Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/VzIpGRlOmR2ax4jkMOV9Xayk8h8.roa
File: VzIpGRlOmR2ax4jkMOV9Xayk8h8.roa (raw, json)
Hash identifier: GFEzXDf+oQNFDbQ7u9yYgGo99T7gEjDw5zpRrxXZnoc=
Subject key identifier: 57:32:29:19:19:4E:99:1D:9A:C7:88:E4:30:E5:7D:5D:AC:A4:F2:1F
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 018CC26D4B00C6FF7037091EC56B0A16ECA5
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/VzIpGRlOmR2ax4jkMOV9Xayk8h8.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57734
IP address blocks: 37.49.234.0/23 maxlen: 24
37.49.234.0/24 maxlen: 24
2a00:a4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4b:00:c6:ff:70:37:09:1e:c5:6b:0a:16:ec:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57322919194e991d9ac788e430e57d5daca4f21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6e:4b:3a:c7:66:f1:5c:99:92:14:51:d3:3f:
bf:45:77:e3:15:94:ee:aa:2e:9b:83:eb:09:aa:5c:
1c:b7:42:e4:e6:28:07:11:a8:56:43:91:64:fa:f9:
94:49:20:b4:2e:e3:12:0c:8e:54:53:fa:63:e5:39:
b2:24:e6:ef:e5:bd:1f:fa:79:bc:78:60:48:e0:9f:
1d:35:c1:f0:f6:f3:90:9b:93:1e:bf:e5:0d:37:c2:
ec:97:5d:11:eb:bd:79:4a:81:93:4e:35:1f:df:2d:
2c:69:9a:80:e6:54:b3:5d:56:d2:a6:00:79:2c:82:
8c:48:9f:0f:54:7d:49:8a:7d:54:69:9c:b7:81:25:
3e:3c:d1:1a:23:df:97:29:0f:52:65:13:fb:e0:20:
77:dc:9c:0c:0d:fb:3d:3b:1c:93:8e:b9:40:50:19:
da:b7:d6:df:02:5b:73:4c:74:c4:0b:53:16:37:e7:
9b:11:bf:e5:e4:5f:3f:49:d2:9e:41:60:2e:69:49:
f6:c6:dc:18:24:83:cb:0d:3a:3f:6c:c1:1c:3d:9f:
40:c0:33:fb:10:64:58:d0:ee:41:15:f1:6f:41:2e:
65:65:6e:c9:ce:92:bf:d2:ff:f4:a6:4a:f2:cd:42:
c1:6c:0f:d5:6e:8b:e8:73:20:64:09:5a:10:e7:b5:
9f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:32:29:19:19:4E:99:1D:9A:C7:88:E4:30:E5:7D:5D:AC:A4:F2:1F
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/VzIpGRlOmR2ax4jkMOV9Xayk8h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.234.0/23
IPv6:
2a00:a4c0::/32
Signature Algorithm: sha256WithRSAEncryption
64:cd:14:cb:22:8a:bc:5d:9d:d2:3b:2c:6d:a9:19:51:31:8a:
12:f8:35:e2:a0:f2:82:ca:60:30:f7:a1:3e:7f:e7:0b:7d:2e:
4e:3b:86:cc:4c:e6:f4:1b:a0:c3:e3:70:ce:08:26:da:a2:99:
76:81:ce:3e:8d:da:07:55:01:84:2d:26:ae:15:8b:0e:dc:69:
3b:a6:ef:28:93:11:9a:1d:1f:e8:09:31:36:e5:fd:2b:2f:d3:
ce:c7:0a:7c:00:78:01:43:0e:91:1b:36:d6:17:88:2d:54:c6:
af:ff:7e:da:09:8c:e4:f1:b6:0f:b1:44:d1:96:a2:42:05:d9:
87:7c:5a:0f:3c:cf:51:fd:a5:48:e4:f9:3b:e3:a9:b8:1c:f9:
b7:e5:f8:a3:27:33:2e:78:de:98:0b:4e:7c:33:9c:00:18:93:
c6:4c:b6:6b:61:d6:e5:73:15:10:3d:4d:eb:87:9d:1a:b1:0c:
74:4c:24:81:c8:47:52:e2:01:b9:4f:87:4e:34:ab:87:db:65:
53:66:45:1a:2c:84:f3:6a:4e:0e:84:36:7c:1a:6b:65:15:96:
b2:0c:72:7f:46:58:0f:e5:7c:f3:26:46:87:f2:07:37:99:12:
e2:b3:e2:37:2f:92:da:22:bd:66:6c:6b:2d:e3:60:b4:68:aa:
63:a1:a7:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbUsAxv9wNwkexWsKFuylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMyMjkxOTE5NGU5OTFkOWFjNzg4ZTQzMGU1N2Q1ZGFjYTRmMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m5LOsdm8VyZkhRR0z+/RXfjFZTu
qi6bg+sJqlwct0Lk5igHEahWQ5Fk+vmUSSC0LuMSDI5UU/pj5TmyJObv5b0f+nm8
eGBI4J8dNcHw9vOQm5Mev+UNN8Lsl10R6715SoGTTjUf3y0saZqA5lSzXVbSpgB5
LIKMSJ8PVH1Jin1UaZy3gSU+PNEaI9+XKQ9SZRP74CB33JwMDfs9OxyTjrlAUBna
t9bfAltzTHTEC1MWN+ebEb/l5F8/SdKeQWAuaUn2xtwYJIPLDTo/bMEcPZ9AwDP7
EGRY0O5BFfFvQS5lZW7JzpK/0v/0pkryzULBbA/VbovocyBkCVoQ57WfPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFcyKRkZTpkdmseI5DDlfV2spPIfMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvVnpJcEdSbE9tUjJheDRqa01PVjlYYXlrOGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBJTHqMA0E
AgACMAcDBQAqAKTAMA0GCSqGSIb3DQEBCwUAA4IBAQBkzRTLIoq8XZ3SOyxtqRlR
MYoS+DXioPKCymAw96E+f+cLfS5OO4bMTOb0G6DD43DOCCbaopl2gc4+jdoHVQGE
LSauFYsO3Gk7pu8okxGaHR/oCTE25f0rL9POxwp8AHgBQw6RGzbWF4gtVMav/37a
CYzk8bYPsUTRlqJCBdmHfFoPPM9R/aVI5Pk746m4HPm35fijJzMueN6YC058M5wA
GJPGTLZrYdblcxUQPU3rh50asQx0TCSByEdS4gG5T4dONKuH22VTZkUaLITzak4O
hDZ8GmtlFZayDHJ/RlgP5XzzJkaH8gc3mRLis+I3L5LaIr1mbGst42C0aKpjoads
-----END CERTIFICATE-----
Generated at Mon May 20 04:45:08 2024 by rpki-client on console-fra.rpki-client.org