Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/VtFdVattijMXtSZNIKb55DGMm0M.roa
File: VtFdVattijMXtSZNIKb55DGMm0M.roa (raw, json)
Hash identifier: kFy5S/TSKFXCqu97QBQEgLpm65J7/6moPIkNvjNrpgw=
Subject key identifier: 56:D1:5D:55:AB:6D:8A:33:17:B5:26:4D:20:A6:F9:E4:31:8C:9B:43
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018FE2F9B929825EA31504A13EEC6837F263
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/VtFdVattijMXtSZNIKb55DGMm0M.roa
Signing time: Tue 04 Jun 2024 11:19:27 +0000
ROA not before: Tue 04 Jun 2024 11:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 85.203.24.0/24 maxlen: 24
85.203.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 22:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:f9:b9:29:82:5e:a3:15:04:a1:3e:ec:68:37:f2:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jun 4 11:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56d15d55ab6d8a3317b5264d20a6f9e4318c9b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cf:a0:5d:fb:00:4a:02:08:af:df:c3:b1:90:
af:3c:b0:7b:a3:82:1a:43:5d:26:56:ad:02:8f:81:
c7:4d:93:80:98:ef:82:6d:fd:c8:95:fe:a5:8c:58:
f0:20:29:c5:a0:0e:d3:62:bf:ce:f5:29:4d:4b:99:
f8:56:12:89:a9:3f:c6:b5:d3:7b:d0:46:8b:f1:77:
96:04:72:01:bb:4f:e2:3a:d2:81:6a:48:ea:32:6c:
7f:1f:21:db:79:59:14:15:19:cd:6b:b9:e3:ce:1c:
d9:27:77:56:a9:77:f6:14:01:e0:13:ec:05:ce:0c:
7a:af:bd:67:15:36:5f:cb:50:05:3d:dd:94:ee:9a:
a8:df:8f:99:67:c8:59:56:c2:19:8c:90:0e:cd:06:
6b:74:37:f1:aa:d9:4b:5f:36:da:4c:85:b7:82:b4:
f3:ed:73:6c:52:6d:6b:96:a8:80:ad:3b:62:fd:7c:
60:47:f5:d6:e4:41:ed:30:7e:8e:36:4f:06:11:ad:
fd:94:9c:97:4a:78:4d:7e:77:5a:a3:5a:3c:5e:31:
58:ae:2d:e9:ea:98:56:95:ac:98:18:4e:a5:39:46:
5b:5d:a4:7f:8c:4a:5f:11:87:cb:4f:11:de:52:3e:
0d:1c:cd:6d:51:76:fb:e9:fa:f3:f8:e9:0f:d8:5d:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D1:5D:55:AB:6D:8A:33:17:B5:26:4D:20:A6:F9:E4:31:8C:9B:43
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/VtFdVattijMXtSZNIKb55DGMm0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.24.0/24
85.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c7:df:36:77:2e:75:93:3b:7a:94:0a:49:04:fe:5c:2e:b6:
05:82:63:3c:02:5f:e7:ed:aa:83:ac:07:78:19:42:91:b4:97:
20:b9:cb:35:a3:b3:8a:eb:87:56:9c:91:67:60:94:6a:24:ce:
46:28:26:be:8e:13:46:d6:36:2a:3f:65:e7:b4:36:b1:b1:5c:
c0:a5:78:3b:50:76:61:4d:60:80:e5:c9:8c:e2:a9:55:9a:77:
2c:12:18:49:ec:c9:ea:72:05:68:47:ad:57:9e:47:cf:d3:9b:
f4:f9:d0:e7:dc:7b:c3:d7:a9:68:cd:38:7d:b1:93:df:49:16:
bf:e3:dd:20:c7:1c:02:74:47:7a:bf:c8:cd:bb:e9:96:d7:1b:
6e:73:93:cf:c5:ef:ef:1b:11:31:ec:36:3b:2b:61:c9:2a:6b:
ff:de:bd:b2:76:89:1d:be:8b:fb:34:c5:50:b8:08:51:df:39:
08:48:7f:14:4d:d1:3d:65:1b:92:b2:d5:93:12:0c:b7:db:2a:
ef:32:ab:76:b1:14:7c:2a:66:0d:ff:90:cb:29:a9:d2:d4:9f:
61:e0:da:ed:1d:1b:ee:1c:02:53:82:11:71:53:d7:cb:17:6f:
a5:34:0a:b7:38:60:78:76:2b:6f:1d:a7:9c:4b:e5:89:46:e5:
08:cf:51:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/i+bkpgl6jFQShPuxoN/JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwNjA0MTExOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQxNWQ1NWFiNmQ4YTMzMTdiNTI2NGQyMGE2ZjllNDMxOGM5YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8+gXfsASgIIr9/DsZCvPLB7o4Ia
Q10mVq0Cj4HHTZOAmO+Cbf3Ilf6ljFjwICnFoA7TYr/O9SlNS5n4VhKJqT/GtdN7
0EaL8XeWBHIBu0/iOtKBakjqMmx/HyHbeVkUFRnNa7njzhzZJ3dWqXf2FAHgE+wF
zgx6r71nFTZfy1AFPd2U7pqo34+ZZ8hZVsIZjJAOzQZrdDfxqtlLXzbaTIW3grTz
7XNsUm1rlqiArTti/XxgR/XW5EHtMH6ONk8GEa39lJyXSnhNfndao1o8XjFYri3p
6phWlayYGE6lOUZbXaR/jEpfEYfLTxHeUj4NHM1tUXb76frz+OkP2F2UTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFbRXVWrbYozF7UmTSCm+eQxjJtDMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvVnRGZFZhdHRpak1YdFNaTklLYjU1REdNbTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsYAwQA
VcsjMA0GCSqGSIb3DQEBCwUAA4IBAQB5x982dy51kzt6lApJBP5cLrYFgmM8Al/n
7aqDrAd4GUKRtJcgucs1o7OK64dWnJFnYJRqJM5GKCa+jhNG1jYqP2XntDaxsVzA
pXg7UHZhTWCA5cmM4qlVmncsEhhJ7MnqcgVoR61XnkfP05v0+dDn3HvD16lozTh9
sZPfSRa/490gxxwCdEd6v8jNu+mW1xtuc5PPxe/vGxEx7DY7K2HJKmv/3r2ydokd
vov7NMVQuAhR3zkISH8UTdE9ZRuSstWTEgy32yrvMqt2sRR8KmYN/5DLKanS1J9h
4NrtHRvuHAJTghFxU9fLF2+lNAq3OGB4ditvHaecS+WJRuUIz1Gf
-----END CERTIFICATE-----
Generated at Sat Jun 22 05:16:32 2024 by rpki-client on console.sobornost.net