Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/AFQSEGZrnpbt7VVWEvq_jMQfkWU.roa
File: AFQSEGZrnpbt7VVWEvq_jMQfkWU.roa (raw, json)
Hash identifier: dMB4/ePLC/t/mtueFrJ7TG5K3/N0E7ymqyxfapw1Gxw=
Subject key identifier: 00:54:12:10:66:6B:9E:96:ED:ED:55:56:12:FA:BF:8C:C4:1F:91:65
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 018E414D8C50B93870D84FEC509277B37489
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/AFQSEGZrnpbt7VVWEvq_jMQfkWU.roa
Signing time: Fri 15 Mar 2024 08:49:44 +0000
ROA not before: Fri 15 Mar 2024 08:49:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43925
IP address blocks: 37.34.96.0/19 maxlen: 24
37.34.96.0/22 maxlen: 24
37.34.100.0/22 maxlen: 24
37.34.105.0/24 maxlen: 24
37.34.106.0/24 maxlen: 24
37.34.107.0/24 maxlen: 24
37.34.108.0/22 maxlen: 24
37.34.112.0/20 maxlen: 24
37.34.120.0/21 maxlen: 24
79.170.224.0/21 maxlen: 24
89.45.0.0/22 maxlen: 22
89.45.0.0/23 maxlen: 23
89.45.0.0/24 maxlen: 24
89.45.2.0/23 maxlen: 23
93.113.112.0/21 maxlen: 22
93.113.115.0/24 maxlen: 24
94.139.128.0/19 maxlen: 32
178.76.76.0/22 maxlen: 22
178.76.80.0/20 maxlen: 22
178.76.96.0/19 maxlen: 21
178.76.96.0/22 maxlen: 22
178.76.100.0/22 maxlen: 22
185.32.0.0/22 maxlen: 22
185.32.0.0/23 maxlen: 23
185.32.2.0/23 maxlen: 23
2a00:f900::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.mft
rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:4d:8c:50:b9:38:70:d8:4f:ec:50:92:77:b3:74:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Mar 15 08:49:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00541210666b9e96eded555612fabf8cc41f9165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:5f:f7:5a:61:49:12:7e:14:16:fc:f6:fa:
50:c8:5b:10:f0:5b:e8:91:9a:12:ce:67:37:0d:30:
6c:44:a6:dc:d6:13:e3:e1:3a:cb:a7:8a:32:66:e0:
1b:d7:b7:4d:ad:e3:2c:b6:cc:95:48:bd:a7:7f:0d:
a7:03:8c:5a:4e:87:ae:e1:2f:2c:a3:93:ca:68:34:
15:33:ff:f9:f0:65:8f:29:71:61:4d:02:57:3b:7b:
1d:09:f0:d2:90:b5:e3:40:49:b5:09:19:e9:68:45:
13:ae:d0:47:5d:58:d9:6c:0d:02:d1:c0:74:cf:35:
ba:61:07:71:8d:62:97:f6:b5:65:7c:f1:8d:da:97:
6e:ee:66:ad:fc:ee:14:21:5b:22:89:85:4a:aa:ea:
2f:64:83:bc:a7:a7:5f:4f:29:aa:a3:61:66:c7:a5:
83:bf:13:7e:95:00:69:7b:3d:77:6c:c6:79:d1:1a:
14:01:5c:87:cd:97:32:9a:ea:1c:94:86:c4:71:77:
06:c2:e1:4e:a9:78:9e:d9:8a:15:fd:bd:72:51:ae:
a3:73:28:df:57:ce:69:ae:db:b7:9d:38:2b:9c:da:
76:33:4d:6b:41:8b:9b:8e:1d:b7:9f:01:aa:a0:9c:
a2:96:62:11:16:46:88:74:19:19:93:f4:74:4e:2d:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:54:12:10:66:6B:9E:96:ED:ED:55:56:12:FA:BF:8C:C4:1F:91:65
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/AFQSEGZrnpbt7VVWEvq_jMQfkWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.96.0/19
79.170.224.0/21
89.45.0.0/22
93.113.112.0/21
94.139.128.0/19
178.76.76.0-178.76.127.255
185.32.0.0/22
IPv6:
2a00:f900::/32
Signature Algorithm: sha256WithRSAEncryption
58:1f:86:1b:38:10:2d:87:8d:38:77:16:3b:7b:4e:b6:6a:0c:
d0:73:37:9f:34:df:e5:a2:65:b8:b6:8f:49:99:57:3c:cc:77:
de:af:15:e3:ff:77:71:5b:8a:82:cd:46:71:0d:ec:58:cd:46:
7b:cd:d8:04:ea:d9:dd:2d:7f:8c:aa:95:ac:ee:09:cb:ff:1f:
33:4b:ad:23:b5:d0:8b:bd:6f:d8:80:a9:5c:27:84:e0:9d:8b:
ec:fd:f7:72:8f:62:f8:23:71:66:ee:5d:84:82:2f:74:f2:54:
49:be:a0:98:e1:c2:f3:dd:4a:c7:05:72:64:76:98:24:eb:97:
d5:df:72:ac:f2:72:9f:cd:2a:b3:f5:8b:22:d8:94:77:9e:ce:
56:44:39:4e:39:b5:25:b7:4b:c8:1e:2f:cb:5a:07:6c:31:0a:
f3:6b:6a:75:0c:6f:e3:21:1a:ae:bd:ba:d5:b2:cf:bc:5b:38:
95:30:98:52:31:2d:d8:20:60:b1:a8:17:93:71:fa:ee:3d:b1:
e9:40:7f:bb:d4:59:4e:b0:15:22:d1:57:dc:26:2c:da:86:26:
0d:28:ff:b6:d2:1c:0d:2b:5b:93:db:98:a6:d1:78:12:c6:b4:
66:08:83:4b:55:46:03:e3:66:b4:2f:1d:d1:4f:88:82:c5:9a:
2e:36:cc:ac
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY5BTYxQuThw2E/sUJJ3s3SJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWIxMDQ0NjNlOTIwYjQ1NTQyYjZhZjFhMjdkNTk1MGU4
NmU5YTAwHhcNMjQwMzE1MDg0OTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU0MTIxMDY2NmI5ZTk2ZWRlZDU1NTYxMmZhYmY4Y2M0MWY5MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZFf91phSRJ+FBb89vpQyFsQ8Fvo
kZoSzmc3DTBsRKbc1hPj4TrLp4oyZuAb17dNreMstsyVSL2nfw2nA4xaToeu4S8s
o5PKaDQVM//58GWPKXFhTQJXO3sdCfDSkLXjQEm1CRnpaEUTrtBHXVjZbA0C0cB0
zzW6YQdxjWKX9rVlfPGN2pdu7mat/O4UIVsiiYVKquovZIO8p6dfTymqo2Fmx6WD
vxN+lQBpez13bMZ50RoUAVyHzZcymuoclIbEcXcGwuFOqXie2YoV/b1yUa6jcyjf
V85prtu3nTgrnNp2M01rQYubjh23nwGqoJyilmIRFkaIdBkZk/R0Ti064QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFABUEhBma56W7e1VVhL6v4zEH5FlMB8GA1UdIwQY
MBaAFD3rEERj6SC0VUK2rxon1ZUOhumgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMt
MTE5ZDhiZjcxN2JiLzEvQUZRU0VHWnJucGJ0N1ZWV0V2cV9qTVFma1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMtMTE5ZDhiZjcxN2Ji
LzEvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQFJSJgAwQD
T6rgAwQCWS0AAwQDXXFwAwQFXouAMAwDBAKyTEwDBAeyTAADBAK5IAAwDQQCAAIw
BwMFACoA+QAwDQYJKoZIhvcNAQELBQADggEBAFgfhhs4EC2HjTh3Fjt7TrZqDNBz
N5803+WiZbi2j0mZVzzMd96vFeP/d3FbioLNRnEN7FjNRnvN2ATq2d0tf4yqlazu
Ccv/HzNLrSO10Iu9b9iAqVwnhOCdi+z993KPYvgjcWbuXYSCL3TyVEm+oJjhwvPd
SscFcmR2mCTrl9Xfcqzycp/NKrP1iyLYlHeezlZEOU45tSW3S8geL8taB2wxCvNr
anUMb+MhGq69utWyz7xbOJUwmFIxLdggYLGoF5Nx+u49selAf7vUWU6wFSLRV9wm
LNqGJg0o/7bSHA0rW5PbmKbReBLGtGYIg0tVRgPjZrQvHdFPiILFmi42zKw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:26:07 2024 by rpki-client on console-ams.rpki-client.org