Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/oSx3CVItGxWrHn40ca4m6tlXYTE.roa
File: oSx3CVItGxWrHn40ca4m6tlXYTE.roa (raw, json)
Hash identifier: QLdxe2X2/K3l0kBJH19m+vBcJ3GN3/JE6ylY6Sdt8LQ=
Subject key identifier: A1:2C:77:09:52:2D:1B:15:AB:1E:7E:34:71:AE:26:EA:D9:57:61:31
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018EF57072E8B99239B055B9F9227ECF4665
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/oSx3CVItGxWrHn40ca4m6tlXYTE.roa
Signing time: Fri 19 Apr 2024 08:19:31 +0000
ROA not before: Fri 19 Apr 2024 08:19:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 11:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:70:72:e8:b9:92:39:b0:55:b9:f9:22:7e:cf:46:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Apr 19 08:19:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a12c7709522d1b15ab1e7e3471ae26ead9576131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f1:bb:60:18:8f:a8:da:c2:9e:6c:30:92:4d:
ab:cb:6c:ac:71:7e:8f:51:58:c8:8d:2e:d3:d9:ee:
8b:30:3c:79:32:2e:5a:09:1a:c7:38:db:5d:b0:36:
b8:c1:ab:23:d9:1b:c4:60:84:2c:9c:fa:ed:af:75:
61:7d:a9:74:76:63:62:d6:9a:93:df:5f:5a:bf:34:
3c:3f:a3:73:c8:d0:58:cb:ab:6a:cc:4b:76:c7:b2:
7e:33:35:48:6e:b6:4d:fb:16:a9:7e:e1:be:32:0a:
c2:8c:81:f0:3e:f1:c8:16:bc:54:61:b5:19:58:55:
a4:39:20:45:30:30:5a:ee:88:b8:14:d4:5c:ef:32:
3a:05:f4:96:aa:ba:22:bb:aa:a6:ce:6b:a3:6a:0a:
26:13:7a:ea:6b:b7:95:08:89:c2:b9:21:ce:1b:a1:
08:60:c0:35:a7:fb:8e:86:be:54:b3:49:de:5a:d3:
9d:de:ed:2a:aa:af:72:8e:6f:f5:1f:0f:ec:e1:0d:
01:b2:1b:fa:c7:69:87:bf:58:48:ef:2d:81:a8:6c:
ec:ce:de:96:71:87:13:31:bd:24:7b:ba:bf:92:4c:
2f:0a:4c:7b:38:1c:f5:f0:86:5a:a0:ee:28:21:cc:
76:af:2c:9f:ab:3f:4b:ba:bb:18:bd:9e:36:3b:41:
0d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2C:77:09:52:2D:1B:15:AB:1E:7E:34:71:AE:26:EA:D9:57:61:31
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/oSx3CVItGxWrHn40ca4m6tlXYTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:19:f0:0f:ef:27:55:ee:ec:05:71:0e:3a:21:fe:a4:89:85:
1b:8e:ed:6f:4c:a9:0b:39:fa:65:83:19:f1:78:a5:c3:9d:1b:
a5:c0:fe:55:8d:42:17:9e:b7:c3:34:d2:bc:68:2d:88:c8:0d:
cd:6b:33:06:78:00:af:01:07:31:b9:bd:99:1a:93:8e:80:d7:
c0:3e:b7:cb:9e:bb:88:0a:e1:65:6c:a4:01:41:1a:45:43:7b:
3e:ca:54:7c:7d:ec:83:88:9e:0e:89:3c:73:2f:d5:31:83:e8:
8a:e5:44:c7:a8:b6:1f:bc:5c:42:dc:77:ba:b3:9a:d2:65:ed:
ec:21:a5:aa:26:f3:be:fd:92:2a:a3:71:07:d8:fe:e9:45:f8:
ed:cb:bb:8c:08:17:09:c2:ad:6f:32:9d:81:4e:b1:34:29:2f:
92:6d:dd:ac:29:cf:60:ab:4d:f2:d9:ca:91:0f:b3:e1:a0:8f:
15:32:19:a4:80:05:1c:6d:a6:f8:d9:07:ce:c4:48:61:69:a4:
75:c7:84:e2:7e:bb:c4:37:ef:4d:cc:4f:0f:5b:37:1d:51:40:
e0:17:da:e0:8e:53:35:fc:9e:00:6d:0c:ef:31:dd:40:7c:ad:
49:5d:7b:e8:1f:a6:df:6a:22:d7:9a:00:56:12:5e:b7:c6:28:
b1:31:f1:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY71cHLouZI5sFW5+SJ+z0ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwNDE5MDgxOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJjNzcwOTUyMmQxYjE1YWIxZTdlMzQ3MWFlMjZlYWQ5NTc2MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/G7YBiPqNrCnmwwkk2ry2yscX6P
UVjIjS7T2e6LMDx5Mi5aCRrHONtdsDa4wasj2RvEYIQsnPrtr3Vhfal0dmNi1pqT
319avzQ8P6NzyNBYy6tqzEt2x7J+MzVIbrZN+xapfuG+MgrCjIHwPvHIFrxUYbUZ
WFWkOSBFMDBa7oi4FNRc7zI6BfSWqroiu6qmzmujagomE3rqa7eVCInCuSHOG6EI
YMA1p/uOhr5Us0neWtOd3u0qqq9yjm/1Hw/s4Q0Bshv6x2mHv1hI7y2BqGzszt6W
cYcTMb0ke7q/kkwvCkx7OBz18IZaoO4oIcx2ryyfqz9LursYvZ42O0ENCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKEsdwlSLRsVqx5+NHGuJurZV2ExMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvb1N4M0NWSXRHeFdySG40MGNhNG02dGxYWVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
LUJcAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQA9GfAP7ydV7uwFcQ46If6kiYUb
ju1vTKkLOfplgxnxeKXDnRulwP5VjUIXnrfDNNK8aC2IyA3NazMGeACvAQcxub2Z
GpOOgNfAPrfLnruICuFlbKQBQRpFQ3s+ylR8feyDiJ4OiTxzL9Uxg+iK5UTHqLYf
vFxC3He6s5rSZe3sIaWqJvO+/ZIqo3EH2P7pRfjty7uMCBcJwq1vMp2BTrE0KS+S
bd2sKc9gq03y2cqRD7PhoI8VMhmkgAUcbab42QfOxEhhaaR1x4TifrvEN+9NzE8P
WzcdUUDgF9rgjlM1/J4AbQzvMd1AfK1JXXvoH6bfaiLXmgBWEl63xiixMfH/
-----END CERTIFICATE-----
Generated at Thu May 2 19:24:12 2024 by rpki-client on console-fra.rpki-client.org