Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/dWvBcWemXfZV3odBZBR1G4rg6KM.roa
File: dWvBcWemXfZV3odBZBR1G4rg6KM.roa (raw, json)
Hash identifier: ths+9p0W3ZtpT7Dxl6F25w1KF9Uzw0zMNF+ZgYw+RJU=
Subject key identifier: 75:6B:C1:71:67:A6:5D:F6:55:DE:87:41:64:14:75:1B:8A:E0:E8:A3
Certificate issuer: /CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Certificate serial: 018CC4250BF2308AD87412A4656657E71D91
Authority key identifier: A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/dWvBcWemXfZV3odBZBR1G4rg6KM.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203216
IP address blocks: 185.137.88.0/22 maxlen: 24
185.137.88.0/24 maxlen: 24
185.137.91.0/24 maxlen: 24
185.137.90.0/24 maxlen: 24
185.137.89.0/24 maxlen: 24
2a07:3300::/29 maxlen: 48
2a07:3300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0b:f2:30:8a:d8:74:12:a4:65:66:57:e7:1d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756bc17167a65df655de87416414751b8ae0e8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:09:7e:df:16:3d:d9:4a:78:13:01:e3:37:
62:08:dc:c8:55:d4:02:d6:fe:20:24:63:58:b2:41:
f9:28:b6:73:8b:6d:10:9d:f4:3e:39:77:62:71:33:
c3:5d:bd:d3:39:02:a0:b1:9c:09:07:83:2d:1c:29:
bd:e7:3a:db:a8:1e:82:f6:4a:1d:57:6c:7a:4a:37:
61:ba:99:0a:86:72:cc:e3:fa:f2:08:a2:b0:2c:16:
b3:a2:a1:41:cc:7e:ec:3f:39:74:c0:0e:9f:e7:85:
2f:9e:d0:57:68:13:d0:ee:3e:eb:a3:e3:c9:89:d6:
de:88:9b:3e:dc:5f:31:90:61:92:f1:1f:bb:92:ab:
16:e9:f5:ee:27:17:3e:9b:11:c0:66:66:90:97:d0:
03:d0:b8:70:2d:f8:2e:03:4f:ed:ad:af:44:9f:c1:
9c:eb:b5:6d:d9:5f:c6:51:6b:24:49:24:48:bc:23:
83:f6:78:3c:e8:b2:15:7e:21:a1:de:04:be:af:5f:
8c:c4:ef:b5:bd:18:b7:5d:de:1e:9e:64:c5:09:53:
6f:1b:29:c9:4f:d3:82:3b:dc:6d:31:eb:e5:f6:7a:
df:5b:41:9a:14:5f:5d:8e:e1:c0:b1:46:d1:e1:81:
81:a2:95:74:91:33:71:50:bc:fa:14:f1:86:5f:cd:
1c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6B:C1:71:67:A6:5D:F6:55:DE:87:41:64:14:75:1B:8A:E0:E8:A3
X509v3 Authority Key Identifier:
keyid:A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/dWvBcWemXfZV3odBZBR1G4rg6KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.88.0/22
IPv6:
2a07:3300::/29
Signature Algorithm: sha256WithRSAEncryption
ae:20:4b:11:15:20:c3:13:21:05:84:af:40:9f:57:20:ea:61:
39:15:d8:be:01:c4:fd:0a:33:c0:51:38:e8:9e:96:37:60:b4:
30:bc:7f:5a:61:bb:a5:4f:ff:16:bb:16:4f:4c:94:ce:0a:f8:
4a:03:47:d2:81:0d:ee:85:5d:a5:7a:75:ba:9e:70:53:c3:30:
a1:ae:fc:c1:21:75:0c:7c:bd:fc:dc:3f:2d:f0:08:8e:75:27:
af:2e:dd:02:28:38:f0:6c:60:a4:fe:71:41:ab:e1:d9:8a:40:
25:93:9b:08:48:51:91:26:57:d1:da:26:45:f4:75:fd:36:b2:
3f:4f:1a:6d:e0:bd:26:ba:dc:10:68:c4:95:65:30:20:8e:2a:
2b:8e:c6:33:c3:ad:e0:e1:a9:65:ef:c4:11:3d:25:f5:42:a3:
d8:d4:b7:3d:2e:c2:47:7e:f9:11:c6:54:9e:cc:ba:22:c0:d7:
c7:f9:42:28:d6:49:53:c7:3e:58:c9:ab:07:ce:b9:10:cc:04:
8c:ea:f8:28:93:ad:4f:eb:01:55:9c:0a:c3:ba:9c:40:eb:4a:
19:b2:5e:8c:86:0a:c8:92:ac:ff:4e:31:43:41:27:e8:13:87:
b7:14:9c:92:68:7d:cb:8e:86:59:2e:a1:22:04:7b:a1:dd:b1:
7c:d6:3e:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJQvyMIrYdBKkZWZX5x2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODQ0MDllNWMxODNiYmNjMzE1MzVmNGM3ZWVlNDc4MmNk
NjdiZTMwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZiYzE3MTY3YTY1ZGY2NTVkZTg3NDE2NDE0NzUxYjhhZTBlOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7AJft8WPdlKeBMB4zdiCNzIVdQC
1v4gJGNYskH5KLZzi20QnfQ+OXdicTPDXb3TOQKgsZwJB4MtHCm95zrbqB6C9kod
V2x6SjdhupkKhnLM4/ryCKKwLBazoqFBzH7sPzl0wA6f54UvntBXaBPQ7j7ro+PJ
idbeiJs+3F8xkGGS8R+7kqsW6fXuJxc+mxHAZmaQl9AD0LhwLfguA0/tra9En8Gc
67Vt2V/GUWskSSRIvCOD9ng86LIVfiGh3gS+r1+MxO+1vRi3Xd4enmTFCVNvGynJ
T9OCO9xtMevl9nrfW0GaFF9djuHAsUbR4YGBopV0kTNxULz6FPGGX80c0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHVrwXFnpl32Vd6HQWQUdRuK4OijMB8GA1UdIwQY
MBaAFKGEQJ5cGDu8wxU19Mfu5Hgs1nvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2It
YzJiN2NmZjA2NjFjLzEvZFd2QmNXZW1YZlpWM29kQlpCUjFHNHJnNktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2ItYzJiN2NmZjA2NjFj
LzEvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYlYMA0E
AgACMAcDBQMqBzMAMA0GCSqGSIb3DQEBCwUAA4IBAQCuIEsRFSDDEyEFhK9An1cg
6mE5Fdi+AcT9CjPAUTjonpY3YLQwvH9aYbulT/8WuxZPTJTOCvhKA0fSgQ3uhV2l
enW6nnBTwzChrvzBIXUMfL383D8t8AiOdSevLt0CKDjwbGCk/nFBq+HZikAlk5sI
SFGRJlfR2iZF9HX9NrI/Txpt4L0mutwQaMSVZTAgjiorjsYzw63g4all78QRPSX1
QqPY1Lc9LsJHfvkRxlSezLoiwNfH+UIo1klTxz5YyasHzrkQzASM6vgok61P6wFV
nArDupxA60oZsl6MhgrIkqz/TjFDQSfoE4e3FJySaH3LjoZZLqEiBHuh3bF81j7E
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:08:46 2024 by rpki-client on console-ams.rpki-client.org