Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/KUSYuZCBPvJ6xRup0Y00ku_h7n8.roa
File: KUSYuZCBPvJ6xRup0Y00ku_h7n8.roa (raw, json)
Hash identifier: QGJHu1GhBmeHnm3SIs8eMKNqHLTK3Xbwrtk9Hd7N/j8=
Subject key identifier: 29:44:98:B9:90:81:3E:F2:7A:C5:1B:A9:D1:8D:34:92:EF:E1:EE:7F
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018CC8DF81B9909B258F5DCF80E784C598F6
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/KUSYuZCBPvJ6xRup0Y00ku_h7n8.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39409
IP address blocks: 37.153.156.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2a10:9906:1001::/48 maxlen: 48
2001:678:d58::/48 maxlen: 48
2001:678:20c::/48 maxlen: 48
2a10:9906:3010::/48 maxlen: 48
2a10:9906::/48 maxlen: 48
2a10:9906:3020::/48 maxlen: 48
2a10:9906:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:81:b9:90:9b:25:8f:5d:cf:80:e7:84:c5:98:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294498b990813ef27ac51ba9d18d3492efe1ee7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:13:f9:6e:8a:39:65:66:8f:e0:1c:0a:d0:32:
6d:91:78:bc:93:4f:47:0c:c9:c8:c2:69:f2:a8:9e:
b7:97:96:ac:35:fd:cd:fc:b5:dd:09:06:2c:b7:04:
43:0c:f8:89:84:95:66:b7:20:93:6c:95:d9:e9:ee:
ca:d2:39:ce:9a:41:06:ba:45:5c:ca:41:53:cd:bd:
11:e0:fb:e6:ec:cc:6d:e9:52:6c:6a:f0:1e:df:58:
fe:61:6d:ce:e8:f5:9b:fc:c3:29:57:1e:64:73:81:
e1:15:78:d7:6d:e8:68:7d:23:d4:f7:67:a0:57:9d:
6b:55:be:e5:db:eb:6b:4d:fb:ca:1a:3f:c2:6a:20:
b9:77:87:ec:b9:80:88:4e:83:1d:ea:63:c8:84:a0:
35:76:62:8a:f7:20:33:df:ff:39:fe:41:6a:b0:63:
57:93:e7:e3:c2:80:9c:3e:b3:26:5a:43:0a:47:3b:
df:af:57:15:18:39:65:eb:db:8a:4f:9e:53:90:6c:
c6:92:8d:27:7f:f6:7d:7f:d8:c5:c6:4c:37:87:1e:
3b:94:65:89:84:18:b4:e2:eb:39:b0:57:1b:7a:37:
ad:b6:2f:3c:f5:7c:cc:a8:6a:28:16:fe:5a:7d:f8:
50:dc:2c:99:2c:e6:f6:3d:6a:d0:a9:9f:51:86:1f:
70:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:44:98:B9:90:81:3E:F2:7A:C5:1B:A9:D1:8D:34:92:EF:E1:EE:7F
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/KUSYuZCBPvJ6xRup0Y00ku_h7n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
185.216.8.0/24
IPv6:
2001:678:20c::/48
2001:678:d58::/48
2a10:9906::/48
2a10:9906:1001::-2a10:9906:1002:ffff:ffff:ffff:ffff:ffff
2a10:9906:3010::/48
2a10:9906:3020::/48
Signature Algorithm: sha256WithRSAEncryption
9e:7c:c7:a0:67:8e:20:83:f9:06:ec:ca:74:b6:7f:fe:bf:9c:
4a:1d:eb:94:d8:22:6e:35:c0:c3:3d:05:ac:03:71:11:22:28:
f6:27:fd:7d:7d:35:c2:3d:d1:be:90:76:6b:b6:3e:5e:64:ec:
d6:cf:d8:f4:e5:7f:db:78:1a:ca:55:04:8f:85:92:73:73:c2:
a1:07:6b:39:e5:cb:52:f6:20:e7:cb:24:a7:07:37:db:f6:a6:
5c:1e:24:b1:2f:89:94:ca:b4:cc:63:0c:15:d9:c4:b1:33:bb:
d5:c3:68:0c:f6:d7:0a:21:fb:52:82:82:ad:54:4c:d3:75:27:
72:33:70:1f:81:43:d4:05:7c:44:53:e1:ab:7c:72:7d:36:99:
74:e7:c4:ee:dc:df:2c:f2:4a:e5:b7:11:2e:b0:c8:90:30:aa:
f1:cf:55:55:99:6d:45:5c:0f:19:01:fa:24:04:28:b5:3a:9c:
1f:e7:67:b0:c2:74:83:a6:4d:24:b5:ed:dd:76:31:78:16:77:
ae:b9:71:32:73:3c:7f:51:92:dc:43:bd:50:ee:a0:98:bf:bd:
7d:eb:87:04:94:14:72:49:c0:e8:3b:b1:6d:42:d6:cf:c8:3c:
81:37:2e:50:6a:cb:37:a4:f7:f0:62:74:c3:37:fe:5b:7d:34:
cf:19:19:49
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzI34G5kJslj13PgOeExZj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ0OThiOTkwODEzZWYyN2FjNTFiYTlkMThkMzQ5MmVmZTFlZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRP5boo5ZWaP4BwK0DJtkXi8k09H
DMnIwmnyqJ63l5asNf3N/LXdCQYstwRDDPiJhJVmtyCTbJXZ6e7K0jnOmkEGukVc
ykFTzb0R4Pvm7Mxt6VJsavAe31j+YW3O6PWb/MMpVx5kc4HhFXjXbehofSPU92eg
V51rVb7l2+trTfvKGj/CaiC5d4fsuYCIToMd6mPIhKA1dmKK9yAz3/85/kFqsGNX
k+fjwoCcPrMmWkMKRzvfr1cVGDll69uKT55TkGzGko0nf/Z9f9jFxkw3hx47lGWJ
hBi04us5sFcbejetti889XzMqGooFv5affhQ3CyZLOb2PWrQqZ9Rhh9wiQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFClEmLmQgT7yesUbqdGNNJLv4e5/MB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvS1VTWXVaQ0JQdko2eFJ1cDBZMDBrdV9oN244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTASBAIAATAMAwQAJZmcAwQA
udgIMEcEAgACMEEDBwAgAQZ4AgwDBwAgAQZ4DVgDBwAqEJkGAAAwEgMHACoQmQYQ
AQMHACoQmQYQAgMHACoQmQYwEAMHACoQmQYwIDANBgkqhkiG9w0BAQsFAAOCAQEA
nnzHoGeOIIP5BuzKdLZ//r+cSh3rlNgibjXAwz0FrANxESIo9if9fX01wj3RvpB2
a7Y+XmTs1s/Y9OV/23gaylUEj4WSc3PCoQdrOeXLUvYg58skpwc32/amXB4ksS+J
lMq0zGMMFdnEsTO71cNoDPbXCiH7UoKCrVRM03UncjNwH4FD1AV8RFPhq3xyfTaZ
dOfE7tzfLPJK5bcRLrDIkDCq8c9VVZltRVwPGQH6JAQotTqcH+dnsMJ0g6ZNJLXt
3XYxeBZ3rrlxMnM8f1GS3EO9UO6gmL+9feuHBJQUcknA6DuxbULWz8g8gTcuUGrL
N6T38GJ0wzf+W300zxkZSQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:53:50 2024 by rpki-client on console-fra.rpki-client.org