Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/1-sp_5XS4uEp1q95U6ZReRXmapg4.roa
File: 1-sp_5XS4uEp1q95U6ZReRXmapg4.roa (raw, json)
Hash identifier: N+3edtjZ2gBytCZ9rU/6MCjH2zHZS+ORS9Unc5+DAuc=
Subject key identifier: FA:CA:7F:E5:74:B8:B8:4A:75:AB:DE:54:E9:94:5E:45:79:9A:A6:0E
Certificate issuer: /CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Certificate serial: 018CC34893D675D34E8F6167AF6443BB28AA
Authority key identifier: 42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/1-sp_5XS4uEp1q95U6ZReRXmapg4.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13127
IP address blocks: 37.220.150.0/24 maxlen: 24
37.220.149.0/24 maxlen: 24
37.220.148.0/24 maxlen: 24
37.220.151.0/24 maxlen: 24
37.220.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:93:d6:75:d3:4e:8f:61:67:af:64:43:bb:28:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faca7fe574b8b84a75abde54e9945e45799aa60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c9:f1:20:8e:09:4a:8b:f0:1a:61:41:22:37:
ea:bf:dd:6f:0a:8e:2f:f4:fe:c2:fd:ce:83:18:42:
ac:d3:14:a5:16:ad:20:f3:f5:b2:1b:03:97:d0:99:
7d:d1:45:bf:17:0f:f5:fe:7e:f5:17:53:1b:57:84:
e0:72:2f:94:76:dd:58:57:b3:2e:e3:7b:fc:af:33:
fb:d5:b4:ff:58:d3:66:c0:68:74:b2:0d:a0:6d:8b:
2b:12:74:25:65:a7:15:f7:83:bb:37:1f:70:65:36:
de:0e:80:2d:99:86:95:15:d5:2d:76:19:9d:30:18:
92:89:02:12:77:d5:d7:23:75:6d:a2:13:9f:3f:e8:
3a:6e:53:6b:04:34:c1:ca:2b:ea:d8:90:b4:85:f2:
65:84:b8:89:54:2f:ec:e1:08:22:b2:51:9a:2f:d2:
e8:d8:b9:da:62:a1:ae:b7:91:a0:3e:6a:f0:24:b3:
cd:b1:f8:bb:c1:94:6e:ad:f1:38:99:8e:4d:77:03:
a2:67:91:b3:11:ee:88:75:e7:89:75:e0:98:ca:34:
2e:46:41:c2:6a:6b:f0:cc:7a:3c:ea:b7:17:c6:13:
4f:56:af:6d:95:b5:29:0b:ea:f4:8e:67:2d:8d:a5:
66:ee:ec:74:c0:bd:81:82:87:0c:90:66:23:41:30:
45:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CA:7F:E5:74:B8:B8:4A:75:AB:DE:54:E9:94:5E:45:79:9A:A6:0E
X509v3 Authority Key Identifier:
keyid:42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/1-sp_5XS4uEp1q95U6ZReRXmapg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.147.0-37.220.151.255
Signature Algorithm: sha256WithRSAEncryption
b9:57:b9:7d:a0:f0:fa:ed:57:22:13:40:7d:ea:f6:6c:86:a8:
9b:99:9a:88:f9:67:07:2f:f3:6d:30:47:6b:70:01:d2:0e:7c:
a8:5b:47:91:a8:c5:c3:99:8d:be:5d:28:8e:de:5b:33:cf:dc:
f3:d7:a5:e1:f1:0d:f8:9d:1f:1e:34:51:aa:73:1b:b6:e6:00:
69:17:e2:7c:cf:a3:12:ca:00:a4:5c:6f:c8:1f:6c:24:6f:a9:
7e:55:c4:92:9a:64:b9:c5:07:98:82:0d:f3:bc:35:7e:6c:2f:
92:92:8c:b5:09:ae:8d:94:6e:f4:81:7a:af:98:85:06:a0:eb:
0d:75:1e:d3:f5:71:2e:56:fc:3d:3b:e6:76:b6:6e:aa:b5:79:
40:ab:df:06:06:bf:78:c0:41:06:a4:8a:44:3b:0c:cf:01:d0:
0d:71:44:93:81:f1:80:db:b9:3c:17:f3:9c:9a:49:d6:3f:a7:
5a:29:04:10:df:72:f3:1a:62:5f:bc:e9:2f:55:95:0e:90:22:
a7:21:49:5b:a5:13:35:d2:bc:4e:41:a3:6f:52:2d:31:b9:75:
21:ab:36:cf:7b:3e:58:39:99:f5:d4:68:44:2a:00:11:84:5f:
cb:86:b4:c2:6d:ba:0f:5a:77:8d:a0:12:4b:10:0e:33:2f:1f:
61:e5:82:31
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzDSJPWddNOj2Fnr2RDuyiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzQyNzIzYzFmNzViYTBiZTg5MzVjNzJmNjFiZmU1YzVm
NGNlM2MwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWNhN2ZlNTc0YjhiODRhNzVhYmRlNTRlOTk0NWU0NTc5OWFhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcnxII4JSovwGmFBIjfqv91vCo4v
9P7C/c6DGEKs0xSlFq0g8/WyGwOX0Jl90UW/Fw/1/n71F1MbV4Tgci+Udt1YV7Mu
43v8rzP71bT/WNNmwGh0sg2gbYsrEnQlZacV94O7Nx9wZTbeDoAtmYaVFdUtdhmd
MBiSiQISd9XXI3VtohOfP+g6blNrBDTByivq2JC0hfJlhLiJVC/s4QgislGaL9Lo
2LnaYqGut5GgPmrwJLPNsfi7wZRurfE4mY5NdwOiZ5GzEe6IdeeJdeCYyjQuRkHC
amvwzHo86rcXxhNPVq9tlbUpC+r0jmctjaVm7ux0wL2BgocMkGYjQTBFaQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPrKf+V0uLhKdaveVOmUXkV5mqYOMB8GA1UdIwQY
MBaAFELEJyPB91ugvok1xy9hv+XF9M48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAt
Yjk4YTY5MDFlYTEwLzEvMS1zcF81WFM0dUVwMXE5NVU2WlJlUlhtYXBnNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvYzU2NDE4LWQxZDYtNGI0My1hZWMwLWI5OGE2OTAxZWEx
MC8xL1FzUW5JOEgzVzZDLWlUWEhMMkdfNWNYMHpqdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAJdyT
AwQDJdyQMA0GCSqGSIb3DQEBCwUAA4IBAQC5V7l9oPD67VciE0B96vZshqibmZqI
+WcHL/NtMEdrcAHSDnyoW0eRqMXDmY2+XSiO3lszz9zz16Xh8Q34nR8eNFGqcxu2
5gBpF+J8z6MSygCkXG/IH2wkb6l+VcSSmmS5xQeYgg3zvDV+bC+Skoy1Ca6NlG70
gXqvmIUGoOsNdR7T9XEuVvw9O+Z2tm6qtXlAq98GBr94wEEGpIpEOwzPAdANcUST
gfGA27k8F/OcmknWP6daKQQQ33LzGmJfvOkvVZUOkCKnIUlbpRM10rxOQaNvUi0x
uXUhqzbPez5YOZn11GhEKgARhF/LhrTCbboPWneNoBJLEA4zLx9h5YIx
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:02:32 2024 by rpki-client on console-ams.rpki-client.org