Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/FtVYx30ZaTKSbvOJe2JyWIz-iEY.roa
File: FtVYx30ZaTKSbvOJe2JyWIz-iEY.roa (raw, json)
Hash identifier: +DZ/xkcJcl5vbpV3nJX2XsKWSY7gMb640bIUugJIZd4=
Subject key identifier: 16:D5:58:C7:7D:19:69:32:92:6E:F3:89:7B:62:72:58:8C:FE:88:46
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 018DC089A23DAE70169FDAF812CBF15210D3
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/FtVYx30ZaTKSbvOJe2JyWIz-iEY.roa
Signing time: Mon 19 Feb 2024 08:44:21 +0000
ROA not before: Mon 19 Feb 2024 08:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201749
IP address blocks: 37.205.112.0/21 maxlen: 22
37.205.112.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
37.205.115.0/24 maxlen: 24
37.205.116.0/22 maxlen: 22
37.205.116.0/24 maxlen: 24
37.205.117.0/24 maxlen: 24
37.205.118.0/24 maxlen: 24
37.205.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft
rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:89:a2:3d:ae:70:16:9f:da:f8:12:cb:f1:52:10:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Feb 19 08:44:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16d558c77d196932926ef3897b6272588cfe8846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7a:b4:b8:c1:8d:be:20:8f:0b:ff:3b:a5:61:
09:e8:d6:eb:37:d2:17:4a:51:a3:ed:32:9d:d1:39:
92:59:da:f6:0d:a4:85:24:9b:67:18:12:67:32:a5:
30:4a:f7:c4:53:43:0b:7f:70:52:7e:cb:5f:16:cf:
86:d4:ee:c9:07:4d:99:d6:40:2d:5f:8e:33:a5:97:
0d:3c:fc:c9:57:65:a9:89:98:fc:e8:f1:1f:d9:f0:
1f:f5:9c:39:46:10:cd:72:a1:03:bf:d6:44:dc:14:
37:72:94:9f:97:48:8b:a6:04:8d:26:85:48:fb:d7:
d0:ea:96:db:e6:8e:d7:af:12:4c:ba:5a:ce:cc:52:
ec:74:22:b2:1f:db:3b:a8:89:d3:67:e3:5c:45:6f:
a2:20:1c:a2:28:d8:0f:58:77:f3:f6:5d:fd:f3:dc:
dd:1b:49:1d:b9:a1:ff:9a:4c:82:fa:a5:85:64:61:
81:2e:40:73:b5:74:60:ed:a3:ad:40:c5:b0:62:1e:
04:85:52:7e:5f:dd:51:83:7a:6a:45:b3:bc:97:c9:
7a:4a:1d:14:c5:4b:c1:29:5d:02:8c:a4:b1:cd:d9:
8a:11:4e:4a:5c:b0:0b:b6:95:33:99:43:70:df:a6:
e5:a8:b0:95:ad:98:11:62:43:b3:e5:88:28:db:b8:
6f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D5:58:C7:7D:19:69:32:92:6E:F3:89:7B:62:72:58:8C:FE:88:46
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/FtVYx30ZaTKSbvOJe2JyWIz-iEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:4f:89:89:75:7e:6d:ac:69:ce:08:01:78:e7:97:e2:3b:a7:
4b:46:53:c4:5e:9b:cc:e2:83:91:d1:f8:56:dc:6d:fd:fe:7e:
f3:07:15:9f:b5:4c:42:15:88:52:78:c5:8b:71:7f:b6:57:56:
99:c2:c9:a3:e3:97:4e:eb:1e:4e:84:99:21:14:e2:0b:f5:bb:
ea:4a:18:14:e8:6b:fd:c3:f4:72:2d:7b:df:10:2c:d7:ea:e9:
5b:80:4a:a4:26:74:a9:8c:02:2d:87:28:26:e1:9b:1a:f4:20:
22:51:26:26:15:a9:87:af:09:df:cf:f3:28:1a:21:04:71:1f:
f1:6f:b1:2c:50:9e:c4:85:cc:96:bf:2c:9b:e4:64:4d:51:2d:
cf:bf:9f:92:44:f1:0b:bb:11:3a:c7:88:85:66:ae:c3:6d:7a:
45:4b:5b:a9:ab:9b:40:0c:fd:33:4f:2c:5a:46:37:35:5c:33:
8e:57:df:5c:01:36:24:41:54:a4:78:f9:fc:03:56:a1:d4:4a:
c5:b8:92:35:b2:6b:b9:6c:84:0d:c0:54:82:75:0a:10:2b:19:
09:04:27:7c:09:a0:43:82:b3:14:d8:a0:ee:3a:85:7d:dd:34:
17:4b:bf:c3:ab:29:d7:d6:73:aa:6e:58:74:72:20:e4:eb:50:
fd:80:8d:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3AiaI9rnAWn9r4EsvxUhDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjQwMjE5MDg0NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ1NThjNzdkMTk2OTMyOTI2ZWYzODk3YjYyNzI1ODhjZmU4ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3q0uMGNviCPC/87pWEJ6NbrN9IX
SlGj7TKd0TmSWdr2DaSFJJtnGBJnMqUwSvfEU0MLf3BSfstfFs+G1O7JB02Z1kAt
X44zpZcNPPzJV2WpiZj86PEf2fAf9Zw5RhDNcqEDv9ZE3BQ3cpSfl0iLpgSNJoVI
+9fQ6pbb5o7XrxJMulrOzFLsdCKyH9s7qInTZ+NcRW+iIByiKNgPWHfz9l3989zd
G0kduaH/mkyC+qWFZGGBLkBztXRg7aOtQMWwYh4EhVJ+X91Rg3pqRbO8l8l6Sh0U
xUvBKV0CjKSxzdmKEU5KXLALtpUzmUNw36blqLCVrZgRYkOz5Ygo27hvIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbVWMd9GWkykm7ziXticliM/ohGMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvRnRWWXgzMFphVEtTYnZPSmUySnlXSXotaUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy
LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJc1wMA0G
CSqGSIb3DQEBCwUAA4IBAQAuT4mJdX5trGnOCAF455fiO6dLRlPEXpvM4oOR0fhW
3G39/n7zBxWftUxCFYhSeMWLcX+2V1aZwsmj45dO6x5OhJkhFOIL9bvqShgU6Gv9
w/RyLXvfECzX6ulbgEqkJnSpjAIthygm4Zsa9CAiUSYmFamHrwnfz/MoGiEEcR/x
b7EsUJ7EhcyWvyyb5GRNUS3Pv5+SRPELuxE6x4iFZq7DbXpFS1upq5tADP0zTyxa
Rjc1XDOOV99cATYkQVSkePn8A1ah1ErFuJI1smu5bIQNwFSCdQoQKxkJBCd8CaBD
grMU2KDuOoV93TQXS7/DqynX1nOqblh0ciDk61D9gI3t
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:32 2024 by rpki-client on console-fra.rpki-client.org