Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/AQdPylVlTzkVjN0Cdg2ULxaFYVA.roa
File: AQdPylVlTzkVjN0Cdg2ULxaFYVA.roa (raw, json)
Hash identifier: F0Q1HDImjPfreQV2wya8Zr54J4+7A1jluDY1bf11Qa8=
Subject key identifier: 01:07:4F:CA:55:65:4F:39:15:8C:DD:02:76:0D:94:2F:16:85:61:50
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0192BDAE1CA2FFBC91EA335D388DCC746137
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/AQdPylVlTzkVjN0Cdg2ULxaFYVA.roa
Signing time: Thu 24 Oct 2024 08:39:17 +0000
ROA not before: Thu 24 Oct 2024 08:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:ae:1c:a2:ff:bc:91:ea:33:5d:38:8d:cc:74:61:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 24 08:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01074fca55654f39158cdd02760d942f16856150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:ec:6b:8e:c2:94:0a:58:a3:a4:2c:40:ff:
65:13:55:2f:d5:e8:71:e8:40:ff:ab:20:20:2d:53:
5d:69:06:5f:6b:b5:50:0f:38:eb:63:23:7d:6f:f2:
5f:27:32:7e:8b:b4:d5:e2:06:0e:df:11:e6:4c:6b:
70:b7:27:57:3a:05:b9:de:95:21:41:80:53:63:57:
ff:79:b3:a0:bc:9f:09:c1:46:b7:58:79:af:d3:6e:
68:b0:4c:93:83:11:f0:81:be:bd:dc:b5:57:1f:e3:
df:ad:ad:e4:1d:e6:a2:cb:bf:79:c7:63:fd:33:05:
c9:f7:90:d7:da:fd:ba:f0:39:35:f9:99:b9:da:65:
b1:1b:c0:fd:29:e9:25:4d:d3:3e:48:b8:03:26:2c:
33:bc:48:d5:ee:da:bd:3a:48:00:54:3f:55:bf:44:
81:64:6c:64:e6:7d:1a:bb:a0:4b:56:83:3b:6a:41:
2d:2f:44:e5:db:db:80:a6:2a:13:10:cb:3d:1c:1e:
b2:e0:82:b6:e2:8a:bc:14:ed:6f:3b:c3:90:83:29:
79:ab:ab:f2:83:a6:fb:39:55:4d:e8:99:8e:e2:d2:
07:20:ad:83:0e:93:f7:ad:4e:8b:c7:0a:8d:43:8d:
49:5f:41:24:29:12:92:41:01:d1:cb:22:fc:4e:f6:
70:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:07:4F:CA:55:65:4F:39:15:8C:DD:02:76:0D:94:2F:16:85:61:50
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/AQdPylVlTzkVjN0Cdg2ULxaFYVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
94.74.152.0/22
109.203.166.0/24
109.203.168.0/21
109.203.184.0/21
Signature Algorithm: sha256WithRSAEncryption
76:92:cc:1f:21:5a:a0:fa:e9:1f:03:53:b5:4f:86:d1:bc:4c:
1b:cc:53:df:ea:d5:8d:c9:42:9c:bd:7c:55:7a:29:e2:cb:66:
d0:fe:99:fb:55:a8:31:96:b9:9f:08:e8:17:32:ee:5b:db:04:
b4:3e:6d:cc:91:2c:36:60:2e:7e:d8:c6:56:07:25:29:76:6d:
d7:b0:a1:63:45:06:bd:0d:dd:9d:b0:e3:d8:e8:6d:f4:0e:8a:
a8:72:6c:3a:3c:52:1d:b4:e4:19:0f:c7:52:43:68:25:b6:8f:
de:b1:be:c5:a9:1d:76:df:6e:5f:92:e0:f2:17:69:45:21:40:
4e:b0:ba:e5:42:c8:12:3d:ad:ec:55:4f:13:3d:41:29:ff:1c:
0c:bb:b6:61:ff:07:96:4d:52:ea:e5:0f:07:c7:e5:9a:08:f2:
cd:21:42:82:89:37:8a:05:90:01:e8:16:8b:58:0d:4d:c2:63:
cb:5d:c7:45:2e:25:d7:25:ab:3c:e5:7a:b6:b8:b2:ee:17:75:
18:b7:3d:da:a2:a3:f4:03:97:c8:a7:b8:36:23:f5:9a:7c:d3:
a6:35:51:ca:cc:e0:a7:fe:be:ed:1a:df:92:b3:80:20:47:20:
c0:f3:e4:eb:07:39:9a:3d:1f:c2:30:aa:bb:06:56:cc:4b:e1:
5a:af:46:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZK9rhyi/7yR6jNdOI3MdGE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDI0MDgzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTA3NGZjYTU1NjU0ZjM5MTU4Y2RkMDI3NjBkOTQyZjE2ODU2MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthHsa47ClApYo6QsQP9lE1Uv1ehx
6ED/qyAgLVNdaQZfa7VQDzjrYyN9b/JfJzJ+i7TV4gYO3xHmTGtwtydXOgW53pUh
QYBTY1f/ebOgvJ8JwUa3WHmv025osEyTgxHwgb693LVXH+Pfra3kHeaiy795x2P9
MwXJ95DX2v268Dk1+Zm52mWxG8D9KeklTdM+SLgDJiwzvEjV7tq9OkgAVD9Vv0SB
ZGxk5n0au6BLVoM7akEtL0Tl29uApioTEMs9HB6y4IK24oq8FO1vO8OQgyl5q6vy
g6b7OVVN6JmO4tIHIK2DDpP3rU6LxwqNQ41JX0EkKRKSQQHRyyL8TvZw4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAEHT8pVZU85FYzdAnYNlC8WhWFQMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQVFkUHlsVmxUemtWak4wQ2RnMlVMeGFGWVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJTGQAwQC
XkqYAwQAbcumAwQDbcuoAwQDbcu4MA0GCSqGSIb3DQEBCwUAA4IBAQB2kswfIVqg
+ukfA1O1T4bRvEwbzFPf6tWNyUKcvXxVeiniy2bQ/pn7VagxlrmfCOgXMu5b2wS0
Pm3MkSw2YC5+2MZWByUpdm3XsKFjRQa9Dd2dsOPY6G30Doqocmw6PFIdtOQZD8dS
Q2glto/esb7FqR12325fkuDyF2lFIUBOsLrlQsgSPa3sVU8TPUEp/xwMu7Zh/weW
TVLq5Q8Hx+WaCPLNIUKCiTeKBZAB6BaLWA1NwmPLXcdFLiXXJas85Xq2uLLuF3UY
tz3aoqP0A5fIp7g2I/WafNOmNVHKzOCn/r7tGt+Ss4AgRyDA8+TrBzmaPR/CMKq7
BlbMS+Far0Yx
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:11 2024 by rpki-client on console-fra.rpki-client.org