Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/c1mJTzKq1m2EBAr92I-nges1Di4.roa
File: c1mJTzKq1m2EBAr92I-nges1Di4.roa (raw, json)
Hash identifier: i1n9Y7VZ80hK4Lc1aErif8j8W+hz5/EhhxzfXPDeEMQ=
Subject key identifier: 73:59:89:4F:32:AA:D6:6D:84:04:0A:FD:D8:8F:A7:81:EB:35:0E:2E
Certificate issuer: /CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Certificate serial: 0194228E114A2ADACDB8B857CF9D5223E403
Authority key identifier: 42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/c1mJTzKq1m2EBAr92I-nges1Di4.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34430
IP address blocks: 37.220.144.0/23 maxlen: 24
37.220.146.0/24 maxlen: 24
45.145.196.0/22 maxlen: 24
81.18.240.0/20 maxlen: 24
188.95.168.0/21 maxlen: 24
193.43.89.0/24 maxlen: 24
195.242.96.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Jan 2025 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:11:4a:2a:da:cd:b8:b8:57:cf:9d:52:23:e4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7359894f32aad66d84040afdd88fa781eb350e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f2:96:ca:32:f3:cc:03:59:5b:ab:dc:73:d3:
4e:37:26:3b:92:b3:56:c7:16:06:08:c7:63:ee:31:
a8:8f:db:a6:e7:78:72:df:3f:ec:c8:6d:53:54:d1:
fc:db:4e:19:f5:2e:01:9f:ff:a3:f2:35:cc:8a:bb:
79:e6:a4:73:6b:f9:f4:0d:dd:74:e3:03:d7:10:0c:
9e:47:43:1a:a3:46:ee:96:72:df:47:95:32:5c:20:
57:d7:ef:6b:04:e2:78:8e:c0:4c:7b:61:35:cd:1e:
34:a3:07:f3:e0:36:97:0a:da:e3:58:ae:25:6c:8b:
70:dc:64:ea:cb:eb:a0:cd:13:9a:11:d3:c6:fd:6a:
a9:0c:43:06:44:91:e0:6f:5f:08:f3:87:34:a4:06:
eb:4f:62:d1:77:d1:3e:96:1e:39:b1:87:01:f9:7f:
89:4a:23:6a:3d:ba:3e:b3:04:d7:6a:cf:61:44:47:
c7:47:7f:64:89:b6:36:0b:3e:0c:4a:9f:c6:da:4e:
8f:8f:b7:f9:1b:b1:ef:03:cb:9a:32:8a:8b:67:b4:
0d:04:fe:70:b1:69:16:36:19:b0:03:6e:d5:27:df:
93:50:3b:9e:53:43:c9:86:58:69:73:cf:aa:41:42:
c4:bf:2e:46:26:cc:09:94:ab:67:fe:e9:ba:24:c4:
7c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:59:89:4F:32:AA:D6:6D:84:04:0A:FD:D8:8F:A7:81:EB:35:0E:2E
X509v3 Authority Key Identifier:
keyid:42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/c1mJTzKq1m2EBAr92I-nges1Di4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.144.0-37.220.146.255
45.145.196.0/22
81.18.240.0/20
188.95.168.0/21
193.43.89.0/24
195.242.96.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:15:b3:70:50:86:81:8e:39:cb:18:8d:a8:15:8a:da:3f:87:
35:5c:29:64:f1:a5:6e:8b:51:3b:13:94:01:87:5f:91:28:a5:
fd:47:d7:70:aa:a8:87:e6:89:b2:1d:13:43:be:13:e1:c3:ae:
eb:f5:5b:dd:9f:5a:3b:f2:6c:54:86:42:57:d6:e2:21:a5:13:
fc:1a:93:6d:7d:b9:2b:6b:cc:12:83:fe:cb:03:0b:da:20:fe:
9c:08:98:43:ef:fc:f2:cb:ec:d7:96:44:8a:ea:cf:84:c0:f8:
b1:7f:49:be:26:4b:02:91:8c:05:97:c2:e7:23:f7:44:57:3f:
b9:b1:88:de:9a:eb:3a:0d:b1:92:4e:a1:e4:11:b9:8b:8a:ee:
5a:a0:e5:60:3d:ee:e1:a5:be:a5:c3:0c:a1:d3:5c:a9:90:7e:
9b:46:08:b6:46:8a:0d:b8:80:3c:18:ed:e4:5b:d1:19:45:cb:
64:0e:a8:45:d2:9c:bc:61:d6:d0:23:7b:eb:4e:72:87:0c:00:
fc:c4:7e:22:f5:35:b4:5f:fd:18:b9:58:ed:f0:1c:db:c1:7e:
3e:46:8f:48:09:6e:ac:88:2d:3d:a9:dd:82:f8:00:e1:3b:cf:
d4:bc:18:70:76:27:fb:55:1f:41:4d:5f:a1:12:2e:02:d3:05:
b8:15:82:e0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQijhFKKtrNuLhXz51SI+QDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzQyNzIzYzFmNzViYTBiZTg5MzVjNzJmNjFiZmU1YzVm
NGNlM2MwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU5ODk0ZjMyYWFkNjZkODQwNDBhZmRkODhmYTc4MWViMzUwZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvKWyjLzzANZW6vcc9NONyY7krNW
xxYGCMdj7jGoj9um53hy3z/syG1TVNH8204Z9S4Bn/+j8jXMirt55qRza/n0Dd10
4wPXEAyeR0Mao0bulnLfR5UyXCBX1+9rBOJ4jsBMe2E1zR40owfz4DaXCtrjWK4l
bItw3GTqy+ugzROaEdPG/WqpDEMGRJHgb18I84c0pAbrT2LRd9E+lh45sYcB+X+J
SiNqPbo+swTXas9hREfHR39kibY2Cz4MSp/G2k6Pj7f5G7HvA8uaMoqLZ7QNBP5w
sWkWNhmwA27VJ9+TUDueU0PJhlhpc8+qQULEvy5GJswJlKtn/um6JMR8jwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHNZiU8yqtZthAQK/diPp4HrNQ4uMB8GA1UdIwQY
MBaAFELEJyPB91ugvok1xy9hv+XF9M48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAt
Yjk4YTY5MDFlYTEwLzEvYzFtSlR6S3ExbTJFQkFyOTJJLW5nZXMxRGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAtYjk4YTY5MDFlYTEw
LzEvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAQl3JAD
BAAl3JIDBAItkcQDBARREvADBAO8X6gDBADBK1kDBAHD8mAwDQYJKoZIhvcNAQEL
BQADggEBAAsVs3BQhoGOOcsYjagVito/hzVcKWTxpW6LUTsTlAGHX5Eopf1H13Cq
qIfmibIdE0O+E+HDruv1W92fWjvybFSGQlfW4iGlE/wak219uStrzBKD/ssDC9og
/pwImEPv/PLL7NeWRIrqz4TA+LF/Sb4mSwKRjAWXwucj90RXP7mxiN6a6zoNsZJO
oeQRuYuK7lqg5WA97uGlvqXDDKHTXKmQfptGCLZGig24gDwY7eRb0RlFy2QOqEXS
nLxh1tAje+tOcocMAPzEfiL1NbRf/Ri5WO3wHNvBfj5Gj0gJbqyILT2p3YL4AOE7
z9S8GHB2J/tVH0FNX6ESLgLTBbgVguA=
-----END CERTIFICATE-----
Generated at Thu Jan 30 21:51:03 2025 by rpki-client on console-fra.rpki-client.org