Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f2_tdvANBV7O8UQ3p04dQmdmiWM.roa
File: f2_tdvANBV7O8UQ3p04dQmdmiWM.roa (raw, json)
Hash identifier: RRp0uBDEr0rujL/sSrrvMulIzRiuougZMOqWCUPDbjc=
Subject key identifier: 7F:6F:ED:76:F0:0D:05:5E:CE:F1:44:37:A7:4E:1D:42:67:66:89:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E32D8FE03CB8E75321D9833EE820FE65B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f2_tdvANBV7O8UQ3p04dQmdmiWM.roa
Signing time: Tue 12 Mar 2024 13:27:45 +0000
ROA not before: Tue 12 Mar 2024 13:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 37.139.130.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
85.217.144.0/23 maxlen: 24
185.225.74.0/23 maxlen: 24
193.149.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:d8:fe:03:cb:8e:75:32:1d:98:33:ee:82:0f:e6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 13:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f6fed76f00d055ecef14437a74e1d4267668963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:ce:eb:78:a2:3a:db:48:90:0f:6f:89:da:
ca:46:0c:02:fe:f0:bd:14:85:f3:a3:25:59:7c:c6:
8b:98:79:dc:ad:1f:87:54:ba:0f:ee:ae:d5:49:ed:
0a:8a:1a:0e:8a:0a:08:ab:98:cd:4a:c4:2d:6b:61:
ff:c3:40:93:af:d7:39:77:15:63:a4:b2:01:62:46:
7c:8a:a7:e6:4b:7a:2a:bc:f3:89:df:54:dc:95:cc:
9a:68:45:54:ec:6f:da:2d:ff:43:5e:74:0e:fa:4f:
39:c3:15:4e:13:30:e0:b1:e4:08:55:75:da:77:e9:
22:ba:f0:a7:01:ef:a4:ae:df:36:2a:35:d5:85:1b:
23:0b:72:c8:b8:9e:41:75:dd:0e:b6:1f:71:8e:5c:
aa:88:1b:96:22:98:cc:c8:1a:4b:43:3d:e3:da:37:
ee:78:3e:59:43:66:71:a6:39:e0:45:29:a9:45:21:
6c:93:f1:df:23:6f:3c:65:d3:6a:0a:87:cf:20:46:
b4:65:e8:d3:ac:1c:c1:52:f8:d1:c0:6e:19:50:f8:
28:88:dd:c4:8e:13:29:f2:40:39:d4:6a:f7:0d:9f:
46:0b:65:51:82:3b:25:a9:82:9c:45:73:ba:bd:91:
ed:14:9c:de:fa:87:e4:3a:8a:61:cc:92:33:f6:4e:
21:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6F:ED:76:F0:0D:05:5E:CE:F1:44:37:A7:4E:1D:42:67:66:89:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f2_tdvANBV7O8UQ3p04dQmdmiWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
79.110.61.0/24
85.217.144.0/23
185.225.74.0/23
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
70:94:52:c8:73:d2:22:de:3d:bf:cf:8a:d3:02:96:64:0c:a5:
ff:83:6a:9c:78:0d:0c:73:c3:fb:d2:27:f4:bf:2b:cc:b8:b0:
9a:df:c9:93:58:f9:3c:1d:b4:69:2c:b8:f2:f8:c9:53:80:9b:
09:4b:27:a1:4c:5a:e9:00:bc:04:3c:0d:14:b3:10:7f:bc:6f:
3a:55:dd:63:25:2c:03:5a:18:5d:e0:73:75:be:ee:e7:8c:18:
04:7e:41:aa:c1:dd:64:97:22:20:38:58:dd:19:63:fc:5d:ec:
0f:62:68:94:31:ab:77:2c:a0:2a:9a:2c:ea:39:64:4a:1a:48:
d6:25:ef:41:27:e3:86:fe:99:97:8d:23:77:9a:cd:e8:34:45:
9c:14:65:8f:ba:83:d9:51:49:76:0a:57:4e:2c:6a:6c:6d:0c:
64:89:db:08:77:e7:34:f8:3e:56:d7:35:da:c6:14:9b:9c:a8:
4f:88:fd:70:f6:6e:ca:a3:c2:b7:21:fa:2b:20:44:18:84:ef:
e9:2d:6d:49:3a:59:c8:9a:95:3f:14:a0:f9:2e:e5:00:44:12:
71:50:fe:f2:93:65:13:42:6a:f0:46:65:de:38:0a:9a:1c:ee:
1b:74:25:3b:55:f8:02:8f:81:38:33:6c:3d:61:66:d3:60:6c:
b6:9b:ea:60
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4y2P4Dy451Mh2YM+6CD+ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzEyMTMyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZmZWQ3NmYwMGQwNTVlY2VmMTQ0MzdhNzRlMWQ0MjY3NjY4OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh07O63iiOttIkA9vidrKRgwC/vC9
FIXzoyVZfMaLmHncrR+HVLoP7q7VSe0KihoOigoIq5jNSsQta2H/w0CTr9c5dxVj
pLIBYkZ8iqfmS3oqvPOJ31TclcyaaEVU7G/aLf9DXnQO+k85wxVOEzDgseQIVXXa
d+kiuvCnAe+krt82KjXVhRsjC3LIuJ5Bdd0Oth9xjlyqiBuWIpjMyBpLQz3j2jfu
eD5ZQ2ZxpjngRSmpRSFsk/HfI288ZdNqCofPIEa0ZejTrBzBUvjRwG4ZUPgoiN3E
jhMp8kA51Gr3DZ9GC2VRgjslqYKcRXO6vZHtFJze+ofkOophzJIz9k4hxwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH9v7XbwDQVezvFEN6dOHUJnZoljMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZjJfdGR2QU5CVjdPOFVRM3AwNGRRbWRtaVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJYuCAwQA
T249AwQBVdmQAwQBueFKAwQCwZUcMA0GCSqGSIb3DQEBCwUAA4IBAQBwlFLIc9Ii
3j2/z4rTApZkDKX/g2qceA0Mc8P70if0vyvMuLCa38mTWPk8HbRpLLjy+MlTgJsJ
SyehTFrpALwEPA0UsxB/vG86Vd1jJSwDWhhd4HN1vu7njBgEfkGqwd1klyIgOFjd
GWP8XewPYmiUMat3LKAqmizqOWRKGkjWJe9BJ+OG/pmXjSN3ms3oNEWcFGWPuoPZ
UUl2CldOLGpsbQxkidsId+c0+D5W1zXaxhSbnKhPiP1w9m7Ko8K3IforIEQYhO/p
LW1JOlnImpU/FKD5LuUARBJxUP7yk2UTQmrwRmXeOAqaHO4bdCU7VfgCj4E4M2w9
YWbTYGy2m+pg
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:44:40 2024 by rpki-client on console-ams.rpki-client.org