Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Bx86655J5QGhejoO3rgRWFE1Dso.roa
File: Bx86655J5QGhejoO3rgRWFE1Dso.roa (raw, json)
Hash identifier: ShCoGXjdxIW72HrHrSAQ0tt5z4QzhsjFnCBbj/nXEiE=
Subject key identifier: 07:1F:3A:EB:9E:49:E5:01:A1:7A:3A:0E:DE:B8:11:58:51:35:0E:CA
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0192E7DB9A48A11B2B2B9B5AEF3550FA2C18
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Bx86655J5QGhejoO3rgRWFE1Dso.roa
Signing time: Fri 01 Nov 2024 13:13:01 +0000
ROA not before: Fri 01 Nov 2024 13:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
185.129.92.0/24 maxlen: 24
185.129.93.0/24 maxlen: 24
185.129.94.0/24 maxlen: 24
185.129.95.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:db:9a:48:a1:1b:2b:2b:9b:5a:ef:35:50:fa:2c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Nov 1 13:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=071f3aeb9e49e501a17a3a0edeb8115851350eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:34:4e:06:3b:49:85:10:69:86:65:e5:57:
f6:1a:a0:87:59:6c:6d:de:b4:72:6b:79:46:1e:60:
0f:69:21:ec:f5:c3:3d:36:b9:21:36:2c:04:19:58:
c3:f5:c9:b5:11:75:c5:9b:f7:33:7f:52:4f:f3:5e:
83:81:50:ca:40:4d:0a:12:90:b8:28:6f:1d:12:c1:
98:4f:ba:84:ea:88:1a:11:00:5b:f0:fb:80:64:f0:
f5:d5:1d:1f:91:6e:de:40:b5:13:d7:36:86:6e:a8:
c7:07:84:3f:08:8a:b7:3b:79:76:e5:1d:72:b1:93:
79:39:23:77:20:93:5c:48:45:47:e6:e0:a2:f2:ae:
d5:d6:52:f0:a5:3d:f9:dd:dd:b5:f8:5f:3e:71:f1:
54:48:a3:0f:e8:03:fb:b1:f5:0e:9e:fb:cd:03:18:
0f:db:da:f8:b7:d8:74:e4:f4:58:61:73:7b:3d:39:
43:61:12:31:e1:ce:70:8d:e4:a0:7f:8a:3e:6f:f5:
54:5a:66:9d:ae:f0:11:fa:4e:bc:76:f7:4d:5a:15:
5a:15:2f:f0:c4:64:44:3a:b7:71:4c:2d:db:2e:51:
8c:2b:a3:c4:84:56:42:7d:86:15:1b:fc:cf:d8:37:
8d:28:d0:49:61:16:80:84:47:5e:9a:aa:09:f1:54:
37:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1F:3A:EB:9E:49:E5:01:A1:7A:3A:0E:DE:B8:11:58:51:35:0E:CA
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/Bx86655J5QGhejoO3rgRWFE1Dso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
185.129.92.0/22
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
63:66:70:ea:ab:5c:bf:aa:bb:47:ae:e9:8e:5b:74:44:c2:94:
ec:14:4d:31:4e:88:92:b1:8b:a2:3f:fc:f8:90:19:db:09:10:
0f:37:e4:43:f5:bf:ca:99:dc:41:b4:a0:9e:93:56:8f:e9:19:
b1:95:9f:15:95:bb:b3:d0:92:b3:0b:5e:00:54:2f:be:c3:c7:
d4:8f:a9:df:22:c3:1a:78:69:b2:a6:d8:57:79:cc:41:90:8c:
92:3e:6e:28:47:49:aa:f7:9a:98:92:54:9a:3d:ca:55:e8:79:
ce:db:9b:64:c4:4f:eb:ef:10:f1:c5:26:43:c9:34:70:94:a2:
7a:a8:fb:43:f9:ed:5b:7e:5a:12:29:f9:40:93:91:ff:78:1f:
f6:e2:62:21:df:65:e0:a9:84:87:52:e7:b1:1d:a6:09:d9:fd:
bc:ba:b6:de:d7:a1:e4:d4:47:95:c1:6d:7b:f5:36:6d:5e:32:
95:41:35:58:b1:f4:a6:04:1b:d2:60:de:2f:d1:3e:d7:41:26:
c3:61:f8:43:ad:6d:9e:97:8a:ba:d5:ba:25:38:dd:83:d3:11:
8e:51:06:44:05:bd:d4:d6:c6:bf:29:9a:dc:57:f4:92:32:f7:
b7:3c:59:f4:35:50:db:08:b1:b2:ea:6f:c3:b5:1e:61:8d:8d:
af:f9:49:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZLn25pIoRsrK5ta7zVQ+iwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjQxMTAxMTMxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFmM2FlYjllNDllNTAxYTE3YTNhMGVkZWI4MTE1ODUxMzUwZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L00TgY7SYUQaYZl5Vf2GqCHWWxt
3rRya3lGHmAPaSHs9cM9NrkhNiwEGVjD9cm1EXXFm/czf1JP816DgVDKQE0KEpC4
KG8dEsGYT7qE6ogaEQBb8PuAZPD11R0fkW7eQLUT1zaGbqjHB4Q/CIq3O3l25R1y
sZN5OSN3IJNcSEVH5uCi8q7V1lLwpT353d21+F8+cfFUSKMP6AP7sfUOnvvNAxgP
29r4t9h05PRYYXN7PTlDYRIx4c5wjeSgf4o+b/VUWmadrvAR+k68dvdNWhVaFS/w
xGREOrdxTC3bLlGMK6PEhFZCfYYVG/zP2DeNKNBJYRaAhEdemqoJ8VQ3VwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAcfOuueSeUBoXo6Dt64EVhRNQ7KMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvQng4NjY1NUo1UUdoZWpvTzNyZ1JXRkUxRHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJSBAAwQA
JSBJAwQAJSBMAwQCuYFcMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IB
AQBjZnDqq1y/qrtHrumOW3REwpTsFE0xToiSsYuiP/z4kBnbCRAPN+RD9b/KmdxB
tKCek1aP6RmxlZ8Vlbuz0JKzC14AVC++w8fUj6nfIsMaeGmypthXecxBkIySPm4o
R0mq95qYklSaPcpV6HnO25tkxE/r7xDxxSZDyTRwlKJ6qPtD+e1bfloSKflAk5H/
eB/24mIh32XgqYSHUuexHaYJ2f28urbe16Hk1EeVwW179TZtXjKVQTVYsfSmBBvS
YN4v0T7XQSbDYfhDrW2el4q61bolON2D0xGOUQZEBb3U1sa/KZrcV/SSMve3PFn0
NVDbCLGy6m/DtR5hjY2v+UmF
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:35:06 2024 by rpki-client on console-fra.rpki-client.org