Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/68MdkORIJqnILReVY-_KPSc11Yw.roa
File: 68MdkORIJqnILReVY-_KPSc11Yw.roa (raw, json)
Hash identifier: gYv2oBBHCOI2W9ig02V1Fc6U0uwceo0N98xaU6bkBZc=
Subject key identifier: EB:C3:1D:90:E4:48:26:A9:C8:2D:17:95:63:EF:CA:3D:27:35:D5:8C
Certificate issuer: /CN=d301991fc343f358c0f2eebae55cf2da34521c7a
Certificate serial: 018CC726CCEA220823DFDD8AE2B1CE6E6DFF
Authority key identifier: D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/68MdkORIJqnILReVY-_KPSc11Yw.roa
Signing time: Mon 01 Jan 2024 22:30:57 +0000
ROA not before: Mon 01 Jan 2024 22:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57866
IP address blocks: 185.52.236.0/22 maxlen: 22
45.141.104.0/22 maxlen: 22
37.139.136.0/21 maxlen: 21
2a00:a7c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:cc:ea:22:08:23:df:dd:8a:e2:b1:ce:6e:6d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d301991fc343f358c0f2eebae55cf2da34521c7a
Validity
Not Before: Jan 1 22:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebc31d90e44826a9c82d179563efca3d2735d58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:07:6f:a2:82:a5:95:62:1c:ef:b8:22:99:e0:
16:52:01:03:92:d0:76:b0:be:d6:b6:a6:cd:c1:2a:
9f:12:23:92:71:a4:fe:be:95:f0:53:05:ad:11:5d:
c6:6f:6b:ea:c7:d0:58:f0:e5:bd:55:65:4c:2a:ba:
53:8a:74:a9:b6:7e:80:5f:be:69:07:a6:e6:92:e4:
af:28:e9:7f:8a:f2:88:74:c9:12:44:a6:d6:8a:24:
67:d6:e0:83:76:b4:f2:02:9b:8e:ad:7c:c6:b1:e6:
d9:30:94:d1:53:78:f2:77:7b:2b:e8:98:36:fc:01:
93:58:93:ea:14:0f:b0:87:2e:c5:a3:b2:38:18:4a:
e8:a6:e4:78:52:0a:60:cc:b9:24:5e:ba:67:d5:57:
4b:c1:60:42:69:58:52:a3:ea:68:05:78:ae:0a:df:
b6:c2:8e:d7:48:84:b0:ec:42:41:bc:a5:1c:f2:77:
47:a6:68:51:a7:9a:6b:33:3e:b1:e6:f8:c3:17:17:
66:a8:04:d4:81:ae:0a:8f:fc:cb:9c:27:c8:a0:7d:
ec:6b:c6:c5:4e:36:ff:de:95:7f:93:2d:8e:f3:19:
0a:9c:4a:0a:8f:d7:7a:1b:f3:6d:cd:c4:06:09:ec:
9a:92:c1:8e:b6:14:be:5b:36:0b:93:93:49:d1:9f:
44:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:1D:90:E4:48:26:A9:C8:2D:17:95:63:EF:CA:3D:27:35:D5:8C
X509v3 Authority Key Identifier:
keyid:D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/68MdkORIJqnILReVY-_KPSc11Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.136.0/21
45.141.104.0/22
185.52.236.0/22
IPv6:
2a00:a7c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:7a:0e:8f:21:d7:b1:25:11:ac:89:a4:85:87:7b:f3:40:4c:
de:b9:7f:cb:01:a4:e9:1b:23:64:a8:c5:5f:6f:0c:c8:07:d0:
8b:d0:d1:e7:18:09:7f:ca:4b:46:e6:38:7d:0e:4c:ec:55:1d:
38:22:35:28:c2:1c:cb:8e:e9:d7:9e:5e:8f:43:e5:d1:47:69:
96:dd:c8:86:5b:9d:90:b2:e1:41:0d:cc:23:f6:be:8f:58:48:
b0:69:7c:e0:75:01:f9:d2:42:4e:19:a0:09:da:a9:cf:ae:4c:
1c:8e:8f:09:a5:65:df:ef:be:be:1b:2f:a4:35:de:e0:49:6d:
35:58:29:01:4e:fb:bc:84:eb:3a:f3:69:cc:62:90:dc:f4:0d:
b2:37:ac:15:47:80:7f:8c:4e:ae:5c:e1:b2:9a:f2:12:26:4e:
dd:06:4e:d9:fa:44:c0:09:19:55:96:65:f6:30:79:e1:e9:3c:
bf:7d:15:1a:22:0b:43:98:c2:cb:49:77:8b:8e:fb:bd:01:d5:
e2:f8:e6:75:dd:30:71:40:38:67:81:78:92:03:f0:e9:4e:3d:
10:fe:5a:62:28:06:52:6f:f2:1f:f9:36:42:0b:1a:82:f8:47:
a1:7f:9b:26:f0:65:8f:0d:63:95:5f:66:d5:cd:0b:59:6c:dc:
6a:f7:0b:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJszqIggj392K4rHObm3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDE5OTFmYzM0M2YzNThjMGYyZWViYWU1NWNmMmRhMzQ1
MjFjN2EwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzMWQ5MGU0NDgyNmE5YzgyZDE3OTU2M2VmY2EzZDI3MzVkNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQdvooKllWIc77gimeAWUgEDktB2
sL7WtqbNwSqfEiOScaT+vpXwUwWtEV3Gb2vqx9BY8OW9VWVMKrpTinSptn6AX75p
B6bmkuSvKOl/ivKIdMkSRKbWiiRn1uCDdrTyApuOrXzGsebZMJTRU3jyd3sr6Jg2
/AGTWJPqFA+why7Fo7I4GEropuR4UgpgzLkkXrpn1VdLwWBCaVhSo+poBXiuCt+2
wo7XSISw7EJBvKUc8ndHpmhRp5prMz6x5vjDFxdmqATUga4Kj/zLnCfIoH3sa8bF
Tjb/3pV/ky2O8xkKnEoKj9d6G/NtzcQGCeyaksGOthS+WzYLk5NJ0Z9ERQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOvDHZDkSCapyC0XlWPvyj0nNdWMMB8GA1UdIwQY
MBaAFNMBmR/DQ/NYwPLuuuVc8to0Uhx6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQt
Zjk4YzQ4MzAxNWQ3LzEvNjhNZGtPUklKcW5JTFJlVlktX0tQU2MxMVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQtZjk4YzQ4MzAxNWQ3
LzEvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJYuIAwQC
LY1oAwQCuTTsMA0EAgACMAcDBQAqAKfAMA0GCSqGSIb3DQEBCwUAA4IBAQATeg6P
IdexJRGsiaSFh3vzQEzeuX/LAaTpGyNkqMVfbwzIB9CL0NHnGAl/yktG5jh9Dkzs
VR04IjUowhzLjunXnl6PQ+XRR2mW3ciGW52QsuFBDcwj9r6PWEiwaXzgdQH50kJO
GaAJ2qnPrkwcjo8JpWXf776+Gy+kNd7gSW01WCkBTvu8hOs682nMYpDc9A2yN6wV
R4B/jE6uXOGymvISJk7dBk7Z+kTACRlVlmX2MHnh6Ty/fRUaIgtDmMLLSXeLjvu9
AdXi+OZ13TBxQDhngXiSA/DpTj0Q/lpiKAZSb/If+TZCCxqC+Eehf5sm8GWPDWOV
X2bVzQtZbNxq9wtn
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:02:19 2024 by rpki-client on console-ams.rpki-client.org