Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Di8FR0kdyIhzZtdK-SeQ8fgxb9M.roa
File: Di8FR0kdyIhzZtdK-SeQ8fgxb9M.roa (raw, json)
Hash identifier: Lpp0JOnemZQed/Uz+6tViKXI2Bk/y9qLkjjUTytD5BM=
Subject key identifier: 0E:2F:05:47:49:1D:C8:88:73:66:D7:4A:F9:27:90:F1:F8:31:6F:D3
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018D606F7FB689F4C8CF9D93A087EE3D5B2C
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Di8FR0kdyIhzZtdK-SeQ8fgxb9M.roa
Signing time: Wed 31 Jan 2024 16:52:16 +0000
ROA not before: Wed 31 Jan 2024 16:52:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 37.98.232.0/21 maxlen: 24
136.242.128.0/17 maxlen: 24
138.12.128.0/17 maxlen: 24
148.139.0.0/16 maxlen: 24
157.5.128.0/17 maxlen: 24
157.70.0.0/17 maxlen: 24
163.120.128.0/17 maxlen: 24
165.171.0.0/17 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 13:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:6f:7f:b6:89:f4:c8:cf:9d:93:a0:87:ee:3d:5b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jan 31 16:52:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2f0547491dc8887366d74af92790f1f8316fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:80:56:dd:d4:45:7d:f0:6a:1a:68:c8:96:
89:4a:9d:2a:c0:19:f8:5e:b4:de:03:e6:05:8e:0a:
10:50:9f:b7:bb:30:9f:23:ae:e5:af:5b:01:d7:38:
9b:f3:38:3a:2f:c0:d2:6f:7b:b4:2a:93:be:d9:22:
3f:e9:c5:1c:ea:45:00:35:a5:db:0a:c2:8e:78:a3:
8f:95:03:f2:7a:97:fe:b6:fd:d2:a9:ee:4e:95:69:
75:07:a1:3f:fd:8e:1f:a8:7e:5e:45:24:dc:27:b3:
1e:0d:a6:d6:1d:50:5d:bc:d9:45:26:b2:ea:5b:0f:
44:47:11:5a:30:df:f3:4f:a7:5f:8e:ed:67:53:ea:
f8:a2:49:2a:30:86:9b:93:b1:70:9f:28:5c:1e:fc:
f3:09:ee:c6:4a:34:03:53:9f:98:ed:57:c0:95:e2:
7f:2d:db:a2:63:46:7d:48:01:d0:79:d6:7c:e6:c0:
f6:4e:7f:da:15:ef:50:3d:16:e5:8b:37:b0:3b:b6:
34:ea:39:2c:fa:18:8f:20:7b:a9:4f:99:94:1a:5e:
87:86:96:b5:a8:7f:3c:9e:86:ec:ef:f8:e4:61:b7:
02:9f:b5:10:0c:10:49:b4:81:67:16:28:72:be:36:
3e:25:fc:dd:9b:f4:60:c9:51:25:a9:ef:3f:5d:50:
74:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2F:05:47:49:1D:C8:88:73:66:D7:4A:F9:27:90:F1:F8:31:6F:D3
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/Di8FR0kdyIhzZtdK-SeQ8fgxb9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:a1:8b:c2:23:af:a1:69:9a:fd:03:79:cb:91:aa:9c:2a:78:
2b:57:92:2f:5a:17:e9:67:75:6d:40:db:9e:ef:e2:2d:2c:d4:
58:03:21:cd:35:83:06:c7:49:52:38:08:a2:82:62:5b:95:66:
53:dc:fb:74:06:7b:8b:46:87:79:f8:f2:62:20:f4:d8:82:ea:
93:11:fa:6f:a9:d6:9c:84:be:f6:da:f6:a4:d4:4d:ff:13:ca:
a4:61:95:71:c2:99:bf:b5:1a:11:9e:40:ac:23:73:9b:e2:5f:
0c:e4:77:f6:75:9a:b0:9c:da:06:48:93:c1:6f:99:4a:ed:5e:
5a:bf:d3:f1:fc:74:4a:d5:05:bd:fb:4a:7b:ab:90:d7:97:05:
ca:bb:f5:96:08:c4:70:73:ae:ef:76:d7:08:88:1f:77:ed:2a:
78:10:f7:1c:53:ee:38:30:f3:52:8f:7e:67:1d:0b:b9:1b:c1:
a0:fb:61:09:0b:40:a9:a2:e6:aa:1b:85:b5:29:01:cc:ba:06:
10:83:5f:9a:34:6c:bf:03:e3:74:7b:f1:a9:56:73:2c:2c:69:
c5:ef:18:cd:63:da:d5:ed:c0:1a:9d:8c:9b:1c:ef:fa:7f:15:
bd:52:4b:53:9a:60:ec:f0:46:ec:97:bd:aa:39:ef:ee:6d:8a:
31:02:c2:21
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY1gb3+2ifTIz52ToIfuPVssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwMTMxMTY1MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJmMDU0NzQ5MWRjODg4NzM2NmQ3NGFmOTI3OTBmMWY4MzE2ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8SAVt3URX3wahpoyJaJSp0qwBn4
XrTeA+YFjgoQUJ+3uzCfI67lr1sB1zib8zg6L8DSb3u0KpO+2SI/6cUc6kUANaXb
CsKOeKOPlQPyepf+tv3Sqe5OlWl1B6E//Y4fqH5eRSTcJ7MeDabWHVBdvNlFJrLq
Ww9ERxFaMN/zT6dfju1nU+r4okkqMIabk7FwnyhcHvzzCe7GSjQDU5+Y7VfAleJ/
LduiY0Z9SAHQedZ85sD2Tn/aFe9QPRblizewO7Y06jks+hiPIHupT5mUGl6Hhpa1
qH88nobs7/jkYbcCn7UQDBBJtIFnFihyvjY+Jfzdm/RgyVElqe8/XVB0twIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFA4vBUdJHciIc2bXSvknkPH4MW/TMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvRGk4RlIwa2R5SWh6WnRkSy1TZVE4Zmd4YjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAJGhi8Ijr6Fpmv0DecuRqpwqeCtXki9a
F+lndW1A257v4i0s1FgDIc01gwbHSVI4CKKCYluVZlPc+3QGe4tGh3n48mIg9NiC
6pMR+m+p1pyEvvba9qTUTf8TyqRhlXHCmb+1GhGeQKwjc5viXwzkd/Z1mrCc2gZI
k8FvmUrtXlq/0/H8dErVBb37SnurkNeXBcq79ZYIxHBzru921wiIH3ftKngQ9xxT
7jgw81KPfmcdC7kbwaD7YQkLQKmi5qobhbUpAcy6BhCDX5o0bL8D43R78alWcyws
acXvGM1j2tXtwBqdjJsc7/p/Fb1SS1OaYOzwRuyXvao57+5tijECwiE=
-----END CERTIFICATE-----
Generated at Thu May 2 18:17:18 2024 by rpki-client on console-fra.rpki-client.org