Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vFxT7-F316SCz1_C9bggkls6RUg.roa
File: vFxT7-F316SCz1_C9bggkls6RUg.roa (raw, json)
Hash identifier: m0FZPhJSz/hihi0bXX4H2+KJnngnO7WL0NLrFodSmDM=
Subject key identifier: BC:5C:53:EF:E1:77:D7:A4:82:CF:5F:C2:F5:B8:20:92:5B:3A:45:48
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFF82A41F93086FAC24AABA1F61CAD274
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vFxT7-F316SCz1_C9bggkls6RUg.roa
Signing time: Sat 02 Mar 2024 14:12:48 +0000
ROA not before: Sat 02 Mar 2024 14:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 Mar 2024 08:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ff:82:a4:1f:93:08:6f:ac:24:aa:ba:1f:61:ca:d2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 14:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc5c53efe177d7a482cf5fc2f5b820925b3a4548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:92:33:12:1b:68:48:42:95:f9:41:6e:a9:88:
36:64:1d:6f:8a:f0:a0:5f:f2:58:2a:42:d2:1f:1c:
e1:c4:04:70:5a:19:09:2e:41:9a:fe:07:80:82:68:
5f:a8:26:14:3f:41:47:62:e7:d5:0e:9d:28:85:04:
72:85:6c:e1:dd:a3:d5:21:e2:f5:44:20:49:fe:d4:
f4:e6:47:d7:32:3c:45:4b:f3:11:11:22:c4:87:a9:
d4:38:fe:64:71:06:65:69:df:76:85:40:b7:5a:91:
f7:aa:e8:3e:c5:be:a5:e1:3d:8e:5e:f6:f5:77:1a:
6c:ec:83:e9:de:3a:84:fb:44:a5:34:c6:6a:a4:a3:
99:63:54:9a:b1:ce:1d:f7:28:42:42:f0:b4:b2:9b:
d4:1d:1d:41:e8:ad:cf:17:5d:f1:de:ba:4f:77:13:
35:75:7d:19:e1:7c:64:e0:56:06:25:47:a2:79:ff:
3f:38:36:22:ab:b0:a1:d5:fe:49:d6:1d:1b:f4:7e:
66:e9:54:8d:b0:8c:2f:f0:73:50:64:dd:61:5e:1b:
b1:5c:a4:72:4b:2a:a2:aa:cc:6f:bb:3c:c1:23:21:
13:fd:ef:aa:7e:72:0d:ab:e3:31:9f:08:26:69:b4:
62:cc:a8:ad:92:4e:9a:b5:57:e9:65:4c:e3:96:1d:
16:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5C:53:EF:E1:77:D7:A4:82:CF:5F:C2:F5:B8:20:92:5B:3A:45:48
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vFxT7-F316SCz1_C9bggkls6RUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:d6:05:ef:20:f9:d2:cd:07:f1:b6:be:d3:38:43:fd:bb:f3:
90:ba:2d:cd:be:71:a8:bc:21:92:42:75:1c:0c:7e:c4:7f:99:
2d:f5:d1:d8:78:ee:01:33:4d:45:20:02:f8:98:43:cf:29:78:
59:56:94:5b:e4:ef:52:59:e9:02:82:10:28:86:81:0f:77:32:
fa:a9:5e:5e:df:3f:e6:61:0e:a0:15:17:59:b5:fb:04:44:bb:
01:3e:4e:79:c8:a8:84:88:29:98:03:29:b9:66:69:6e:52:e8:
67:d7:e4:b7:1f:4d:76:e0:82:9e:a9:c2:50:50:89:e8:38:d9:
d1:ef:6f:73:17:2f:38:ec:30:dd:61:fd:5c:f6:f9:ae:6b:e8:
72:18:e5:6d:52:c9:e7:48:14:29:07:02:40:64:08:37:87:e2:
0e:3e:01:69:ef:b9:7f:2c:1e:cf:2a:f9:85:2d:eb:ee:dd:f6:
c2:0d:c2:f4:03:b7:63:33:e1:73:be:db:cc:0e:d1:1a:89:0e:
f3:89:ca:3d:2d:5b:40:2b:7a:5f:c2:e0:af:db:c3:d7:75:6a:
8d:95:30:83:37:e1:2e:77:1b:bc:a6:67:a3:2c:cb:80:49:76:
85:49:97:58:77:4f:1d:cc:71:19:a1:87:f6:04:6c:80:d3:eb:
84:2a:84:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3/gqQfkwhvrCSquh9hytJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMTQxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVjNTNlZmUxNzdkN2E0ODJjZjVmYzJmNWI4MjA5MjViM2E0NTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5IzEhtoSEKV+UFuqYg2ZB1vivCg
X/JYKkLSHxzhxARwWhkJLkGa/geAgmhfqCYUP0FHYufVDp0ohQRyhWzh3aPVIeL1
RCBJ/tT05kfXMjxFS/MRESLEh6nUOP5kcQZlad92hUC3WpH3qug+xb6l4T2OXvb1
dxps7IPp3jqE+0SlNMZqpKOZY1Sasc4d9yhCQvC0spvUHR1B6K3PF13x3rpPdxM1
dX0Z4Xxk4FYGJUeief8/ODYiq7Ch1f5J1h0b9H5m6VSNsIwv8HNQZN1hXhuxXKRy
SyqiqsxvuzzBIyET/e+qfnINq+MxnwgmabRizKitkk6atVfpZUzjlh0WSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLxcU+/hd9ekgs9fwvW4IJJbOkVIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdkZ4VDctRjMxNlNDejFfQzliZ2drbHM2UlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHHWBe8g+dLNB/G2vtM4
Q/2785C6Lc2+cai8IZJCdRwMfsR/mS310dh47gEzTUUgAviYQ88peFlWlFvk71JZ
6QKCECiGgQ93MvqpXl7fP+ZhDqAVF1m1+wREuwE+TnnIqISIKZgDKblmaW5S6GfX
5LcfTXbggp6pwlBQieg42dHvb3MXLzjsMN1h/Vz2+a5r6HIY5W1SyedIFCkHAkBk
CDeH4g4+AWnvuX8sHs8q+YUt6+7d9sINwvQDt2Mz4XO+28wO0RqJDvOJyj0tW0Ar
el/C4K/bw9d1ao2VMIM34S53G7ymZ6Msy4BJdoVJl1h3Tx3McRmhh/YEbIDT64Qq
hOw=
-----END CERTIFICATE-----
Generated at Sat Mar 2 16:04:57 2024 by rpki-client on console.sobornost.net