Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/aZrKsxtjSlqhU_WDgcdfyamWSN0.roa
File: aZrKsxtjSlqhU_WDgcdfyamWSN0.roa (raw, json)
Hash identifier: c7NK89XtOO1CPKYKMECOWZYK1b7TotTncPAuLi1pXe0=
Subject key identifier: 69:9A:CA:B3:1B:63:4A:5A:A1:53:F5:83:81:C7:5F:C9:A9:96:48:DD
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 0192B7524D093D5E3D222B0FDFE141256919
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/aZrKsxtjSlqhU_WDgcdfyamWSN0.roa
Signing time: Wed 23 Oct 2024 03:01:17 +0000
ROA not before: Wed 23 Oct 2024 03:01:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 185.28.37.0/24 maxlen: 24
185.28.38.0/24 maxlen: 24
185.28.39.0/24 maxlen: 24
185.126.34.0/24 maxlen: 24
2a10:1440::/29 maxlen: 29
2a10:1440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b7:52:4d:09:3d:5e:3d:22:2b:0f:df:e1:41:25:69:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Oct 23 03:01:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699acab31b634a5aa153f58381c75fc9a99648dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:71:f5:80:fb:fe:37:e4:76:33:4b:e1:70:
ce:2e:29:78:f4:21:cd:db:dc:0d:e9:dd:08:5e:47:
5b:c8:9b:e2:a2:91:68:d9:80:5c:c9:35:99:67:c7:
19:7c:a7:de:92:4c:cd:6d:30:05:fa:13:7a:5b:2e:
d5:fa:2f:e8:5e:28:20:3d:32:af:95:c3:fc:96:82:
e7:d0:be:76:42:73:f2:c3:ef:cc:37:b1:25:6a:ee:
b1:98:61:da:57:16:8d:18:df:82:ed:d8:6a:d0:2d:
a6:28:4a:20:47:1d:e4:03:8a:a4:a1:ed:00:d3:d9:
be:37:9e:87:6e:79:1b:26:44:f6:41:fc:d3:04:5c:
12:f2:0b:02:ae:bb:aa:9e:6b:75:f6:22:47:1f:86:
dd:69:51:51:ed:22:41:74:b2:b0:18:f3:17:bc:a8:
82:da:b1:1f:ed:de:b8:91:0a:e9:fd:9f:a2:94:86:
3e:35:16:92:bd:8f:24:12:95:5c:43:e4:35:19:27:
38:82:49:98:6f:be:a5:f2:92:c9:4f:c4:43:5f:0a:
9e:d9:ad:3a:2f:4b:22:91:15:51:8d:2d:b5:3e:93:
0b:be:a9:d8:10:f4:77:88:bd:89:ea:f4:a3:e0:e6:
3c:78:0d:4b:2d:c2:3c:7a:50:c0:36:c5:23:b9:10:
24:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9A:CA:B3:1B:63:4A:5A:A1:53:F5:83:81:C7:5F:C9:A9:96:48:DD
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/aZrKsxtjSlqhU_WDgcdfyamWSN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.37.0-185.28.39.255
185.126.34.0/24
IPv6:
2a10:1440::/29
Signature Algorithm: sha256WithRSAEncryption
7d:53:97:87:8f:f0:42:3a:80:41:93:27:02:0a:73:d9:70:73:
1e:3a:7f:d4:05:c6:fc:e7:7f:2f:a6:7d:f8:de:5b:b5:74:8b:
13:37:35:9d:19:ea:da:fe:3e:09:e1:95:84:4e:2f:f6:9b:6f:
93:a6:f7:57:ea:12:da:a7:dd:ce:fa:e9:70:e4:a9:b8:c2:38:
7d:6a:a0:2a:3a:6f:74:50:f9:b4:ca:b9:f3:d1:fe:fc:3b:1a:
99:33:d1:69:36:64:99:ff:52:a2:41:74:42:51:0b:01:d3:ac:
c3:3f:b9:62:bd:14:35:6b:99:89:16:12:19:90:74:75:86:9d:
79:c4:e2:57:7d:a4:79:73:f4:65:c6:48:00:c1:db:4d:b2:39:
cc:4c:f9:77:b4:e0:3b:13:1f:e7:bd:ab:45:46:06:0b:3f:b3:
44:6c:d8:b8:24:23:51:02:3f:fc:ec:95:70:45:dd:ce:6a:27:
2e:ef:5c:5c:47:25:9f:9a:19:3f:43:0e:bb:fe:cb:a6:a3:a2:
49:59:b2:a2:af:5d:79:7b:b7:6a:b5:97:45:ee:19:79:d2:c3:
57:c0:9a:11:cc:77:18:88:6b:73:7f:3c:92:d7:14:e0:44:14:
88:ce:cf:77:43:c1:4b:50:84:86:34:44:e3:8a:1b:8e:1d:c5:
31:45:2a:86
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZK3Uk0JPV49IisP3+FBJWkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjQxMDIzMDMwMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTlhY2FiMzFiNjM0YTVhYTE1M2Y1ODM4MWM3NWZjOWE5OTY0OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoVx9YD7/jfkdjNL4XDOLil49CHN
29wN6d0IXkdbyJviopFo2YBcyTWZZ8cZfKfekkzNbTAF+hN6Wy7V+i/oXiggPTKv
lcP8loLn0L52QnPyw+/MN7Elau6xmGHaVxaNGN+C7dhq0C2mKEogRx3kA4qkoe0A
09m+N56HbnkbJkT2QfzTBFwS8gsCrruqnmt19iJHH4bdaVFR7SJBdLKwGPMXvKiC
2rEf7d64kQrp/Z+ilIY+NRaSvY8kEpVcQ+Q1GSc4gkmYb76l8pLJT8RDXwqe2a06
L0sikRVRjS21PpMLvqnYEPR3iL2J6vSj4OY8eA1LLcI8elDANsUjuRAkUQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGmayrMbY0paoVP1g4HHX8mplkjdMB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvYVpyS3N4dGpTbHFoVV9XRGdjZGZ5YW1XU04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMtYWU5OTllZDdjNWQ0
LzEvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5HCUD
BAO5HCADBAC5fiIwDQQCAAIwBwMFAyoQFEAwDQYJKoZIhvcNAQELBQADggEBAH1T
l4eP8EI6gEGTJwIKc9lwcx46f9QFxvznfy+mffjeW7V0ixM3NZ0Z6tr+PgnhlYRO
L/abb5Om91fqEtqn3c766XDkqbjCOH1qoCo6b3RQ+bTKufPR/vw7Gpkz0Wk2ZJn/
UqJBdEJRCwHTrMM/uWK9FDVrmYkWEhmQdHWGnXnE4ld9pHlz9GXGSADB202yOcxM
+Xe04DsTH+e9q0VGBgs/s0Rs2LgkI1ECP/zslXBF3c5qJy7vXFxHJZ+aGT9DDrv+
y6ajoklZsqKvXXl7t2q1l0XuGXnSw1fAmhHMdxiIa3N/PJLXFOBEFIjOz3dDwUtQ
hIY0ROOKG44dxTFFKoY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:02 2024 by rpki-client on console-ams.rpki-client.org