Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/2KZsrz8bRkYDPfEn6bGZCMVrVdM.roa
File: 2KZsrz8bRkYDPfEn6bGZCMVrVdM.roa (raw, json)
Hash identifier: njUJvn97QjRWSQ8+xD/TfZBQ8GbtugaNZIhTjVKAvWM=
Subject key identifier: D8:A6:6C:AF:3F:1B:46:46:03:3D:F1:27:E9:B1:99:08:C5:6B:55:D3
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 0192788E04D71E631D6BEA79FE1AC7D6EFCD
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/2KZsrz8bRkYDPfEn6bGZCMVrVdM.roa
Signing time: Thu 10 Oct 2024 22:30:26 +0000
ROA not before: Thu 10 Oct 2024 22:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201080
IP address blocks: 37.60.155.0/24 maxlen: 24
37.60.156.0/23 maxlen: 24
37.60.157.0/24 maxlen: 24
37.60.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:78:8e:04:d7:1e:63:1d:6b:ea:79:fe:1a:c7:d6:ef:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Oct 10 22:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8a66caf3f1b4646033df127e9b19908c56b55d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:d6:e8:c8:71:bd:af:0f:f7:72:f2:65:67:
79:ea:2b:d5:77:17:d6:c8:b1:75:8d:49:ec:aa:cc:
26:0d:fc:f5:93:96:27:35:34:dd:d1:50:ee:87:e0:
8a:71:22:e7:f8:cb:e8:6f:a7:a0:09:90:49:32:06:
aa:c0:54:36:a1:e3:a7:c7:8e:7b:56:99:41:f9:67:
ed:7b:33:7f:95:0f:82:71:25:7a:13:ee:a3:c7:ee:
2e:72:81:ad:ce:2e:34:91:68:35:38:29:52:ae:a6:
fe:fa:8b:92:c1:9c:eb:36:f5:5c:54:6c:0f:e9:2b:
47:41:9b:3d:16:3f:b3:b6:96:69:af:7d:00:8d:97:
95:e4:80:b8:60:35:6c:84:f0:c0:a5:6d:b4:aa:53:
f1:9c:62:4a:c4:36:80:e3:9e:79:89:dd:2d:5e:a4:
f7:43:75:e3:74:26:51:b5:ab:6d:4a:32:5b:ea:36:
b2:65:15:f6:3f:91:12:0a:03:1b:dc:48:3c:20:6a:
3c:8a:60:c2:9b:61:3a:22:81:cb:3b:76:1d:56:a1:
b0:82:40:a3:c5:bb:64:c7:c5:67:71:3a:e4:cd:ca:
8d:5e:80:1f:c0:6a:19:f6:4f:98:44:ea:4e:64:33:
d3:91:30:9e:31:db:65:ab:c6:c4:7c:08:ac:49:7f:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A6:6C:AF:3F:1B:46:46:03:3D:F1:27:E9:B1:99:08:C5:6B:55:D3
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/2KZsrz8bRkYDPfEn6bGZCMVrVdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.155.0-37.60.158.255
Signature Algorithm: sha256WithRSAEncryption
66:e0:b3:6f:bc:47:d6:1d:a9:1c:77:d7:0f:42:29:2c:66:fd:
6d:24:b7:f6:f1:58:31:fe:3d:79:53:a6:99:65:2a:71:11:43:
88:b2:41:34:39:7a:03:f2:73:aa:70:6b:44:4c:cb:6a:ab:67:
3b:f1:b2:e7:81:5b:d8:37:fa:9c:85:48:5a:83:bd:27:c7:f6:
b9:66:aa:3f:84:8c:cd:48:c9:13:6f:c8:e5:65:5e:60:50:8b:
a7:71:27:a7:7b:ff:67:5e:00:d5:17:a4:82:77:f2:3c:00:82:
32:3b:89:12:46:1b:a5:48:14:eb:62:b6:8a:a0:41:fc:15:ca:
4a:e1:80:ab:16:90:24:d9:05:f4:8a:54:99:ac:bd:19:bd:20:
d1:c8:d4:d6:4e:eb:71:d8:d8:c8:3c:4a:aa:c9:d4:70:44:3e:
b9:c0:3d:52:0d:06:fa:44:f3:6e:c4:80:a6:14:b7:fd:d9:cb:
d5:c1:45:f1:c3:ad:30:60:b2:87:6d:8c:17:40:71:1e:f9:b4:
ce:26:33:39:3d:d1:bf:0d:e9:80:88:f4:a9:35:37:85:38:aa:
55:35:f7:e4:9a:e2:d4:20:60:f6:64:92:9a:91:1f:d8:0e:08:
70:ca:42:f5:52:02:b5:40:7a:8d:85:c8:ac:db:53:23:f1:ec:
be:5f:14:58
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ4jgTXHmMda+p5/hrH1u/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTMyZTQ0NWMyNGRlZDliODUyMTJkNDc5Yjg4MDA4MTY1
ZWJkYmEwHhcNMjQxMDEwMjIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE2NmNhZjNmMWI0NjQ2MDMzZGYxMjdlOWIxOTkwOGM1NmI1NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06zW6Mhxva8P93LyZWd56ivVdxfW
yLF1jUnsqswmDfz1k5YnNTTd0VDuh+CKcSLn+Mvob6egCZBJMgaqwFQ2oeOnx457
VplB+WftezN/lQ+CcSV6E+6jx+4ucoGtzi40kWg1OClSrqb++ouSwZzrNvVcVGwP
6StHQZs9Fj+ztpZpr30AjZeV5IC4YDVshPDApW20qlPxnGJKxDaA4555id0tXqT3
Q3XjdCZRtattSjJb6jayZRX2P5ESCgMb3Eg8IGo8imDCm2E6IoHLO3YdVqGwgkCj
xbtkx8VncTrkzcqNXoAfwGoZ9k+YROpOZDPTkTCeMdtlq8bEfAisSX+Q8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNimbK8/G0ZGAz3xJ+mxmQjFa1XTMB8GA1UdIwQY
MBaAFJSjLkRcJN7ZuFIS1Hm4gAgWXr26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODIt
ZTE0ODdhNTRjMWU1LzEvMktac3J6OGJSa1lEUGZFbjZiR1pDTVZyVmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODItZTE0ODdhNTRjMWU1
LzEvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlPJsD
BAAlPJ4wDQYJKoZIhvcNAQELBQADggEBAGbgs2+8R9YdqRx31w9CKSxm/W0kt/bx
WDH+PXlTppllKnERQ4iyQTQ5egPyc6pwa0RMy2qrZzvxsueBW9g3+pyFSFqDvSfH
9rlmqj+EjM1IyRNvyOVlXmBQi6dxJ6d7/2deANUXpIJ38jwAgjI7iRJGG6VIFOti
toqgQfwVykrhgKsWkCTZBfSKVJmsvRm9INHI1NZO63HY2Mg8SqrJ1HBEPrnAPVIN
BvpE827EgKYUt/3Zy9XBRfHDrTBgsodtjBdAcR75tM4mMzk90b8N6YCI9Kk1N4U4
qlU19+Sa4tQgYPZkkpqRH9gOCHDKQvVSArVAeo2FyKzbUyPx7L5fFFg=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:35 2024 by rpki-client on console-fra.rpki-client.org