Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yrGjfsVMGNjzRPTuNdJujG_pwDw.roa
File: yrGjfsVMGNjzRPTuNdJujG_pwDw.roa (raw, json)
Hash identifier: 73P8+/SsLTg9YAISn9L9FSbDLn7SRpl3TN2zEmeKSGQ=
Subject key identifier: CA:B1:A3:7E:C5:4C:18:D8:F3:44:F4:EE:35:D2:6E:8C:6F:E9:C0:3C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018DF8620016F488F51154B520D9F08908B6
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yrGjfsVMGNjzRPTuNdJujG_pwDw.roa
Signing time: Fri 01 Mar 2024 04:59:48 +0000
ROA not before: Fri 01 Mar 2024 04:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 37.49.150.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:62:00:16:f4:88:f5:11:54:b5:20:d9:f0:89:08:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 1 04:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cab1a37ec54c18d8f344f4ee35d26e8c6fe9c03c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:92:2f:9b:2b:75:b2:f2:8f:7e:6b:e5:f6:
a7:f2:a5:66:85:6c:8d:4a:6d:eb:e6:6e:c7:ca:73:
4a:38:13:3a:6c:50:34:02:2d:b8:1f:a0:2b:6a:f0:
95:28:bd:06:90:2c:4c:16:5a:68:e1:3f:34:b4:36:
1b:08:61:8f:5d:88:98:03:6e:fb:ad:0e:0c:67:79:
09:b0:29:d3:82:a7:eb:bf:af:5e:22:a0:d9:76:e9:
e9:bd:bd:20:32:48:88:5f:8c:3b:e8:38:8d:4d:4b:
29:6f:df:85:95:ec:ad:1b:67:46:1b:f9:f7:02:a6:
90:52:80:da:e9:00:4e:9e:4b:c1:84:34:7a:b0:d9:
f5:69:a1:d3:fa:2c:52:e4:87:5f:ea:78:4d:71:9f:
0f:cf:8b:50:0f:ea:dd:5b:f4:3a:6c:6e:44:88:b2:
29:ae:bf:42:64:ee:87:8b:61:68:89:82:89:41:e8:
64:29:1d:5b:ac:07:1f:21:a1:73:81:d6:18:c9:b1:
b2:af:83:b8:a6:ed:5d:d2:29:04:ff:b5:c7:79:e1:
ec:e5:a9:74:d1:a4:f2:e7:8e:1b:b5:2a:0f:e1:35:
f3:c6:9d:66:79:01:75:7b:7c:e0:da:69:a3:6a:40:
91:6e:78:a2:cb:50:96:d3:b6:c0:db:d6:be:ec:75:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B1:A3:7E:C5:4C:18:D8:F3:44:F4:EE:35:D2:6E:8C:6F:E9:C0:3C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yrGjfsVMGNjzRPTuNdJujG_pwDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.150.0/24
176.46.143.0/24
176.46.146.0/24
176.46.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:7f:21:26:d7:ef:25:b2:de:a8:be:ee:30:b1:87:c8:df:35:
6d:34:5f:a0:1a:3d:50:8c:3b:c9:0f:8a:3f:58:b9:0f:f5:83:
62:fc:15:57:46:c0:6c:1b:18:e3:ca:8b:bd:16:58:8f:60:2b:
1b:7e:c8:f2:9c:a5:75:1d:05:85:33:ce:aa:dd:db:15:f9:73:
0f:ec:74:93:af:c8:31:1e:a4:7b:a9:64:c7:b0:64:51:38:88:
0b:7f:be:d5:72:21:86:81:71:9a:64:6d:07:00:9a:85:f5:53:
bb:a3:03:3d:63:b7:cb:49:c0:da:c6:29:11:5d:24:49:6f:35:
d2:ae:97:e6:23:3b:84:4b:2c:06:b3:1b:ed:ad:16:27:d0:df:
2a:e3:24:37:03:23:70:2b:cc:1d:6e:8f:71:9a:8c:20:79:e0:
bb:5c:87:82:14:e4:c0:e9:71:44:14:37:39:d9:4b:cf:0f:f2:
fd:ba:78:9e:07:dc:1e:a9:62:ec:0e:e1:56:34:9d:04:90:6d:
ed:ba:07:0e:d3:f7:bf:9f:8a:5c:fd:a9:9b:7a:45:4e:7d:31:
58:d0:fe:37:4a:5b:48:a8:ed:51:22:4b:49:84:e6:3d:93:c0:
db:d3:2b:2b:3c:3a:81:4b:5a:81:f9:f3:69:fe:59:db:bd:d1:
73:73:6b:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY34YgAW9Ij1EVS1INnwiQi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMzAxMDQ1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIxYTM3ZWM1NGMxOGQ4ZjM0NGY0ZWUzNWQyNmU4YzZmZTljMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohuSL5srdbLyj35r5fan8qVmhWyN
Sm3r5m7HynNKOBM6bFA0Ai24H6AravCVKL0GkCxMFlpo4T80tDYbCGGPXYiYA277
rQ4MZ3kJsCnTgqfrv69eIqDZdunpvb0gMkiIX4w76DiNTUspb9+FleytG2dGG/n3
AqaQUoDa6QBOnkvBhDR6sNn1aaHT+ixS5Idf6nhNcZ8Pz4tQD+rdW/Q6bG5EiLIp
rr9CZO6Hi2FoiYKJQehkKR1brAcfIaFzgdYYybGyr4O4pu1d0ikE/7XHeeHs5al0
0aTy544btSoP4TXzxp1meQF1e3zg2mmjakCRbniiy1CW07bA29a+7HXCPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMqxo37FTBjY80T07jXSboxv6cA8MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEveXJHamZzVk1HTmp6UlBUdU5kSnVqR19wd0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJTGWAwQA
sC6PAwQAsC6SAwQAsC6fMA0GCSqGSIb3DQEBCwUAA4IBAQCmfyEm1+8lst6ovu4w
sYfI3zVtNF+gGj1QjDvJD4o/WLkP9YNi/BVXRsBsGxjjyou9FliPYCsbfsjynKV1
HQWFM86q3dsV+XMP7HSTr8gxHqR7qWTHsGRROIgLf77VciGGgXGaZG0HAJqF9VO7
owM9Y7fLScDaxikRXSRJbzXSrpfmIzuESywGsxvtrRYn0N8q4yQ3AyNwK8wdbo9x
mowgeeC7XIeCFOTA6XFEFDc52UvPD/L9unieB9weqWLsDuFWNJ0EkG3tugcO0/e/
n4pc/ambekVOfTFY0P43SltIqO1RIktJhOY9k8Db0ysrPDqBS1qB+fNp/lnbvdFz
c2uo
-----END CERTIFICATE-----
Generated at Mon May 20 15:32:38 2024 by rpki-client on console-fra.rpki-client.org