Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/k2K8UyoGxxs5sY3Sk4zG8meqeW0.roa
File: k2K8UyoGxxs5sY3Sk4zG8meqeW0.roa (raw, json)
Hash identifier: 9cVpETNG6dCHtXzJlnuBThE0c5zxmffdKap48Ytjrak=
Subject key identifier: 93:62:BC:53:2A:06:C7:1B:39:B1:8D:D2:93:8C:C6:F2:67:AA:79:6D
Certificate issuer: /CN=53529924b233ac563c08e0c313e29213fd969669
Certificate serial: 018CC42560A2D861966B18C3AF55B790013F
Authority key identifier: 53:52:99:24:B2:33:AC:56:3C:08:E0:C3:13:E2:92:13:FD:96:96:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1KZJLIzrFY8CODDE-KSE_2Wlmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/k2K8UyoGxxs5sY3Sk4zG8meqeW0.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5603
IP address blocks: 37.18.224.0/20 maxlen: 24
37.18.224.0/22 maxlen: 24
37.18.232.0/21 maxlen: 21
37.18.230.0/23 maxlen: 23
37.18.228.0/23 maxlen: 23
185.58.182.0/23 maxlen: 23
185.58.180.0/22 maxlen: 24
185.58.180.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/U1KZJLIzrFY8CODDE-KSE_2Wlmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/U1KZJLIzrFY8CODDE-KSE_2Wlmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1KZJLIzrFY8CODDE-KSE_2Wlmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:60:a2:d8:61:96:6b:18:c3:af:55:b7:90:01:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53529924b233ac563c08e0c313e29213fd969669
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9362bc532a06c71b39b18dd2938cc6f267aa796d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:d0:1c:ec:64:76:c7:6b:cc:3c:32:e4:70:
13:8a:be:60:21:e6:bb:e8:70:d0:1c:2e:bc:2e:e2:
47:2f:5f:8f:b4:ad:ac:b2:46:77:ef:6e:7f:3e:dd:
d8:df:63:4f:d3:a0:1f:39:ca:d7:13:d1:15:44:3d:
69:e4:62:bf:0d:ed:64:1f:ea:46:1b:46:2c:ec:39:
b2:9b:19:09:9c:0a:c0:0e:46:41:a5:38:b5:b1:ee:
24:5e:49:16:aa:f4:96:ce:13:ac:1c:a9:6f:2e:e4:
da:ed:e7:0f:d2:d0:6a:e1:0a:b0:ea:39:1c:c3:8f:
1d:ea:fe:d4:0b:d5:1f:e4:67:c5:12:03:12:3d:cb:
be:fe:b2:3e:a8:2b:2a:78:10:92:08:a1:ff:9b:fa:
ec:72:9a:8e:f8:03:33:50:7c:5c:42:48:84:d4:34:
d1:30:62:25:f1:c9:ff:a4:9d:59:11:91:42:b8:98:
96:2b:63:42:4f:eb:d2:80:5b:f4:06:a1:ed:e0:5f:
9f:4c:2e:1d:cb:9a:a5:47:25:50:c0:b2:a2:2e:34:
2a:50:bc:89:71:8c:a3:b7:28:bb:6c:8b:2b:43:10:
93:8e:df:69:1b:d4:04:66:35:a1:4e:a7:3f:68:96:
43:6c:47:09:54:00:14:1d:09:22:be:b7:8f:43:ed:
50:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:62:BC:53:2A:06:C7:1B:39:B1:8D:D2:93:8C:C6:F2:67:AA:79:6D
X509v3 Authority Key Identifier:
keyid:53:52:99:24:B2:33:AC:56:3C:08:E0:C3:13:E2:92:13:FD:96:96:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1KZJLIzrFY8CODDE-KSE_2Wlmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/k2K8UyoGxxs5sY3Sk4zG8meqeW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0e2714-9dd6-4fe8-ab24-94415690ddfd/1/U1KZJLIzrFY8CODDE-KSE_2Wlmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.224.0/20
185.58.180.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:b6:e1:e5:72:31:fa:ac:bd:8c:08:e8:8c:da:d4:56:7f:3f:
78:37:55:b3:cc:0a:59:01:79:59:0f:31:97:16:fb:e2:13:b3:
97:0f:4a:59:32:fa:dc:63:0d:42:c6:cd:18:29:0e:e2:f2:6e:
3b:5b:2f:01:86:c6:3e:fd:01:86:5b:a1:0f:b4:10:33:19:e2:
06:c9:20:71:fc:28:ec:f4:4d:59:93:d5:24:cc:8a:90:7b:a8:
9a:98:b5:24:92:e7:4a:f1:8c:34:51:98:83:1a:66:47:47:4b:
00:e3:45:51:6a:6e:22:dd:bb:fe:7a:a5:0c:e1:2f:3c:34:67:
05:b2:bb:78:df:6b:4d:64:9a:01:32:74:83:67:bd:3a:d3:7f:
d1:d8:51:03:62:b5:ee:5f:44:64:e4:67:b5:08:53:d8:03:d7:
73:0b:43:41:12:17:86:2c:ba:7a:0e:b2:ac:f4:0d:3f:fd:4c:
ac:f6:61:7a:77:9d:56:43:60:63:ef:86:ea:57:16:57:b7:94:
22:08:a6:3e:9e:b2:13:8d:66:96:99:8c:7c:69:62:0c:cc:75:
d9:e1:a9:b5:87:4f:74:9e:46:cb:50:22:98:4a:fd:10:06:f5:
ba:44:84:5c:a2:d7:76:93:0f:8b:cb:4b:b8:62:98:22:d0:80:
fa:fb:c0:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJWCi2GGWaxjDr1W3kAE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTI5OTI0YjIzM2FjNTYzYzA4ZTBjMzEzZTI5MjEzZmQ5
Njk2NjkwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYyYmM1MzJhMDZjNzFiMzliMThkZDI5MzhjYzZmMjY3YWE3OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEbQHOxkdsdrzDwy5HATir5gIea7
6HDQHC68LuJHL1+PtK2sskZ3725/Pt3Y32NP06AfOcrXE9EVRD1p5GK/De1kH+pG
G0Ys7DmymxkJnArADkZBpTi1se4kXkkWqvSWzhOsHKlvLuTa7ecP0tBq4Qqw6jkc
w48d6v7UC9Uf5GfFEgMSPcu+/rI+qCsqeBCSCKH/m/rscpqO+AMzUHxcQkiE1DTR
MGIl8cn/pJ1ZEZFCuJiWK2NCT+vSgFv0BqHt4F+fTC4dy5qlRyVQwLKiLjQqULyJ
cYyjtyi7bIsrQxCTjt9pG9QEZjWhTqc/aJZDbEcJVAAUHQkivrePQ+1QKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNivFMqBscbObGN0pOMxvJnqnltMB8GA1UdIwQY
MBaAFFNSmSSyM6xWPAjgwxPikhP9lpZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFLWkpMSXpyRlk4Q09EREUtS1NFXzJXbG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wZTI3MTQtOWRkNi00ZmU4LWFiMjQt
OTQ0MTU2OTBkZGZkLzEvazJLOFV5b0d4eHM1c1kzU2s0ekc4bWVxZVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wZTI3MTQtOWRkNi00ZmU4LWFiMjQtOTQ0MTU2OTBkZGZk
LzEvVTFLWkpMSXpyRlk4Q09EREUtS1NFXzJXbG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJRLgAwQC
uTq0MA0GCSqGSIb3DQEBCwUAA4IBAQBftuHlcjH6rL2MCOiM2tRWfz94N1WzzApZ
AXlZDzGXFvviE7OXD0pZMvrcYw1Cxs0YKQ7i8m47Wy8BhsY+/QGGW6EPtBAzGeIG
ySBx/Cjs9E1Zk9UkzIqQe6iamLUkkudK8Yw0UZiDGmZHR0sA40VRam4i3bv+eqUM
4S88NGcFsrt432tNZJoBMnSDZ70603/R2FEDYrXuX0Rk5Ge1CFPYA9dzC0NBEheG
LLp6DrKs9A0//Uys9mF6d51WQ2Bj74bqVxZXt5QiCKY+nrITjWaWmYx8aWIMzHXZ
4am1h090nkbLUCKYSv0QBvW6RIRcotd2kw+Ly0u4Ypgi0ID6+8Bf
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:05:12 2024 by rpki-client on console-ams.rpki-client.org