Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/vB6cITTExSVNNDtzc87gSkccl2M.roa
File: vB6cITTExSVNNDtzc87gSkccl2M.roa (raw, json)
Hash identifier: mTzTqh/8VbvgbpPTc0K6QIHxoFTMZhiJVugxt54v/es=
Subject key identifier: BC:1E:9C:21:34:C4:C5:25:4D:34:3B:73:73:CE:E0:4A:47:1C:97:63
Certificate issuer: /CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Certificate serial: 018CC3495A19CD6CECE9F16393E6DBB3822D
Authority key identifier: F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/vB6cITTExSVNNDtzc87gSkccl2M.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60567
IP address blocks: 185.29.10.0/24 maxlen: 24
185.29.9.0/24 maxlen: 24
185.29.8.0/24 maxlen: 24
2a02:4840:200::/48 maxlen: 48
2a02:4840:201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.mft
rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5a:19:cd:6c:ec:e9:f1:63:93:e6:db:b3:82:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1e9c2134c4c5254d343b7373cee04a471c9763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bb:fa:c4:00:80:78:88:e5:89:92:97:f0:3a:
cd:4f:f0:8b:2e:f9:8a:6a:28:6a:e5:27:ea:53:85:
db:54:d6:ac:b2:67:28:a7:ca:14:37:b5:4e:23:27:
9e:9c:08:be:a7:f0:85:28:52:ba:8c:9b:24:64:81:
d9:e5:a4:ab:59:e3:cd:77:a5:e3:3c:9f:40:a1:97:
09:e9:70:0e:ed:79:8f:fa:76:b9:b4:a8:c4:a6:0f:
aa:c6:b0:e6:e8:1f:3e:80:4a:05:09:15:06:17:0b:
a1:c8:85:b0:b1:f6:ec:ea:19:3a:8a:9c:8d:ed:82:
83:8e:eb:87:c7:b3:be:c5:5f:b4:36:1b:d9:b3:d9:
fb:e8:95:68:9a:7a:0a:17:2c:50:bb:69:0b:11:08:
4a:ad:bc:93:67:23:11:9a:4d:6e:b2:68:15:9c:da:
c1:ff:a9:2d:82:3f:c5:f8:4d:fa:4d:32:60:6d:66:
09:47:ef:4c:c4:74:8f:9e:54:95:e6:e0:c5:9d:31:
0e:e7:64:45:90:59:04:c4:bc:48:84:4a:9f:44:23:
8a:91:1e:87:61:b6:7a:67:69:5e:c4:7c:e6:b8:45:
a3:ca:46:1a:79:58:1e:c7:f6:17:56:dc:65:7d:2e:
63:62:a5:07:66:cd:db:7e:93:6d:a3:17:1d:7f:19:
67:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:9C:21:34:C4:C5:25:4D:34:3B:73:73:CE:E0:4A:47:1C:97:63
X509v3 Authority Key Identifier:
keyid:F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/vB6cITTExSVNNDtzc87gSkccl2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.8.0-185.29.10.255
IPv6:
2a02:4840:200::/47
Signature Algorithm: sha256WithRSAEncryption
b3:4f:5e:33:d8:39:1e:34:d9:88:11:b9:17:0d:b1:83:33:7c:
3f:1f:f4:18:e5:91:ae:bb:06:92:4c:5a:b3:1c:d1:77:cb:39:
b5:0f:b1:bb:65:4a:3c:60:09:73:79:75:ec:41:72:d1:76:77:
c7:37:43:df:84:c6:6c:87:09:f4:fb:34:2f:9a:07:d8:f4:be:
c4:49:d9:a2:c9:f0:b6:0c:92:e1:49:1c:82:4c:61:8f:3f:2d:
80:4f:54:e0:b0:43:b9:79:3a:f0:a7:5a:5e:e7:ea:0b:53:07:
88:b3:4b:a9:45:be:29:ca:00:ea:cb:b1:8b:94:2e:bb:ba:eb:
d1:09:2c:53:23:61:c7:af:5b:e1:04:7c:72:a4:2e:c9:e7:b6:
36:81:21:f9:f4:ad:9f:3b:1e:01:4c:ef:3c:d0:17:4b:29:2d:
a8:82:04:e5:cc:74:c9:3f:05:fc:4f:e4:84:8a:85:7f:e8:19:
19:11:93:b5:a1:3d:1b:41:e8:43:f2:35:8f:8a:1e:4c:64:69:
1a:a9:a2:0b:d3:07:db:b7:d8:ab:1e:fb:cb:57:bd:b1:b4:3c:
5e:b8:98:d8:09:d4:37:43:d5:72:22:62:95:ee:cf:1c:76:07:
f0:df:d2:1b:67:a3:6c:bf:d5:7d:33:68:e1:4d:b2:59:e5:e6:
f7:25:06:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDSVoZzWzs6fFjk+bbs4ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NjRlZWQxNWM1MmI0YzgxMTBhMjIyOTYzZGM3YjdkNGJh
MmQxNDYwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFlOWMyMTM0YzRjNTI1NGQzNDNiNzM3M2NlZTA0YTQ3MWM5NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprv6xACAeIjliZKX8DrNT/CLLvmK
aihq5SfqU4XbVNassmcop8oUN7VOIyeenAi+p/CFKFK6jJskZIHZ5aSrWePNd6Xj
PJ9AoZcJ6XAO7XmP+na5tKjEpg+qxrDm6B8+gEoFCRUGFwuhyIWwsfbs6hk6ipyN
7YKDjuuHx7O+xV+0NhvZs9n76JVomnoKFyxQu2kLEQhKrbyTZyMRmk1usmgVnNrB
/6ktgj/F+E36TTJgbWYJR+9MxHSPnlSV5uDFnTEO52RFkFkExLxIhEqfRCOKkR6H
YbZ6Z2lexHzmuEWjykYaeVgex/YXVtxlfS5jYqUHZs3bfpNtoxcdfxlnBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwenCE0xMUlTTQ7c3PO4EpHHJdjMB8GA1UdIwQY
MBaAFPdk7tFcUrTIEQoiKWPce31LotFGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJUdTBWeFN0TWdSQ2lJcFk5eDdmVXVpMFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83NDFmMDYtYzNkMS00ODNiLWI5MDgt
MjhhNDk1M2YwNTMwLzEvdkI2Y0lUVEV4U1ZOTkR0emM4N2dTa2NjbDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83NDFmMDYtYzNkMS00ODNiLWI5MDgtMjhhNDk1M2YwNTMw
LzEvOTJUdTBWeFN0TWdSQ2lJcFk5eDdmVXVpMFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAO5HQgD
BAC5HQowDwQCAAIwCQMHASoCSEACADANBgkqhkiG9w0BAQsFAAOCAQEAs09eM9g5
HjTZiBG5Fw2xgzN8Px/0GOWRrrsGkkxasxzRd8s5tQ+xu2VKPGAJc3l17EFy0XZ3
xzdD34TGbIcJ9Ps0L5oH2PS+xEnZosnwtgyS4Ukcgkxhjz8tgE9U4LBDuXk68Kda
XufqC1MHiLNLqUW+KcoA6suxi5Quu7rr0QksUyNhx69b4QR8cqQuyee2NoEh+fSt
nzseAUzvPNAXSyktqIIE5cx0yT8F/E/khIqFf+gZGRGTtaE9G0HoQ/I1j4oeTGRp
GqmiC9MH27fYqx77y1e9sbQ8XriY2AnUN0PVciJile7PHHYH8N/SG2ejbL/VfTNo
4U2yWeXm9yUGUA==
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:25:25 2024 by rpki-client on console-ams.rpki-client.org