Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/g0iVD3Ww-LEBDwBV90RqilfGtxI.roa
File: g0iVD3Ww-LEBDwBV90RqilfGtxI.roa (raw, json)
Hash identifier: yCSlQvrd3NZnYBQSzcMClUGczv5HojzT7L0Zq3fA7ho=
Subject key identifier: 83:48:95:0F:75:B0:F8:B1:01:0F:00:55:F7:44:6A:8A:57:C6:B7:12
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B949C858411FE24C4DC76961348377
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/g0iVD3Ww-LEBDwBV90RqilfGtxI.roa
Signing time: Mon 01 Jan 2024 20:31:20 +0000
ROA not before: Mon 01 Jan 2024 20:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39326
IP address blocks: 37.235.54.0/24 maxlen: 24
151.236.19.0/24 maxlen: 24
2a03:f80:441::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 04:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:49:c8:58:41:1f:e2:4c:4d:c7:69:61:34:83:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8348950f75b0f8b1010f0055f7446a8a57c6b712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:99:f3:e1:f6:f6:00:ea:84:be:98:8f:0c:cf:
bc:00:e9:aa:3d:88:a4:48:53:eb:6d:78:bb:db:70:
7a:01:ba:4e:3c:50:95:ba:bc:06:29:47:8a:24:c4:
5f:8b:2a:a4:ac:1f:21:99:4c:2c:7f:47:a0:f5:88:
bc:3d:15:a6:81:7c:1c:e6:3b:ca:e2:91:3d:0b:79:
c9:9c:ec:6f:2f:ed:cd:ae:a9:2d:e0:dd:c6:73:e0:
cf:72:13:3f:9a:6d:7a:24:d0:2a:f3:96:81:5b:cd:
48:c0:32:1c:4b:ca:c0:e9:76:ea:a0:5d:1a:c3:58:
c4:0d:9c:4c:34:1b:2e:f9:8f:c5:ce:99:1f:b0:b2:
9c:eb:a7:21:c3:98:8e:03:a5:47:9c:37:71:2b:f8:
db:ad:e2:4e:49:4e:84:08:db:e5:d3:72:8b:7d:6c:
2e:86:f4:15:59:a6:b6:94:b7:ca:27:fd:85:ec:10:
aa:3e:44:08:44:93:e1:46:fc:de:0a:ec:e2:b4:96:
48:b0:72:92:1c:5b:cb:5f:8a:8f:16:92:59:4f:c2:
9e:13:2e:1d:65:63:2a:72:c5:11:3c:7e:f1:57:c4:
e1:f4:53:e7:d0:fa:13:0e:94:23:45:76:de:43:a0:
d4:6c:d0:1a:ea:33:8e:c2:ef:f3:da:57:b9:bd:1b:
e6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:48:95:0F:75:B0:F8:B1:01:0F:00:55:F7:44:6A:8A:57:C6:B7:12
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/g0iVD3Ww-LEBDwBV90RqilfGtxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.54.0/24
151.236.19.0/24
IPv6:
2a03:f80:44::/48
2a03:f80:441::/48
Signature Algorithm: sha256WithRSAEncryption
5a:02:c0:49:50:7a:ab:81:35:54:44:e2:a6:df:48:c8:13:6e:
98:b0:da:5a:f2:04:60:5f:5e:5d:0f:fe:08:a1:c6:08:0b:93:
7b:5d:a6:71:5f:2e:de:a8:ab:a0:0e:88:d7:d6:78:10:e3:c4:
d6:16:4b:d9:f9:54:2c:8d:34:2a:24:ef:38:23:3e:33:ba:39:
f7:da:2a:57:97:d1:db:ce:a8:49:08:01:59:14:e9:b4:e3:03:
79:3b:be:4d:f5:ca:91:b1:b9:b1:b7:13:f5:1f:f9:93:f2:1c:
d3:b8:2f:e7:ac:26:e1:d0:37:fe:1f:f4:38:d0:fc:98:dc:23:
9c:df:c6:c0:8d:7b:6b:f1:0b:07:8f:55:c4:c6:7b:c9:1a:e6:
60:8b:e3:ba:30:26:26:02:d3:3c:a5:af:5c:62:f2:cd:d5:6f:
86:a7:d1:e9:16:f9:09:1a:a4:08:0b:82:25:4d:92:3c:09:c7:
b9:c3:a2:95:2e:0c:fb:78:4a:b2:21:95:ee:c1:0b:1a:d3:0c:
52:5a:b7:01:f7:e2:74:36:69:c6:3f:68:ee:be:49:e1:05:ad:
8c:f8:d1:05:63:a2:d4:c9:7c:4c:04:d8:90:70:cb:73:0a:8f:
c4:ba:b0:d3:c2:26:ee:3b:26:13:13:cc:b2:5c:48:94:cf:46:
c9:2c:7b:fe
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGuUnIWEEf4kxNx2lhNIN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ4OTUwZjc1YjBmOGIxMDEwZjAwNTVmNzQ0NmE4YTU3YzZiNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpnz4fb2AOqEvpiPDM+8AOmqPYik
SFPrbXi723B6AbpOPFCVurwGKUeKJMRfiyqkrB8hmUwsf0eg9Yi8PRWmgXwc5jvK
4pE9C3nJnOxvL+3Nrqkt4N3Gc+DPchM/mm16JNAq85aBW81IwDIcS8rA6XbqoF0a
w1jEDZxMNBsu+Y/FzpkfsLKc66chw5iOA6VHnDdxK/jbreJOSU6ECNvl03KLfWwu
hvQVWaa2lLfKJ/2F7BCqPkQIRJPhRvzeCuzitJZIsHKSHFvLX4qPFpJZT8KeEy4d
ZWMqcsURPH7xV8Th9FPn0PoTDpQjRXbeQ6DUbNAa6jOOwu/z2le5vRvmBwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFINIlQ91sPixAQ8AVfdEaopXxrcSMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvZzBpVkQzV3ctTEVCRHdCVjkwUnFpbGZHdHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAJes2AwQA
l+wTMBgEAgACMBIDBwAqAw+AAEQDBwAqAw+ABEEwDQYJKoZIhvcNAQELBQADggEB
AFoCwElQequBNVRE4qbfSMgTbpiw2lryBGBfXl0P/gihxggLk3tdpnFfLt6oq6AO
iNfWeBDjxNYWS9n5VCyNNCok7zgjPjO6OffaKleX0dvOqEkIAVkU6bTjA3k7vk31
ypGxubG3E/Uf+ZPyHNO4L+esJuHQN/4f9DjQ/JjcI5zfxsCNe2vxCwePVcTGe8ka
5mCL47owJiYC0zylr1xi8s3Vb4an0ekW+QkapAgLgiVNkjwJx7nDopUuDPt4SrIh
le7BCxrTDFJatwH34nQ2acY/aO6+SeEFrYz40QVjotTJfEwE2JBwy3MKj8S6sNPC
Ju47JhMTzLJcSJTPRskse/4=
-----END CERTIFICATE-----
Generated at Sat May 18 12:42:12 2024 by rpki-client on console-ams.rpki-client.org