Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/e6NTQMQbAc2rRpYIgSE0b5QlitQ.roa
File: e6NTQMQbAc2rRpYIgSE0b5QlitQ.roa (raw, json)
Hash identifier: AW2JD/AMZP/3NkMYPVumCDsjg07AD98EjBhRoynRE5I=
Subject key identifier: 7B:A3:53:40:C4:1B:01:CD:AB:46:96:08:81:21:34:6F:94:25:8A:D4
Certificate issuer: /CN=8a31f8bea33b0056446e3321eede3a170fbd7c1f
Certificate serial: 019424459AA7ECA7FEDBA8682C92922FC4B5
Authority key identifier: 8A:31:F8:BE:A3:3B:00:56:44:6E:33:21:EE:DE:3A:17:0F:BD:7C:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijH4vqM7AFZEbjMh7t46Fw-9fB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/e6NTQMQbAc2rRpYIgSE0b5QlitQ.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198370
IP address blocks: 37.18.184.0/24 maxlen: 24
37.18.186.0/24 maxlen: 24
37.18.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/ijH4vqM7AFZEbjMh7t46Fw-9fB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/ijH4vqM7AFZEbjMh7t46Fw-9fB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ijH4vqM7AFZEbjMh7t46Fw-9fB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9a:a7:ec:a7:fe:db:a8:68:2c:92:92:2f:c4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a31f8bea33b0056446e3321eede3a170fbd7c1f
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ba35340c41b01cdab4696088121346f94258ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3b:72:fd:8c:d9:de:5e:53:d0:0b:66:63:61:
75:ed:31:60:a1:b9:73:0a:c9:85:2d:e1:b2:1f:8f:
31:18:c2:c9:ae:12:3e:28:72:e2:62:be:2d:74:8c:
35:2c:91:3b:ac:f1:02:a8:a0:fe:ad:12:46:95:c1:
74:11:bb:7e:aa:7f:45:6d:9e:3c:36:b3:ab:db:8e:
6b:a3:ab:27:67:6f:d5:39:f9:17:3e:48:63:f1:0c:
84:4c:3a:4f:fa:d2:95:af:d1:cb:cf:86:eb:ad:c1:
ac:e5:69:22:53:2d:1b:9e:3e:9e:81:18:69:f5:aa:
6b:8f:b4:6d:4e:b2:42:6a:45:66:b4:d0:ac:16:b3:
e2:98:b6:2d:4c:df:9e:f8:39:f3:4f:ec:1c:44:2b:
97:1f:6b:2f:ae:5b:c1:9b:8e:5a:23:85:40:71:d7:
13:7d:29:1b:90:3e:f9:b5:c5:07:8c:28:fd:77:2c:
9f:b7:ad:a2:03:8c:f7:c6:0d:c7:f1:62:19:fc:5e:
e5:a9:7f:e8:5b:de:21:eb:3d:7f:7a:7a:cf:4f:58:
33:45:dd:85:fe:0e:89:43:bb:93:c1:e8:73:38:ee:
ed:eb:2d:ed:ef:47:f6:1e:3e:08:76:62:c4:89:5e:
fe:1b:ac:aa:1a:15:a1:0a:44:18:20:24:82:42:a0:
6e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A3:53:40:C4:1B:01:CD:AB:46:96:08:81:21:34:6F:94:25:8A:D4
X509v3 Authority Key Identifier:
keyid:8A:31:F8:BE:A3:3B:00:56:44:6E:33:21:EE:DE:3A:17:0F:BD:7C:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijH4vqM7AFZEbjMh7t46Fw-9fB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/e6NTQMQbAc2rRpYIgSE0b5QlitQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/ijH4vqM7AFZEbjMh7t46Fw-9fB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.184.0/24
37.18.186.0/23
Signature Algorithm: sha256WithRSAEncryption
24:6c:65:11:31:b5:cd:eb:19:c2:e2:b5:81:87:8b:91:95:1e:
44:ff:ef:f8:2a:88:a0:d9:29:d6:30:42:da:7c:be:77:ef:e3:
58:3c:55:8a:70:a5:ad:e9:b4:e9:c8:db:5c:58:d1:28:26:ba:
ef:77:f5:27:d6:c5:53:7f:53:dc:d1:f6:f4:b2:41:0e:ee:0c:
ce:4c:46:da:5c:72:a2:f0:32:69:48:9c:b1:a7:e3:86:86:0e:
dc:7c:f8:53:67:b2:bd:44:76:b3:0e:4e:64:5d:80:16:a6:55:
58:75:93:ed:5e:e8:73:de:e2:e2:8e:45:cd:26:0c:c0:43:44:
1a:42:85:11:c3:ad:bf:86:42:c7:30:02:7d:bb:ad:94:1a:f7:
6d:43:0e:d6:58:f8:75:b0:78:25:6d:df:67:be:50:e1:5b:b2:
3b:64:24:ca:75:ae:67:4b:fb:1f:5c:44:c8:cf:ca:23:7f:de:
65:51:64:85:c9:10:74:24:cf:d1:c8:e1:94:3c:fa:52:d8:56:
67:78:66:83:88:46:46:51:10:eb:66:85:fc:58:68:5d:91:89:
21:89:38:df:60:14:25:3e:52:9c:a3:9d:a3:b1:f7:d6:45:a6:
71:86:71:0f:8d:1b:8f:d4:52:fc:c7:10:16:c8:17:11:77:03:
2c:b7:fa:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRZqn7Kf+26hoLJKSL8S1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzFmOGJlYTMzYjAwNTY0NDZlMzMyMWVlZGUzYTE3MGZi
ZDdjMWYwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmEzNTM0MGM0MWIwMWNkYWI0Njk2MDg4MTIxMzQ2Zjk0MjU4YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zty/YzZ3l5T0AtmY2F17TFgoblz
CsmFLeGyH48xGMLJrhI+KHLiYr4tdIw1LJE7rPECqKD+rRJGlcF0Ebt+qn9FbZ48
NrOr245ro6snZ2/VOfkXPkhj8QyETDpP+tKVr9HLz4brrcGs5WkiUy0bnj6egRhp
9aprj7RtTrJCakVmtNCsFrPimLYtTN+e+DnzT+wcRCuXH2svrlvBm45aI4VAcdcT
fSkbkD75tcUHjCj9dyyft62iA4z3xg3H8WIZ/F7lqX/oW94h6z1/enrPT1gzRd2F
/g6JQ7uTwehzOO7t6y3t70f2Hj4IdmLEiV7+G6yqGhWhCkQYICSCQqBuYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHujU0DEGwHNq0aWCIEhNG+UJYrUMB8GA1UdIwQY
MBaAFIox+L6jOwBWRG4zIe7eOhcPvXwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpINHZxTTdBRlpFYmpNaDd0NDZGdy05ZkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82MGZjMGQtMGViOS00MjRjLWE2MzAt
OWE1YzczYmZmYTIzLzEvZTZOVFFNUWJBYzJyUnBZSWdTRTBiNVFsaXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC82MGZjMGQtMGViOS00MjRjLWE2MzAtOWE1YzczYmZmYTIz
LzEvaWpINHZxTTdBRlpFYmpNaDd0NDZGdy05ZkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJRK4AwQB
JRK6MA0GCSqGSIb3DQEBCwUAA4IBAQAkbGURMbXN6xnC4rWBh4uRlR5E/+/4Koig
2SnWMELafL537+NYPFWKcKWt6bTpyNtcWNEoJrrvd/Un1sVTf1Pc0fb0skEO7gzO
TEbaXHKi8DJpSJyxp+OGhg7cfPhTZ7K9RHazDk5kXYAWplVYdZPtXuhz3uLijkXN
JgzAQ0QaQoURw62/hkLHMAJ9u62UGvdtQw7WWPh1sHglbd9nvlDhW7I7ZCTKda5n
S/sfXETIz8ojf95lUWSFyRB0JM/RyOGUPPpS2FZneGaDiEZGURDrZoX8WGhdkYkh
iTjfYBQlPlKco52jsffWRaZxhnEPjRuP1FL8xxAWyBcRdwMst/qa
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:38 2025 by rpki-client