
Signature Algorithm: sha256WithRSAEncryption
4e:88:46:92:59:e9:ab:d9:24:59:44:e5:73:e7:de:9f:5c:db:
51:0c:86:7e:e7:8a:83:90:43:01:07:13:13:96:c1:7b:70:c9:
eb:20:66:2e:ef:c1:38:dd:34:86:03:22:01:73:73:cd:fc:a2:
56:e2:0a:4f:b4:cf:64:68:6f:87:69:48:f6:d0:36:a8:ae:23:
fc:7e:d7:6d:5b:2c:2f:53:ba:92:27:b7:ea:d1:45:91:bd:ee:
be:fc:bb:b6:32:23:81:b4:cc:3c:0c:ed:99:f7:20:7a:45:cd:
ef:2b:11:02:33:be:a5:db:12:a0:3f:f4:67:ac:94:4a:3f:64:
be:c3:33:0f:0a:13:b8:59:87:a1:49:bf:c0:56:e1:d9:ab:fd:
db:bb:13:4f:16:8e:4e:6b:6e:5a:5e:25:10:e8:f3:e6:e5:e7:
fb:46:21:c0:5f:21:be:9f:77:13:9a:7f:3f:69:88:26:38:86:
1e:81:12:e5:6a:1f:0f:7a:84:4b:81:6c:d6:59:5a:ee:2c:7d:
82:67:00:27:40:52:93:2e:62:2a:6e:57:53:38:30:13:49:e6:
eb:79:3c:25:07:cd:3f:5d:10:6e:fe:b1:63:37:72:4c:59:8b:
18:54:7c:68:7b:79:8b:16:cf:9c:64:99:cb:5c:88:f7:66:95:
2f:29:c9:de
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEk12/CGTJj6RFoHkG83HjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZWRhNmU1MmY4Nzc5NjBhOWUwZmJjOTNlNjgzZmU2NDg0
YTZiMDQwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2NjYTc4NTkzMjFmZWRkYzQyOWU3ZmU1NDUwMWQwZmFhN2ZhMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hsfDpqRyU5ZbC3JLaoN7oIx99Lj
L1tcAPyVQANH/bOeEnE20PAaCkH5cJq5CMmfcykbo8h1gVi29hult+PGOrsgoqYh
1P1j1gZoEyc+mB03GUsTtMr24fdyvhpBBL9i4SsPME0UOnt18m2wksUi5nZTP/4d
i8o40zTc+tr2LQiA3uu3MmDk9SmyeOqyoTiGdmWT/FVqR+8UChHxWNDhprs+Pwfx
ebwFCrscBFgz2Y3vQ+fGoCXVHqIhXcQl3E5eI37S7JPoAleHkO6mVk6aONDORDw8
Zbe0YcJvBDuQT/TNm5UeWvWJ5fe8uyROZAdb/NGbeF+aRuxJ+NjDVl309QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFfMp4WTIf7dxCnn/lRQHQ+qf6AcMB8GA1UdIwQY
MBaAFMftpuUvh3lgqeD7yT5oP+ZISmsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC0ybTVTLUhlV0NwNFB2SlBtZ181a2hLYXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iNmRiMzYtY2Y4Ni00MTcyLThkZDIt
ZTVmZDkxZDEzOTUwLzEvVjh5bmhaTWhfdDNFS2VmLVZGQWRENnBfb0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iNmRiMzYtY2Y4Ni00MTcyLThkZDItZTVmZDkxZDEzOTUw
LzEveC0ybTVTLUhlV0NwNFB2SlBtZ181a2hLYXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudzIAwQA
wi2HAwQE2Q1AMA0EAgACMAcDBQAqABAwMA0GCSqGSIb3DQEBCwUAA4IBAQBOiEaS
Wemr2SRZROVz596fXNtRDIZ+54qDkEMBBxMTlsF7cMnrIGYu78E43TSGAyIBc3PN
/KJW4gpPtM9kaG+HaUj20DaoriP8ftdtWywvU7qSJ7fq0UWRve6+/Lu2MiOBtMw8
DO2Z9yB6Rc3vKxECM76l2xKgP/RnrJRKP2S+wzMPChO4WYehSb/AVuHZq/3buxNP
Fo5Oa25aXiUQ6PPm5ef7RiHAXyG+n3cTmn8/aYgmOIYegRLlah8PeoRLgWzWWVru
LH2CZwAnQFKTLmIqbldTODATSebreTwlB80/XRBu/rFjN3JMWYsYVHxoe3mLFs+c
ZJnLXIj3ZpUvKcne
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:59 2024 by rpki-client on console-fra.rpki-client.org