Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/azY1hz_2wS8KX1dKjwcsPdvJPuI.roa
File: azY1hz_2wS8KX1dKjwcsPdvJPuI.roa (raw, json)
Hash identifier: SOxR8l9MN+54vmOuFrL6MAfhBxOF8N/Ygp+G9+Fp+3U=
Subject key identifier: 6B:36:35:87:3F:F6:C1:2F:0A:5F:57:4A:8F:07:2C:3D:DB:C9:3E:E2
Certificate issuer: /CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Certificate serial: 018CC5DC22479A418592AB03426B3E31C02A
Authority key identifier: 67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/azY1hz_2wS8KX1dKjwcsPdvJPuI.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61044
IP address blocks: 185.40.92.0/22 maxlen: 22
37.148.192.0/21 maxlen: 21
37.148.196.0/24 maxlen: 24
2a03:10c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/Z781NxWjTdooYF_c97eugG0xFZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/Z781NxWjTdooYF_c97eugG0xFZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:22:47:9a:41:85:92:ab:03:42:6b:3e:31:c0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b3635873ff6c12f0a5f574a8f072c3ddbc93ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:47:00:f5:08:dc:65:ad:a9:2c:fd:2c:84:3b:
6e:23:e6:28:3e:0e:8a:21:14:2d:43:46:b7:13:af:
c9:2a:07:37:19:a6:b6:f7:6b:ca:12:06:5a:43:34:
97:c1:f3:0f:39:8f:49:98:63:fb:71:02:ce:f9:98:
a2:29:b2:ff:20:25:b0:db:5d:f5:14:84:8a:cf:2d:
c5:da:f1:11:78:dd:b8:ec:2f:5b:e1:2c:8d:c5:89:
d4:a6:c9:6b:93:65:ce:a5:8b:a4:59:2f:32:0d:d2:
17:11:56:48:c8:61:d9:f0:7e:94:c0:3b:ca:6f:6a:
1b:70:b8:e3:12:7e:b3:2b:71:4f:26:24:e7:d2:7f:
d1:5b:a8:81:1e:8d:31:2c:d9:be:fe:04:57:94:27:
c9:59:48:f1:04:74:dc:68:17:66:a9:7c:4f:6f:09:
83:56:5e:12:bd:8e:50:56:6b:31:21:f3:44:09:eb:
4f:2c:25:07:43:7e:69:c2:8c:a7:ba:6a:62:d4:ac:
b0:fb:0f:fe:db:ac:c0:ee:5f:09:ed:7a:03:49:0f:
3d:b3:f5:f2:af:a1:7a:5c:ac:75:ad:28:32:be:80:
55:de:51:87:bc:65:b5:80:d9:40:c4:07:9e:47:87:
00:08:2c:a0:b7:bb:10:76:98:4d:34:60:42:73:eb:
dd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:36:35:87:3F:F6:C1:2F:0A:5F:57:4A:8F:07:2C:3D:DB:C9:3E:E2
X509v3 Authority Key Identifier:
keyid:67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/azY1hz_2wS8KX1dKjwcsPdvJPuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/Z781NxWjTdooYF_c97eugG0xFZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.192.0/21
185.40.92.0/22
IPv6:
2a03:10c0::/30
Signature Algorithm: sha256WithRSAEncryption
52:55:87:5c:91:ab:92:6f:4e:a5:69:78:7a:5d:1a:1e:f9:fb:
06:1c:43:15:6e:e7:f8:9f:fa:03:eb:e5:6a:20:c7:90:8c:c0:
11:e2:d0:bd:cb:2f:a8:79:e7:36:a0:c4:27:e2:4b:91:39:8b:
2e:48:4b:83:1a:39:c6:fc:ec:fc:c6:a1:39:16:30:6d:ee:34:
d2:3b:f9:c8:38:c6:54:ea:39:a4:8a:15:f5:ba:97:dc:01:a1:
79:8c:09:2f:6d:4b:c7:78:fe:a4:9f:29:1e:0f:50:36:f1:4e:
29:de:07:ce:0c:f5:b3:9a:6a:6f:6d:5d:32:9a:c0:6e:ff:13:
e1:a4:88:1b:a2:b5:0b:8a:eb:26:36:82:75:22:94:4b:f8:16:
09:59:02:8d:cf:aa:3e:2b:a3:20:95:f7:13:dd:35:b6:a2:21:
88:7e:39:b3:bf:5c:db:bc:c1:09:b0:02:4f:15:ea:f5:79:4d:
40:52:5b:e3:af:b4:87:7c:5b:b0:9c:6d:cb:fa:a6:f6:f4:50:
12:d8:7e:bd:31:9a:ea:97:d0:bd:7f:1c:6d:13:a6:dc:78:56:
e7:1f:94:18:5f:21:15:15:1a:c5:22:b4:a1:69:fa:61:a6:9e:
ac:e9:2f:b2:d8:c7:38:fe:28:e4:f6:54:ba:9f:c6:ae:91:33:
4e:54:74:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3CJHmkGFkqsDQms+McAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YmYzNTM3MTVhMzRkZGEyODYwNWZkY2Y3YjdhZTgwNmQz
MTE1OWMwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM2MzU4NzNmZjZjMTJmMGE1ZjU3NGE4ZjA3MmMzZGRiYzkzZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0cA9QjcZa2pLP0shDtuI+YoPg6K
IRQtQ0a3E6/JKgc3Gaa292vKEgZaQzSXwfMPOY9JmGP7cQLO+ZiiKbL/ICWw2131
FISKzy3F2vEReN247C9b4SyNxYnUpslrk2XOpYukWS8yDdIXEVZIyGHZ8H6UwDvK
b2obcLjjEn6zK3FPJiTn0n/RW6iBHo0xLNm+/gRXlCfJWUjxBHTcaBdmqXxPbwmD
Vl4SvY5QVmsxIfNECetPLCUHQ35pwoynumpi1Kyw+w/+26zA7l8J7XoDSQ89s/Xy
r6F6XKx1rSgyvoBV3lGHvGW1gNlAxAeeR4cACCygt7sQdphNNGBCc+vdzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGs2NYc/9sEvCl9XSo8HLD3byT7iMB8GA1UdIwQY
MBaAFGe/NTcVo03aKGBf3Pe3roBtMRWcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYt
NjlkODA5MmI1NGUxLzEvYXpZMWh6XzJ3UzhLWDFkS2p3Y3NQZHZKUHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYtNjlkODA5MmI1NGUx
LzEvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZTAAwQC
uShcMA0EAgACMAcDBQIqAxDAMA0GCSqGSIb3DQEBCwUAA4IBAQBSVYdckauSb06l
aXh6XRoe+fsGHEMVbuf4n/oD6+VqIMeQjMAR4tC9yy+oeec2oMQn4kuROYsuSEuD
GjnG/Oz8xqE5FjBt7jTSO/nIOMZU6jmkihX1upfcAaF5jAkvbUvHeP6knykeD1A2
8U4p3gfODPWzmmpvbV0ymsBu/xPhpIgborULiusmNoJ1IpRL+BYJWQKNz6o+K6Mg
lfcT3TW2oiGIfjmzv1zbvMEJsAJPFer1eU1AUlvjr7SHfFuwnG3L+qb29FAS2H69
MZrql9C9fxxtE6bceFbnH5QYXyEVFRrFIrShafphpp6s6S+y2Mc4/ijk9lS6n8au
kTNOVHQo
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:46:29 2024 by rpki-client on console-fra.rpki-client.org