Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/A25Eao0n0mXKM9cUeQZ6Tz53Qjc.roa
File: A25Eao0n0mXKM9cUeQZ6Tz53Qjc.roa (raw, json)
Hash identifier: 6pzs7czlf+Zi8Gx3vnVsa7WBG1Go/E0eb+i6NUMxsEI=
Subject key identifier: 03:6E:44:6A:8D:27:D2:65:CA:33:D7:14:79:06:7A:4F:3E:77:42:37
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A383D9D1AAE69C52FB3063D20F5D0
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/A25Eao0n0mXKM9cUeQZ6Tz53Qjc.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 176.221.16.0/22 maxlen: 24
37.128.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:3d:9d:1a:ae:69:c5:2f:b3:06:3d:20:f5:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=036e446a8d27d265ca33d71479067a4f3e774237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6f:2f:7e:a5:da:19:52:ea:ec:63:3a:36:10:
2b:0b:aa:ce:e5:72:43:d5:90:aa:11:56:0d:8d:1b:
f8:d7:f1:92:fc:44:d3:00:ec:cf:92:13:ec:16:c1:
c3:4e:f4:23:3d:d0:ff:6f:9d:dd:9d:5a:a4:d9:64:
2e:fd:37:47:05:a5:e6:e4:49:df:57:7c:76:be:cb:
2e:c6:42:6e:b3:7f:2c:fc:78:71:b6:7f:1a:70:83:
10:dd:07:1a:0b:4a:1e:ae:41:42:a4:47:ec:2a:84:
b8:cd:83:dc:53:33:7e:0c:93:f3:db:37:b0:ce:9b:
77:39:25:09:e0:36:3a:c5:2a:56:6e:de:9c:7d:42:
70:05:04:8f:1b:f9:3d:7c:d8:55:cb:78:35:55:95:
fc:6c:2a:78:11:b6:54:be:92:fd:bf:a4:1e:a4:22:
80:02:46:57:96:b8:5c:24:44:ef:49:53:61:44:79:
e3:8a:69:d2:3e:77:ba:ef:36:29:fd:a1:62:85:0a:
8d:63:fa:e8:89:e4:e4:94:14:31:1e:ae:92:14:9c:
98:54:a4:10:37:81:9d:ce:e7:23:1c:3e:39:61:21:
c6:ec:01:ac:9e:09:46:df:35:bf:d7:08:33:3c:35:
7b:d5:ed:d4:58:6a:26:33:13:81:08:e6:91:35:8b:
a7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6E:44:6A:8D:27:D2:65:CA:33:D7:14:79:06:7A:4F:3E:77:42:37
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/A25Eao0n0mXKM9cUeQZ6Tz53Qjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.250.0/23
176.221.16.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:2a:2b:71:25:a4:48:5b:a0:37:55:1e:13:ed:9e:2b:f1:0e:
ab:bf:5a:f8:60:1a:7b:77:b8:bf:00:e6:64:ee:2c:b9:38:51:
a6:4e:50:e0:ba:bf:2d:6c:14:fa:6a:35:9c:f6:84:c3:b2:61:
49:3d:80:cf:26:d2:6a:cb:61:5d:75:9f:50:d4:5c:30:fe:d9:
8b:3d:1f:e6:0d:4b:ef:c9:5d:b3:2d:6b:48:50:d9:0c:12:5b:
26:15:fa:f2:ea:4d:2b:c9:9d:75:5a:d9:5a:fc:eb:1d:50:4b:
e4:b4:b7:27:0e:67:b6:49:46:d9:2c:03:2f:31:82:70:14:76:
93:2f:0f:95:2b:e2:1e:0f:49:05:8d:f2:a0:60:b8:69:8c:d4:
2c:63:e5:26:89:95:ac:43:74:74:bc:31:21:6b:bd:3e:e4:35:
ea:fa:24:69:17:93:b4:e8:7a:56:35:91:e6:c9:fb:70:e7:5d:
d4:8b:56:47:a7:8c:d3:6e:84:dc:11:5a:06:7e:2d:1c:36:17:
d9:11:75:0e:bd:27:db:ea:34:cc:75:e6:6a:3f:67:66:2a:cc:
ad:ee:e7:72:fb:92:dd:95:cc:02:44:6c:c3:cd:c5:81:db:1d:
81:5a:43:b9:cf:2c:05:b3:ea:5d:37:62:e7:ad:86:a4:fe:16:
46:8c:fa:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKjg9nRquacUvswY9IPXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzZlNDQ2YThkMjdkMjY1Y2EzM2Q3MTQ3OTA2N2E0ZjNlNzc0MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm8vfqXaGVLq7GM6NhArC6rO5XJD
1ZCqEVYNjRv41/GS/ETTAOzPkhPsFsHDTvQjPdD/b53dnVqk2WQu/TdHBaXm5Enf
V3x2vssuxkJus38s/Hhxtn8acIMQ3QcaC0oerkFCpEfsKoS4zYPcUzN+DJPz2zew
zpt3OSUJ4DY6xSpWbt6cfUJwBQSPG/k9fNhVy3g1VZX8bCp4EbZUvpL9v6QepCKA
AkZXlrhcJETvSVNhRHnjimnSPne67zYp/aFihQqNY/roieTklBQxHq6SFJyYVKQQ
N4GdzucjHD45YSHG7AGsnglG3zW/1wgzPDV71e3UWGomMxOBCOaRNYuntwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFANuRGqNJ9JlyjPXFHkGek8+d0I3MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQTI1RWFvMG4wbVhLTTljVWVRWjZUejUzUWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJYD6AwQC
sN0QMA0GCSqGSIb3DQEBCwUAA4IBAQCxKitxJaRIW6A3VR4T7Z4r8Q6rv1r4YBp7
d7i/AOZk7iy5OFGmTlDgur8tbBT6ajWc9oTDsmFJPYDPJtJqy2FddZ9Q1Fww/tmL
PR/mDUvvyV2zLWtIUNkMElsmFfry6k0ryZ11Wtla/OsdUEvktLcnDme2SUbZLAMv
MYJwFHaTLw+VK+IeD0kFjfKgYLhpjNQsY+UmiZWsQ3R0vDEha70+5DXq+iRpF5O0
6HpWNZHmyftw513Ui1ZHp4zTboTcEVoGfi0cNhfZEXUOvSfb6jTMdeZqP2dmKsyt
7udy+5LdlcwCRGzDzcWB2x2BWkO5zywFs+pdN2LnrYak/hZGjPrR
-----END CERTIFICATE-----
Generated at Sun May 19 23:42:49 2024 by rpki-client on console-fra.rpki-client.org