Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VrhXT4_yegcjGzxRd0dBxyJvnaQ.roa
File: VrhXT4_yegcjGzxRd0dBxyJvnaQ.roa (raw, json)
Hash identifier: uUnQIyiwmWt2xFl/7xrZ2c0wsg0LLbqM1Xqcn7nQrj0=
Subject key identifier: 56:B8:57:4F:8F:F2:7A:07:23:1B:3C:51:77:47:41:C7:22:6F:9D:A4
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 019053F35618CE5CCA0689402B6FBB3A178F
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VrhXT4_yegcjGzxRd0dBxyJvnaQ.roa
Signing time: Wed 26 Jun 2024 09:49:34 +0000
ROA not before: Wed 26 Jun 2024 09:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 84.243.64.0/18 maxlen: 18
86.34.0.0/15 maxlen: 15
86.34.0.0/16 maxlen: 16
86.35.0.0/16 maxlen: 16
86.35.0.0/21 maxlen: 21
86.35.9.0/24 maxlen: 24
86.35.10.0/24 maxlen: 24
86.35.12.0/24 maxlen: 24
86.35.13.0/24 maxlen: 24
86.35.14.0/24 maxlen: 24
86.35.15.0/24 maxlen: 24
86.35.16.0/20 maxlen: 20
86.35.32.0/19 maxlen: 19
86.35.64.0/18 maxlen: 18
86.35.128.0/17 maxlen: 17
89.120.0.0/16 maxlen: 16
89.121.0.0/16 maxlen: 16
89.121.0.0/18 maxlen: 18
89.121.64.0/18 maxlen: 18
89.121.128.0/17 maxlen: 17
89.122.0.0/16 maxlen: 16
89.123.0.0/16 maxlen: 16
89.123.0.0/17 maxlen: 17
89.123.128.0/17 maxlen: 17
92.80.0.0/16 maxlen: 16
92.81.0.0/16 maxlen: 16
92.81.128.0/17 maxlen: 17
92.82.0.0/16 maxlen: 16
92.82.0.0/18 maxlen: 18
92.83.0.0/16 maxlen: 16
92.83.0.0/19 maxlen: 19
92.84.0.0/16 maxlen: 16
92.85.0.0/16 maxlen: 16
92.86.0.0/16 maxlen: 16
92.86.36.0/24 maxlen: 24
92.86.38.0/24 maxlen: 24
92.86.48.0/24 maxlen: 24
92.86.50.0/24 maxlen: 24
92.86.90.0/24 maxlen: 24
92.87.0.0/16 maxlen: 16
92.87.11.0/24 maxlen: 24
92.87.54.0/24 maxlen: 24
92.87.118.0/24 maxlen: 24
92.87.128.0/23 maxlen: 23
92.87.133.0/24 maxlen: 24
92.87.170.0/24 maxlen: 24
92.87.173.0/24 maxlen: 24
92.87.174.0/24 maxlen: 24
92.87.175.0/24 maxlen: 24
92.87.214.0/24 maxlen: 24
92.87.232.0/24 maxlen: 24
92.87.244.0/24 maxlen: 24
92.87.245.0/24 maxlen: 24
109.96.0.0/16 maxlen: 16
109.97.0.0/16 maxlen: 16
109.98.0.0/16 maxlen: 16
109.98.113.0/24 maxlen: 24
109.98.115.0/24 maxlen: 24
109.98.117.0/24 maxlen: 24
109.98.119.0/24 maxlen: 24
109.98.121.0/24 maxlen: 24
109.98.123.0/24 maxlen: 24
109.98.126.0/24 maxlen: 24
109.98.192.0/23 maxlen: 23
109.98.192.0/24 maxlen: 24
109.98.193.0/24 maxlen: 24
109.99.0.0/16 maxlen: 16
109.99.158.0/24 maxlen: 24
109.99.184.0/24 maxlen: 24
109.99.185.0/24 maxlen: 24
109.99.189.0/24 maxlen: 24
109.99.192.0/24 maxlen: 24
109.99.214.0/24 maxlen: 24
109.99.216.0/24 maxlen: 24
109.100.0.0/16 maxlen: 16
109.101.0.0/16 maxlen: 16
109.102.0.0/16 maxlen: 16
109.102.161.0/24 maxlen: 24
109.102.163.0/24 maxlen: 24
109.103.0.0/16 maxlen: 16
185.133.64.0/22 maxlen: 22
185.133.64.0/24 maxlen: 24
217.115.208.0/20 maxlen: 20
2a02:d10::/32 maxlen: 32
2a02:d10:800:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:f3:56:18:ce:5c:ca:06:89:40:2b:6f:bb:3a:17:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Jun 26 09:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56b8574f8ff27a07231b3c51774741c7226f9da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:f1:e3:3c:6e:ca:fa:f7:c8:7d:7d:7e:b6:
0a:9a:59:ef:f1:39:63:f9:01:38:13:32:60:f6:4a:
23:aa:ac:14:d2:f5:e0:67:f7:fa:c4:e1:d0:e1:8c:
09:b7:00:cb:25:36:cb:37:ab:98:60:de:da:7a:f5:
af:a1:ac:8b:cb:07:e2:61:18:90:8a:dd:f8:e1:52:
a0:88:73:5d:ad:8b:1c:6a:59:74:5c:02:e6:e8:03:
ff:a2:97:af:f1:e0:52:84:14:1c:ee:72:e4:d3:d4:
ad:75:8b:3c:cd:90:fa:a7:62:97:c9:d9:ec:27:57:
0e:78:37:6e:16:8a:63:14:af:c8:fe:86:d0:2d:e0:
ec:e2:ea:47:30:d2:e0:21:e6:d3:4f:2e:2d:4e:f9:
45:67:06:7d:f9:ed:77:66:27:7f:b6:af:bf:81:e5:
55:e6:fb:d5:75:43:90:cd:8d:ac:31:7b:80:94:80:
7d:bb:8c:cc:8c:36:04:ad:89:3e:83:96:28:51:ce:
df:5d:ab:00:e3:3a:dc:b7:32:83:b4:ce:91:4a:15:
a7:b4:ae:65:74:4f:84:b2:a0:da:2c:73:d5:f4:cb:
15:17:ff:5f:3d:b4:4d:6d:39:4a:1c:d2:c7:3d:6d:
43:e0:2b:b7:e9:9f:10:dc:01:93:0f:97:d4:57:77:
84:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B8:57:4F:8F:F2:7A:07:23:1B:3C:51:77:47:41:C7:22:6F:9D:A4
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VrhXT4_yegcjGzxRd0dBxyJvnaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.64.0/18
86.34.0.0/15
89.120.0.0/14
92.80.0.0/13
109.96.0.0/13
185.133.64.0/22
217.115.208.0/20
IPv6:
2a02:d10::/32
Signature Algorithm: sha256WithRSAEncryption
40:94:ca:81:22:2f:87:61:a1:8f:4d:ca:29:b3:92:7e:36:f9:
95:06:8a:40:4c:05:4e:21:21:bc:24:ae:ee:5c:e2:6c:fa:c9:
c3:1f:22:15:21:f5:6a:fd:1d:9d:8d:2d:38:fa:ea:d0:45:b5:
f1:2a:c2:dd:e4:37:6c:a4:fc:2b:a7:b0:7b:6e:14:36:99:ea:
45:a0:46:dc:52:66:4b:51:47:98:b4:02:b4:63:79:9d:ca:f7:
2a:15:c1:a0:6e:f9:3d:84:3d:35:95:49:8f:cb:e8:cd:96:ad:
6c:a6:78:95:2d:f5:d5:83:6f:a5:40:36:c8:57:e3:2f:c2:c2:
61:b4:ce:04:71:bd:1d:80:89:72:90:fc:14:71:0c:1f:05:c2:
f5:5d:1b:92:06:fd:ed:aa:09:7e:a1:81:a6:fb:26:39:b6:23:
90:6a:0b:5c:be:35:04:c9:97:ea:59:36:bb:bf:18:c8:7e:85:
7c:1a:10:20:e6:f3:40:18:28:9c:bc:d9:90:45:9e:9c:08:8d:
55:6c:60:d8:2f:d7:92:9f:59:ca:3c:36:4a:9a:df:ee:dc:6d:
07:7d:ec:d8:0d:a5:2d:66:9a:4a:9e:0a:66:c9:44:71:13:69:
72:9f:05:ab:55:58:e1:42:03:08:94:7a:e7:3e:78:b7:d4:09:
b7:f9:cc:00
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZBT81YYzlzKBolAK2+7OhePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjQwNjI2MDk0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI4NTc0ZjhmZjI3YTA3MjMxYjNjNTE3NzQ3NDFjNzIyNmY5ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqPx4zxuyvr3yH19frYKmlnv8Tlj
+QE4EzJg9kojqqwU0vXgZ/f6xOHQ4YwJtwDLJTbLN6uYYN7aevWvoayLywfiYRiQ
it344VKgiHNdrYscall0XALm6AP/opev8eBShBQc7nLk09StdYs8zZD6p2KXydns
J1cOeDduFopjFK/I/obQLeDs4upHMNLgIebTTy4tTvlFZwZ9+e13Zid/tq+/geVV
5vvVdUOQzY2sMXuAlIB9u4zMjDYErYk+g5YoUc7fXasA4zrctzKDtM6RShWntK5l
dE+EsqDaLHPV9MsVF/9fPbRNbTlKHNLHPW1D4Cu36Z8Q3AGTD5fUV3eE7wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFa4V0+P8noHIxs8UXdHQccib52kMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvVnJoWFQ0X3llZ2NqR3p4UmQwZEJ4eUp2bmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAECUyoEiL4dhoY9Nyimzkn42+ZUGikBMBU4hIbwkru5c
4mz6ycMfIhUh9Wr9HZ2NLTj66tBFtfEqwt3kN2yk/CunsHtuFDaZ6kWgRtxSZktR
R5i0ArRjeZ3K9yoVwaBu+T2EPTWVSY/L6M2WrWymeJUt9dWDb6VANshX4y/CwmG0
zgRxvR2AiXKQ/BRxDB8FwvVdG5IG/e2qCX6hgab7Jjm2I5BqC1y+NQTJl+pZNru/
GMh+hXwaECDm80AYKJy82ZBFnpwIjVVsYNgv15KfWco8Nkqa3+7cbQd97NgNpS1m
mkqeCmbJRHETaXKfBatVWOFCAwiUeuc+eLfUCbf5zAA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:49 2024 by rpki-client on console-fra.rpki-client.org