Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/QehFx9CpD7gc7NXhK6Zr9dj2t2E.roa
File: QehFx9CpD7gc7NXhK6Zr9dj2t2E.roa (raw, json)
Hash identifier: 1d0D5uvJSP5tYBk7NSBozd/TQUB6LabodqrPBEUV+/M=
Subject key identifier: 41:E8:45:C7:D0:A9:0F:B8:1C:EC:D5:E1:2B:A6:6B:F5:D8:F6:B7:61
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E0F67BB516CA797164EB9362F6079
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/QehFx9CpD7gc7NXhK6Zr9dj2t2E.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 37.114.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:0f:67:bb:51:6c:a7:97:16:4e:b9:36:2f:60:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41e845c7d0a90fb81cecd5e12ba66bf5d8f6b761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:53:79:63:b0:24:03:41:2a:fd:67:d1:fe:
09:74:1b:31:be:22:ec:53:ba:2c:b9:ba:e3:3f:ab:
59:47:70:09:47:80:bd:56:79:d9:e6:68:12:cd:e7:
85:7f:20:3f:1c:18:ac:e2:c9:1a:59:40:c5:ab:c6:
e7:5c:38:71:2a:79:7c:00:82:50:35:6d:9e:b0:6b:
aa:b4:33:cc:6d:a9:fe:0b:0b:34:eb:b2:eb:8f:a5:
80:6e:1c:e7:9b:ed:76:89:5c:61:66:e2:68:78:10:
3c:29:1c:80:de:0c:6e:50:91:8f:e6:32:71:c4:eb:
38:47:d5:bf:ef:bc:69:7d:66:5f:d0:5f:00:b4:9f:
ac:46:db:41:c7:9e:9c:a3:4f:d2:6d:35:6c:bd:b0:
ff:08:4e:40:c8:7c:ae:b7:43:71:3c:9e:cf:7c:ef:
99:5d:21:05:ae:75:9c:85:d1:84:fc:59:60:3f:8e:
6e:f3:3c:30:b4:44:62:ea:56:f5:1a:09:5f:3e:e0:
12:50:2e:10:06:2c:07:22:b0:6c:0d:ea:b2:ca:da:
7b:92:27:97:b0:87:43:de:7b:d2:98:12:5a:79:1a:
87:c3:c1:7d:69:d7:4d:c2:80:58:06:85:97:16:98:
aa:c9:49:e4:48:51:7b:e9:58:2b:53:05:13:6b:fc:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E8:45:C7:D0:A9:0F:B8:1C:EC:D5:E1:2B:A6:6B:F5:D8:F6:B7:61
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/QehFx9CpD7gc7NXhK6Zr9dj2t2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.40.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c4:63:ce:90:3f:85:25:5a:1e:7e:a8:63:97:24:e3:96:02:
e1:f3:e2:5e:cf:29:05:ea:a7:83:0a:8b:45:08:9b:2b:72:62:
b0:e5:7d:f9:49:67:d9:08:43:86:79:7f:22:60:44:80:da:77:
e0:7f:08:01:21:69:7e:03:da:fd:52:36:d3:20:f9:7b:85:fe:
e2:1c:b0:6b:e7:b6:58:cf:51:24:c9:a4:73:ee:ac:77:14:a2:
46:fe:a8:9b:a7:fe:2d:9d:45:8c:a2:13:bf:aa:d5:0c:2f:a5:
b4:f6:bf:67:cd:13:b6:61:e6:8c:39:93:f1:97:1c:09:f2:cf:
f4:34:bd:51:6c:be:bd:6e:02:97:32:ae:e2:14:96:a1:84:80:
b1:d8:f1:e8:f6:8b:eb:5c:6a:f8:7e:50:d9:cf:f0:d9:9f:89:
bb:43:2a:1a:2b:30:69:29:5b:0e:c3:e6:31:42:fd:40:82:20:
f9:11:4c:5e:af:e4:41:e8:b2:34:3d:7a:39:37:db:3a:55:4d:
36:09:21:ce:92:2e:8e:20:ad:fa:46:6c:64:4d:cb:f3:8b:7f:
34:bb:d0:0e:92:a4:06:b8:1d:bf:37:50:13:c9:93:91:40:c8:
bd:28:0c:f4:f7:6a:2b:02:33:85:66:36:d8:3a:51:6a:85:3d:
70:1e:d7:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTg9nu1Fsp5cWTrk2L2B5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4NDVjN2QwYTkwZmI4MWNlY2Q1ZTEyYmE2NmJmNWQ4ZjZiNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApslTeWOwJANBKv1n0f4JdBsxviLs
U7osubrjP6tZR3AJR4C9VnnZ5mgSzeeFfyA/HBis4skaWUDFq8bnXDhxKnl8AIJQ
NW2esGuqtDPMban+Cws067Lrj6WAbhznm+12iVxhZuJoeBA8KRyA3gxuUJGP5jJx
xOs4R9W/77xpfWZf0F8AtJ+sRttBx56co0/SbTVsvbD/CE5AyHyut0NxPJ7PfO+Z
XSEFrnWchdGE/FlgP45u8zwwtERi6lb1GglfPuASUC4QBiwHIrBsDeqyytp7kieX
sIdD3nvSmBJaeRqHw8F9addNwoBYBoWXFpiqyUnkSFF76VgrUwUTa/xFEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHoRcfQqQ+4HOzV4Suma/XY9rdhMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvUWVoRng5Q3BEN2djN05YaEs2WnI5ZGoydDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXIoMA0G
CSqGSIb3DQEBCwUAA4IBAQBXxGPOkD+FJVoefqhjlyTjlgLh8+JezykF6qeDCotF
CJsrcmKw5X35SWfZCEOGeX8iYESA2nfgfwgBIWl+A9r9UjbTIPl7hf7iHLBr57ZY
z1EkyaRz7qx3FKJG/qibp/4tnUWMohO/qtUML6W09r9nzRO2YeaMOZPxlxwJ8s/0
NL1RbL69bgKXMq7iFJahhICx2PHo9ovrXGr4flDZz/DZn4m7QyoaKzBpKVsOw+Yx
Qv1AgiD5EUxer+RB6LI0PXo5N9s6VU02CSHOki6OIK36RmxkTcvzi380u9AOkqQG
uB2/N1ATyZORQMi9KAz092orAjOFZjbYOlFqhT1wHte5
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:11 2024 by rpki-client on console-ams.rpki-client.org