Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/iB7p7qisjKLBMxluAB3a4yfcmAI.roa
File: iB7p7qisjKLBMxluAB3a4yfcmAI.roa (raw, json)
Hash identifier: uPQMWukXmZvhpXDKmOgiD3uznE98brnU0n3rMEIddkc=
Subject key identifier: 88:1E:E9:EE:A8:AC:8C:A2:C1:33:19:6E:00:1D:DA:E3:27:DC:98:02
Certificate issuer: /CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Certificate serial: 0193276C4FB70385E07E962E5070156A4E1A
Authority key identifier: 92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/iB7p7qisjKLBMxluAB3a4yfcmAI.roa
Signing time: Wed 13 Nov 2024 21:27:09 +0000
ROA not before: Wed 13 Nov 2024 21:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41268
IP address blocks: 37.235.128.0/17 maxlen: 24
93.186.96.0/20 maxlen: 24
185.140.160.0/22 maxlen: 22
193.203.60.0/22 maxlen: 24
2a03:2c00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:27:6c:4f:b7:03:85:e0:7e:96:2e:50:70:15:6a:4e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Validity
Not Before: Nov 13 21:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=881ee9eea8ac8ca2c133196e001ddae327dc9802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:52:5c:9a:bd:04:8e:b9:3e:00:9f:22:70:c4:
71:69:b8:5c:2c:e3:eb:e3:d8:19:43:69:d1:ca:45:
b9:38:94:45:3f:75:a7:e9:85:b8:85:3f:ee:2d:8a:
04:a2:70:be:1d:fd:7c:b6:93:a5:44:79:ae:51:f7:
8a:fd:d8:13:3c:42:2f:f8:94:60:e7:1b:ac:78:5a:
3a:79:c9:cc:41:47:62:a7:03:85:44:6e:25:32:b9:
d3:b4:78:c3:db:57:7e:63:c5:3d:6d:3e:57:ed:64:
68:fc:b5:c2:c0:f9:60:25:05:dd:fa:d1:43:1e:71:
ce:b7:0f:af:6b:85:67:84:fc:20:36:b1:86:e6:d4:
7b:4a:a5:85:dd:41:2a:d8:ed:7e:43:51:0f:3b:0c:
f7:b8:79:c1:0b:27:e4:18:d3:18:08:82:b7:48:29:
cb:c3:7a:1f:69:d2:09:d5:4e:5a:a1:6e:d7:1c:ba:
07:17:1c:de:81:bc:73:c6:dd:73:b9:65:81:6a:3e:
cf:cc:c1:6a:ab:2c:8a:30:14:48:59:41:d5:98:27:
7a:d9:2c:92:41:87:98:3c:d5:83:28:5f:de:a8:41:
e1:fc:bc:6a:99:fb:46:d8:99:8d:c8:77:fe:20:03:
12:ee:53:6c:5f:1b:5e:d2:a4:a6:0a:5b:d5:c7:6f:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1E:E9:EE:A8:AC:8C:A2:C1:33:19:6E:00:1D:DA:E3:27:DC:98:02
X509v3 Authority Key Identifier:
keyid:92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/iB7p7qisjKLBMxluAB3a4yfcmAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.128.0/17
93.186.96.0/20
185.140.160.0/22
193.203.60.0/22
IPv6:
2a03:2c00::/32
Signature Algorithm: sha256WithRSAEncryption
06:af:66:96:d3:9a:7b:6c:e7:82:3c:65:1f:6b:01:08:9c:fb:
a0:00:c1:8f:b0:01:24:98:c8:46:3d:70:dd:3f:85:bd:f2:7c:
c4:75:24:08:88:eb:28:43:0e:1e:dc:b6:02:3b:44:f4:2c:2e:
d3:30:9a:0f:c7:a8:b5:12:50:fb:ee:d1:69:ab:ff:e2:f7:3a:
85:9a:f1:1c:62:f6:93:d7:40:d4:82:4c:94:f0:62:6e:b8:e6:
ad:19:cb:c9:69:e3:ef:59:f2:0a:66:d2:14:7e:03:07:ac:0b:
d3:d7:a4:fc:ff:f2:85:35:70:74:f7:fd:ba:0a:5e:8b:69:68:
8b:07:3c:65:f6:a9:4b:1a:72:5b:45:13:65:16:b5:a0:33:60:
80:4a:ea:64:a6:fd:03:a4:c7:56:f2:c8:89:e0:d4:87:1e:5c:
9e:1c:e3:02:39:c5:56:9e:d7:e9:9d:ac:60:78:a6:85:8a:8f:
b4:43:6b:40:79:ba:2c:ac:f8:ef:95:5d:ea:a4:b9:be:bf:4b:
6b:64:15:59:0d:3e:8a:29:e7:31:e0:12:b8:01:55:b8:cf:6c:
ef:7b:a9:ad:20:f4:2b:65:92:a1:42:84:90:fd:f6:7a:8d:a7:
ea:89:ac:21:af:83:3d:66:f8:2a:1b:e5:55:47:1b:39:36:d5:
64:5d:c0:ef
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZMnbE+3A4XgfpYuUHAVak4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjk2ZTMwNDg3YmE5NDYzZTRiNmFkYzgxYWI3ZGE2NDdj
MzlmZTcwHhcNMjQxMTEzMjEyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFlZTllZWE4YWM4Y2EyYzEzMzE5NmUwMDFkZGFlMzI3ZGM5ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlJcmr0Ejrk+AJ8icMRxabhcLOPr
49gZQ2nRykW5OJRFP3Wn6YW4hT/uLYoEonC+Hf18tpOlRHmuUfeK/dgTPEIv+JRg
5xuseFo6ecnMQUdipwOFRG4lMrnTtHjD21d+Y8U9bT5X7WRo/LXCwPlgJQXd+tFD
HnHOtw+va4VnhPwgNrGG5tR7SqWF3UEq2O1+Q1EPOwz3uHnBCyfkGNMYCIK3SCnL
w3ofadIJ1U5aoW7XHLoHFxzegbxzxt1zuWWBaj7PzMFqqyyKMBRIWUHVmCd62SyS
QYeYPNWDKF/eqEHh/LxqmftG2JmNyHf+IAMS7lNsXxte0qSmClvVx2/TtwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIge6e6orIyiwTMZbgAd2uMn3JgCMB8GA1UdIwQY
MBaAFJIpbjBIe6lGPktq3IGrfaZHw5/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQt
MGQxMTY0ZGFhMWU0LzEvaUI3cDdxaXNqS0xCTXhsdUFCM2E0eWZjbUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQtMGQxMTY0ZGFhMWU0
LzEva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHJeuAAwQE
XbpgAwQCuYygAwQCwcs8MA0EAgACMAcDBQAqAywAMA0GCSqGSIb3DQEBCwUAA4IB
AQAGr2aW05p7bOeCPGUfawEInPugAMGPsAEkmMhGPXDdP4W98nzEdSQIiOsoQw4e
3LYCO0T0LC7TMJoPx6i1ElD77tFpq//i9zqFmvEcYvaT10DUgkyU8GJuuOatGcvJ
aePvWfIKZtIUfgMHrAvT16T8//KFNXB09/26Cl6LaWiLBzxl9qlLGnJbRRNlFrWg
M2CASupkpv0DpMdW8siJ4NSHHlyeHOMCOcVWntfpnaxgeKaFio+0Q2tAebosrPjv
lV3qpLm+v0trZBVZDT6KKecx4BK4AVW4z2zve6mtIPQrZZKhQoSQ/fZ6jafqiawh
r4M9ZvgqG+VVRxs5NtVkXcDv
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:18:46 2024 by rpki-client on console-fra.rpki-client.org