Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Rw_EesXyvQZZNO-MCMnSGkNQrYY.roa
File: Rw_EesXyvQZZNO-MCMnSGkNQrYY.roa (raw, json)
Hash identifier: GgBl+gsGUkdhCD3DmLc2iKsb4H7C0ljO4ybG7RQj27I=
Subject key identifier: 47:0F:C4:7A:C5:F2:BD:06:59:34:EF:8C:08:C9:D2:1A:43:50:AD:86
Certificate issuer: /CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Certificate serial: 018CC424E29F4273E935E5AE45D5B7E3FA38
Authority key identifier: 85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Rw_EesXyvQZZNO-MCMnSGkNQrYY.roa
Signing time: Mon 01 Jan 2024 08:30:00 +0000
ROA not before: Mon 01 Jan 2024 08:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49974
IP address blocks: 185.18.0.0/22 maxlen: 22
37.35.96.0/22 maxlen: 22
37.35.101.0/24 maxlen: 24
37.35.103.0/24 maxlen: 24
37.35.100.0/24 maxlen: 24
37.35.102.0/24 maxlen: 24
213.5.32.0/21 maxlen: 21
45.157.164.0/22 maxlen: 22
2a00:9540::/32 maxlen: 32
2001:67c:238::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e2:9f:42:73:e9:35:e5:ae:45:d5:b7:e3:fa:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Validity
Not Before: Jan 1 08:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=470fc47ac5f2bd065934ef8c08c9d21a4350ad86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:e4:ae:33:f9:d6:5d:4f:10:9e:8a:22:4c:
84:18:a6:ce:f2:33:70:b0:f6:7e:a2:8f:8c:f8:f2:
d5:55:b2:97:bc:bf:85:bd:45:c6:e3:21:68:df:1f:
d0:e7:35:d4:d4:30:b0:ee:af:bb:e1:fa:d5:db:25:
cf:39:53:54:b6:a3:37:d3:89:4f:de:6e:60:cb:83:
32:e0:b8:7a:b0:94:a6:90:c4:3a:c3:b9:53:65:2c:
3f:1e:bf:f9:55:ab:48:bd:a9:74:d4:15:43:14:83:
38:f0:5e:85:b9:3d:29:16:e3:48:ca:a0:32:3c:18:
ec:81:0d:f3:9f:31:19:67:8d:f9:ec:ce:fa:41:75:
3d:73:9a:55:f9:04:dd:ed:e3:3a:ed:10:1d:63:0b:
22:19:bb:52:ca:cd:8f:a4:e1:3c:a3:46:76:f3:a6:
f3:be:34:6d:f4:98:63:8a:9e:31:c7:ce:24:b2:a4:
ca:ac:e4:19:31:29:92:b1:74:3d:f5:d9:8d:5a:56:
7d:01:c3:53:0f:c0:82:8d:52:d6:a4:6a:b7:f7:03:
b5:72:92:80:c5:d4:be:30:0a:b4:52:90:3a:b6:25:
76:cd:70:d2:eb:64:26:27:cb:d6:c0:e2:1f:d2:94:
99:3c:1a:80:26:47:ae:b4:a8:e8:9a:da:a0:6e:a2:
ba:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0F:C4:7A:C5:F2:BD:06:59:34:EF:8C:08:C9:D2:1A:43:50:AD:86
X509v3 Authority Key Identifier:
keyid:85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/Rw_EesXyvQZZNO-MCMnSGkNQrYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.96.0/21
45.157.164.0/22
185.18.0.0/22
213.5.32.0/21
IPv6:
2001:67c:238::/48
2a00:9540::/32
Signature Algorithm: sha256WithRSAEncryption
d4:d7:65:5a:c5:a6:45:9d:ab:79:0f:c2:ed:d6:16:0a:31:56:
1b:a2:2c:41:48:bb:73:1b:2e:d5:74:2b:57:f7:7f:81:fa:95:
58:92:1c:15:41:88:36:f4:b0:ce:0c:df:99:5a:c3:f5:09:d6:
7c:82:da:0b:56:2b:a5:68:85:89:ac:57:31:02:cc:8d:18:56:
6a:ea:64:9e:a8:9c:c1:85:c6:1f:9e:b1:81:ca:2f:4f:4f:e2:
12:df:bc:d6:6f:c3:fe:96:f7:9f:64:87:89:2d:ca:6f:42:29:
46:32:bd:64:c5:fd:c3:56:1c:01:61:1f:6f:95:4b:61:58:92:
ea:af:76:fa:de:ac:ea:c8:1b:5c:2c:d9:ec:d2:59:4d:fc:62:
08:b8:d7:70:b9:e0:df:15:7e:76:06:2f:e9:62:e8:09:68:f5:
cb:59:b2:41:97:c2:5f:35:26:71:32:89:24:17:75:1b:57:2f:
8f:48:3d:d8:b7:d8:98:9d:31:b8:6a:e9:36:71:47:99:00:85:
1e:bf:1d:21:fc:b6:d8:06:67:d7:20:c6:41:29:69:4c:5f:d8:
8f:6b:59:a9:2b:c9:60:c7:88:76:47:b6:0c:31:76:2f:76:a2:
4a:e7:ff:1b:5c:76:3b:a4:d6:7b:bf:c7:cc:f0:b1:ff:5e:d7:
1d:4d:c3:6c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzEJOKfQnPpNeWuRdW34/o4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjkxOWEzZmViMGVjOTY2Mjk5ZmYwZmFlOGRlZmNiNDE1
ZTIyZmUwHhcNMjQwMTAxMDgzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBmYzQ3YWM1ZjJiZDA2NTkzNGVmOGMwOGM5ZDIxYTQzNTBhZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OrkrjP51l1PEJ6KIkyEGKbO8jNw
sPZ+oo+M+PLVVbKXvL+FvUXG4yFo3x/Q5zXU1DCw7q+74frV2yXPOVNUtqM304lP
3m5gy4My4Lh6sJSmkMQ6w7lTZSw/Hr/5VatIval01BVDFIM48F6FuT0pFuNIyqAy
PBjsgQ3znzEZZ4357M76QXU9c5pV+QTd7eM67RAdYwsiGbtSys2PpOE8o0Z286bz
vjRt9Jhjip4xx84ksqTKrOQZMSmSsXQ99dmNWlZ9AcNTD8CCjVLWpGq39wO1cpKA
xdS+MAq0UpA6tiV2zXDS62QmJ8vWwOIf0pSZPBqAJkeutKjomtqgbqK6mQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEcPxHrF8r0GWTTvjAjJ0hpDUK2GMB8GA1UdIwQY
MBaAFIW5GaP+sOyWYpn/D66N78tBXiL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEt
NDdkYzA4ZDdlM2JhLzEvUndfRWVzWHl2UVpaTk8tTUNNblNHa05RcllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEtNDdkYzA4ZDdlM2Jh
LzEvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDJSNgAwQC
LZ2kAwQCuRIAAwQD1QUgMBYEAgACMBADBwAgAQZ8AjgDBQAqAJVAMA0GCSqGSIb3
DQEBCwUAA4IBAQDU12VaxaZFnat5D8Lt1hYKMVYboixBSLtzGy7VdCtX93+B+pVY
khwVQYg29LDODN+ZWsP1CdZ8gtoLViulaIWJrFcxAsyNGFZq6mSeqJzBhcYfnrGB
yi9PT+IS37zWb8P+lvefZIeJLcpvQilGMr1kxf3DVhwBYR9vlUthWJLqr3b63qzq
yBtcLNns0llN/GIIuNdwueDfFX52Bi/pYugJaPXLWbJBl8JfNSZxMokkF3UbVy+P
SD3Yt9iYnTG4auk2cUeZAIUevx0h/LbYBmfXIMZBKWlMX9iPa1mpK8lgx4h2R7YM
MXYvdqJK5/8bXHY7pNZ7v8fM8LH/XtcdTcNs
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:31:20 2024 by rpki-client on console-ams.rpki-client.org