Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1TGYrr0AoBD65LkAONgBBOdRXL8.roa
File: 1TGYrr0AoBD65LkAONgBBOdRXL8.roa (raw, json)
Hash identifier: hdrIcYUVK3JInvXBY3B7UmdfE8wtvlhddYLFPfwbRSg=
Subject key identifier: D5:31:98:AE:BD:00:A0:10:FA:E4:B9:00:38:D8:01:04:E7:51:5C:BF
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018FBE3CBFB1B21692E32D87395AA505056F
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1TGYrr0AoBD65LkAONgBBOdRXL8.roa
Signing time: Tue 28 May 2024 08:06:43 +0000
ROA not before: Tue 28 May 2024 08:06:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60461
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.33.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 20:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:3c:bf:b1:b2:16:92:e3:2d:87:39:5a:a5:05:05:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: May 28 08:06:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d53198aebd00a010fae4b90038d80104e7515cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:63:9e:f5:e7:93:01:92:22:c3:39:e6:7d:
b9:70:48:6a:29:a4:8b:1a:d8:cd:d7:6d:52:77:f8:
81:28:1f:72:da:06:bc:2f:6c:63:43:6d:b9:04:d1:
97:5e:47:4a:dc:21:fb:ed:c0:b1:8a:16:90:71:ee:
f2:26:03:3e:7c:e0:f5:87:29:da:f0:d1:fb:50:a2:
2a:f8:1a:2e:83:af:44:fc:3e:98:89:74:f6:58:46:
75:13:a8:3e:7a:c8:e1:d9:03:99:98:98:bc:aa:1e:
a2:f6:65:c6:f1:97:8c:af:72:a4:07:f3:a8:82:32:
0e:ea:f9:88:d6:6b:46:34:ee:74:8b:36:9f:49:fb:
0c:25:09:f5:7f:46:80:39:92:3a:3a:8a:48:1f:1c:
61:34:9d:05:35:c0:69:a7:f2:70:77:ef:1b:b9:ea:
21:a9:e2:2c:71:71:ff:cb:44:e2:22:c3:f7:4c:fa:
d5:c8:3d:f0:87:81:d0:e1:16:9b:25:db:8d:8c:8e:
36:6a:0e:16:02:90:39:11:4c:8b:9b:34:1e:0a:4e:
a5:ca:90:85:d2:57:3b:31:36:cb:4a:67:5e:e4:f2:
02:17:ae:63:3f:50:56:15:eb:23:56:03:96:a9:0c:
d5:02:28:f6:cf:61:24:cb:4a:3e:b1:51:c5:84:c5:
62:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:31:98:AE:BD:00:A0:10:FA:E4:B9:00:38:D8:01:04:E7:51:5C:BF
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1TGYrr0AoBD65LkAONgBBOdRXL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
185.14.92.0/23
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
39:8c:36:ec:3e:c0:01:03:2e:0e:8c:46:eb:75:39:c6:ec:6a:
0a:15:3a:e9:ff:df:0e:b8:fb:65:25:4a:6b:88:79:92:82:a0:
58:6f:93:0d:65:14:9f:3c:67:b3:4a:85:a2:51:c6:60:be:94:
2d:d7:bc:40:55:97:3b:4c:18:f7:d0:17:f3:51:c5:f3:3d:6e:
11:99:3b:f5:71:75:39:3a:72:18:e2:0d:42:a9:39:ff:65:77:
6d:d7:c2:2c:30:7d:6e:d0:87:e2:4b:ce:ac:44:62:28:9d:fd:
c6:06:96:39:26:39:03:22:3e:75:8d:67:0a:48:31:6c:43:8f:
aa:cc:2d:ad:ce:38:3c:a3:b3:bc:30:9e:d8:21:b7:1c:36:97:
84:03:74:2a:71:af:fa:57:2a:69:9f:c5:e8:4f:21:b6:4f:ce:
8d:c6:db:3d:05:ba:ce:8c:ef:ff:1e:a0:5b:b9:f4:fe:ac:d9:
32:b8:e8:dc:0c:69:1c:57:06:92:4a:33:1b:7d:27:a2:d7:f4:
e1:de:3b:3d:e3:72:60:09:f5:dd:4a:72:fc:c2:e3:98:e0:6a:
61:63:0e:f1:eb:00:b2:d8:b1:b5:0e:22:93:f8:7a:71:29:06:
6c:e9:fb:38:9b:43:13:d5:6b:24:3b:f3:d7:99:0c:2d:67:96:
50:17:e7:2a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY++PL+xshaS4y2HOVqlBQVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNTI4MDgwNjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMxOThhZWJkMDBhMDEwZmFlNGI5MDAzOGQ4MDEwNGU3NTE1Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSRjnvXnkwGSIsM55n25cEhqKaSL
GtjN121Sd/iBKB9y2ga8L2xjQ225BNGXXkdK3CH77cCxihaQce7yJgM+fOD1hyna
8NH7UKIq+Boug69E/D6YiXT2WEZ1E6g+esjh2QOZmJi8qh6i9mXG8ZeMr3KkB/Oo
gjIO6vmI1mtGNO50izafSfsMJQn1f0aAOZI6OopIHxxhNJ0FNcBpp/Jwd+8bueoh
qeIscXH/y0TiIsP3TPrVyD3wh4HQ4RabJduNjI42ag4WApA5EUyLmzQeCk6lypCF
0lc7MTbLSmde5PICF65jP1BWFesjVgOWqQzVAij2z2Eky0o+sVHFhMViywIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNUxmK69AKAQ+uS5ADjYAQTnUVy/MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMVRHWXJyMEFvQkQ2NUxrQU9OZ0JCT2RSWEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQB
K/ugAwQAXpoyAwQAXpo3AwQCsGQkAwQBuQ5cMA0EAgACMAcDBQAqAMzDMA0GCSqG
SIb3DQEBCwUAA4IBAQA5jDbsPsABAy4OjEbrdTnG7GoKFTrp/98OuPtlJUpriHmS
gqBYb5MNZRSfPGezSoWiUcZgvpQt17xAVZc7TBj30BfzUcXzPW4RmTv1cXU5OnIY
4g1CqTn/ZXdt18IsMH1u0IfiS86sRGIonf3GBpY5JjkDIj51jWcKSDFsQ4+qzC2t
zjg8o7O8MJ7YIbccNpeEA3Qqca/6Vyppn8XoTyG2T86Nxts9BbrOjO//HqBbufT+
rNkyuOjcDGkcVwaSSjMbfSei1/Th3js943JgCfXdSnL8wuOY4GphYw7x6wCy2LG1
DiKT+HpxKQZs6fs4m0MT1WskO/PXmQwtZ5ZQF+cq
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:32:46 2024 by rpki-client on console-ams.rpki-client.org