Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sgtMeqor87tXMI3L3hiNY-LM9NE.roa
File: sgtMeqor87tXMI3L3hiNY-LM9NE.roa (raw, json)
Hash identifier: nWVg/R1V2qjFJS9vcmqIvf//fucqXQHrFbi30MKP1Vk=
Subject key identifier: B2:0B:4C:7A:AA:2B:F3:BB:57:30:8D:CB:DE:18:8D:63:E2:CC:F4:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F8B41533854FADA257FD42C605C2CF1DD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sgtMeqor87tXMI3L3hiNY-LM9NE.roa
Signing time: Sat 18 May 2024 10:31:05 +0000
ROA not before: Sat 18 May 2024 10:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216475
IP address blocks: 195.133.38.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:41:53:38:54:fa:da:25:7f:d4:2c:60:5c:2c:f1:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 18 10:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20b4c7aaa2bf3bb57308dcbde188d63e2ccf4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c7:c5:fd:0a:9a:63:65:d9:c8:fb:9d:56:ef:
fe:d8:4c:b0:88:d6:42:25:3b:84:0b:89:a1:2c:e4:
1c:03:d7:35:1b:d0:a2:83:57:a6:9c:d8:48:ad:6c:
3a:ce:73:df:56:7a:5c:d6:d0:c3:9b:ef:39:11:85:
4a:93:79:02:db:6c:09:7c:a6:df:54:4d:88:1f:a5:
e3:fd:f4:11:64:88:99:2d:b8:5a:a7:7e:b0:d2:9a:
9a:29:ad:08:a2:de:77:4a:56:6a:91:f2:28:51:cf:
b1:45:40:fa:6b:55:fd:5b:aa:79:e4:f5:bb:51:11:
d6:2d:8f:e2:62:8b:27:7d:4d:2a:09:f0:52:eb:7a:
d5:22:ae:ce:ef:c2:96:d5:f2:4c:d4:8a:1c:0e:07:
16:1c:fb:26:cf:eb:fa:72:e8:82:ed:47:5e:f5:07:
6f:56:15:4c:fd:ff:d1:69:0b:42:05:a1:f6:a3:ae:
91:7a:30:a3:6e:40:04:12:b4:48:89:f3:82:72:d2:
b0:3f:9a:10:61:a2:58:e8:5d:ea:8b:26:b9:f8:6f:
b4:40:2e:a7:e4:2d:c6:68:af:a2:3e:c1:8a:c1:87:
d0:eb:d0:a4:c6:2e:fa:4c:88:23:f6:ea:ab:64:15:
fa:85:82:f0:eb:2d:9e:52:5f:7f:e0:b8:d1:c7:f4:
5f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0B:4C:7A:AA:2B:F3:BB:57:30:8D:CB:DE:18:8D:63:E2:CC:F4:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sgtMeqor87tXMI3L3hiNY-LM9NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.38.0/24
195.133.79.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:96:23:ae:7f:37:b2:52:79:9d:d9:65:01:f1:36:07:d6:90:
53:83:b9:05:50:0e:df:87:09:b3:eb:cd:ad:fa:1a:55:ee:20:
49:b2:ae:05:40:69:5a:ab:d3:bb:ae:19:53:50:fc:1e:e4:79:
a7:95:65:23:d4:12:06:67:ec:3e:08:36:f1:2c:53:a7:b3:4d:
1e:9d:21:06:e7:22:c7:b2:be:73:a2:13:b3:29:8f:23:55:b5:
2f:53:89:25:b5:2e:31:53:87:e8:f2:dc:06:e4:51:fd:0b:05:
dc:b1:e3:b2:cb:ac:12:1b:51:0f:f5:9a:5e:fa:6e:1d:1a:6f:
fb:34:86:f7:3b:bd:ac:de:54:49:bb:82:fd:63:6d:24:1b:03:
68:d2:a5:d7:10:af:f5:cc:41:1d:a4:9c:16:2b:3f:b8:0b:48:
e4:45:1b:b4:92:53:7d:6f:7e:3e:4f:51:77:6d:4d:45:d2:f5:
38:e1:91:89:3f:b5:d3:5e:d7:a6:6d:71:dc:2d:ed:84:62:01:
81:23:d0:3d:12:c5:f3:d7:67:63:fe:79:9a:c5:29:88:b7:48:
ca:2d:01:c5:5c:ec:51:e1:6d:bb:3f:de:3a:0b:f5:e4:17:a1:
20:2b:cf:4b:6d:2c:7a:53:0e:5f:4c:72:3f:b9:0f:15:8a:da:
30:09:b7:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+LQVM4VPraJX/ULGBcLPHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTE4MTAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBiNGM3YWFhMmJmM2JiNTczMDhkY2JkZTE4OGQ2M2UyY2NmNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMfF/QqaY2XZyPudVu/+2EywiNZC
JTuEC4mhLOQcA9c1G9Cig1emnNhIrWw6znPfVnpc1tDDm+85EYVKk3kC22wJfKbf
VE2IH6Xj/fQRZIiZLbhap36w0pqaKa0Iot53SlZqkfIoUc+xRUD6a1X9W6p55PW7
URHWLY/iYosnfU0qCfBS63rVIq7O78KW1fJM1IocDgcWHPsmz+v6cuiC7Ude9Qdv
VhVM/f/RaQtCBaH2o66RejCjbkAEErRIifOCctKwP5oQYaJY6F3qiya5+G+0QC6n
5C3GaK+iPsGKwYfQ69Ckxi76TIgj9uqrZBX6hYLw6y2eUl9/4LjRx/RfAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLILTHqqK/O7VzCNy94YjWPizPTRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc2d0TWVxb3I4N3RYTUkzTDNoaU5ZLUxNOU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4UmAwQA
w4VPMA0GCSqGSIb3DQEBCwUAA4IBAQBrliOufzeyUnmd2WUB8TYH1pBTg7kFUA7f
hwmz682t+hpV7iBJsq4FQGlaq9O7rhlTUPwe5HmnlWUj1BIGZ+w+CDbxLFOns00e
nSEG5yLHsr5zohOzKY8jVbUvU4kltS4xU4fo8twG5FH9CwXcseOyy6wSG1EP9Zpe
+m4dGm/7NIb3O72s3lRJu4L9Y20kGwNo0qXXEK/1zEEdpJwWKz+4C0jkRRu0klN9
b34+T1F3bU1F0vU44ZGJP7XTXtembXHcLe2EYgGBI9A9EsXz12dj/nmaxSmIt0jK
LQHFXOxR4W27P946C/XkF6EgK89LbSx6Uw5fTHI/uQ8VitowCbdF
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:48:47 2024 by rpki-client on console-ams.rpki-client.org