Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/Lv2rVZZy6fjtuuyV5iNS1p-wbjM.roa
File: Lv2rVZZy6fjtuuyV5iNS1p-wbjM.roa (raw, json)
Hash identifier: /vhrDzUUhup0J2ABu67y/tV6hliMfFpbxoRRq9IPs5I=
Subject key identifier: 2E:FD:AB:55:96:72:E9:F8:ED:BA:EC:95:E6:23:52:D6:9F:B0:6E:33
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 01902B3ECE28605F98CD96F7D29C23BEFDBF
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/Lv2rVZZy6fjtuuyV5iNS1p-wbjM.roa
Signing time: Tue 18 Jun 2024 12:07:34 +0000
ROA not before: Tue 18 Jun 2024 12:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199727
IP address blocks: 185.37.41.0/24 maxlen: 24
185.37.42.0/24 maxlen: 24
185.37.43.0/24 maxlen: 24
185.189.172.0/24 maxlen: 24
185.189.173.0/24 maxlen: 24
185.189.174.0/24 maxlen: 24
185.189.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:3e:ce:28:60:5f:98:cd:96:f7:d2:9c:23:be:fd:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Jun 18 12:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2efdab559672e9f8edbaec95e62352d69fb06e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ff:00:da:36:96:f7:8e:5f:46:0d:50:33:93:
7a:4b:c1:09:a6:81:b7:d2:05:13:64:38:43:1f:9b:
90:2a:46:36:ef:bf:d0:4a:d4:1a:6b:41:dd:11:49:
74:97:d4:9e:20:d4:b1:e2:f3:1f:74:97:24:a7:63:
2c:0e:83:d5:f2:30:8c:de:27:73:80:e1:14:00:8f:
4d:6a:0c:43:8e:6c:60:a9:c5:43:78:9a:c1:b1:c4:
fd:6a:80:76:e5:54:47:f7:78:48:dd:be:87:e4:a4:
dc:a2:31:fc:5b:50:4a:0f:62:06:92:47:32:05:61:
88:18:59:da:11:f5:cd:82:2f:78:ed:58:23:6e:36:
e1:4b:9a:5b:57:fd:3b:a0:8e:e4:22:22:ca:da:ca:
ee:89:4c:7f:cb:e7:b3:e9:d8:72:d1:8c:8e:f3:86:
db:64:2e:98:76:76:e1:51:86:a5:b7:8c:b4:cb:9c:
16:ea:3f:ad:c1:a5:50:a9:fd:6a:e4:60:da:02:45:
72:3c:f8:5a:60:b5:21:07:bd:53:03:a0:14:f3:24:
2c:bd:ce:f8:a4:7a:91:ac:62:db:4c:08:7c:30:98:
f5:d1:03:d3:6c:32:2e:c4:1d:e4:4f:79:1b:5a:30:
60:0d:21:f2:2b:f7:39:40:e4:c4:45:42:ad:20:b5:
dd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FD:AB:55:96:72:E9:F8:ED:BA:EC:95:E6:23:52:D6:9F:B0:6E:33
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/Lv2rVZZy6fjtuuyV5iNS1p-wbjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.41.0-185.37.43.255
185.189.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:29:a4:8c:8d:9f:c9:46:2a:74:10:5e:e6:26:34:e5:4b:d4:
71:34:69:df:89:53:db:24:63:48:4d:31:cc:90:c4:5e:98:7d:
d2:1a:d2:3f:2a:2c:cd:59:01:56:8b:9e:e4:48:ab:c1:9e:3d:
3b:e8:d1:19:a5:81:34:8f:77:25:a7:73:ec:52:39:04:88:54:
72:09:ad:68:0e:c3:65:65:b8:39:43:c0:5c:d4:13:22:a8:59:
4d:6f:2d:d5:2d:b3:d1:a5:50:30:43:fe:a7:15:c4:e8:f1:6c:
5b:42:0d:a2:ec:a4:a3:a9:02:22:52:bf:ec:94:94:1c:85:5b:
c8:3f:66:99:4d:86:39:dc:9a:3e:fa:56:1a:41:e7:ec:f7:f1:
40:f7:b9:1e:7c:e2:ce:6b:df:37:39:be:34:c9:ae:7b:90:18:
a0:ac:d4:47:92:49:e3:3a:ff:02:c3:8e:f8:fa:4d:33:ba:84:
6e:db:8a:33:b3:89:e4:f1:20:82:d0:72:a0:8b:11:89:83:58:
ba:17:66:a0:5b:9a:a4:1e:8e:83:89:18:60:d7:d4:48:42:41:
cf:00:05:7c:c3:2d:72:b4:e0:30:85:2f:7d:e1:52:b5:ea:dc:
11:30:08:5a:73:92:c2:b7:12:17:f8:f3:32:f8:54:89:5d:e6:
0f:2d:ac:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZArPs4oYF+YzZb30pwjvv2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjQwNjE4MTIwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZkYWI1NTk2NzJlOWY4ZWRiYWVjOTVlNjIzNTJkNjlmYjA2ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2f8A2jaW945fRg1QM5N6S8EJpoG3
0gUTZDhDH5uQKkY277/QStQaa0HdEUl0l9SeINSx4vMfdJckp2MsDoPV8jCM3idz
gOEUAI9NagxDjmxgqcVDeJrBscT9aoB25VRH93hI3b6H5KTcojH8W1BKD2IGkkcy
BWGIGFnaEfXNgi947VgjbjbhS5pbV/07oI7kIiLK2sruiUx/y+ez6dhy0YyO84bb
ZC6YdnbhUYalt4y0y5wW6j+twaVQqf1q5GDaAkVyPPhaYLUhB71TA6AU8yQsvc74
pHqRrGLbTAh8MJj10QPTbDIuxB3kT3kbWjBgDSHyK/c5QOTERUKtILXdoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC79q1WWcun47brsleYjUtafsG4zMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvTHYyclZaWnk2Zmp0dXV5VjVpTlMxcC13YmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5JSkD
BAK5JSgDBAK5vawwDQYJKoZIhvcNAQELBQADggEBAB8ppIyNn8lGKnQQXuYmNOVL
1HE0ad+JU9skY0hNMcyQxF6YfdIa0j8qLM1ZAVaLnuRIq8GePTvo0RmlgTSPdyWn
c+xSOQSIVHIJrWgOw2VluDlDwFzUEyKoWU1vLdUts9GlUDBD/qcVxOjxbFtCDaLs
pKOpAiJSv+yUlByFW8g/ZplNhjncmj76VhpB5+z38UD3uR584s5r3zc5vjTJrnuQ
GKCs1EeSSeM6/wLDjvj6TTO6hG7bijOzieTxIILQcqCLEYmDWLoXZqBbmqQejoOJ
GGDX1EhCQc8ABXzDLXK04DCFL33hUrXq3BEwCFpzksK3Ehf48zL4VIld5g8trJc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:48 2024 by rpki-client on console-ams.rpki-client.org