Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/VBWv9MJ5-DEaWCYHjJKxWWZoiE8.roa
File: VBWv9MJ5-DEaWCYHjJKxWWZoiE8.roa (raw, json)
Hash identifier: yz5xqEu+4HneAfhEPyyan79ZYuiTwuV+DmZoOMzvt1o=
Subject key identifier: 54:15:AF:F4:C2:79:F8:31:1A:58:26:07:8C:92:B1:59:66:68:88:4F
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E12B14BCA13EAE73704A818ABF881
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/VBWv9MJ5-DEaWCYHjJKxWWZoiE8.roa
Signing time: Tue 02 Jan 2024 08:33:06 +0000
ROA not before: Tue 02 Jan 2024 08:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 37.114.35.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/23 maxlen: 24
103.252.89.0/24 maxlen: 24
103.252.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:12:b1:4b:ca:13:ea:e7:37:04:a8:18:ab:f8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5415aff4c279f8311a5826078c92b1596668884f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:5b:40:04:a9:db:d6:94:85:fe:d2:71:c4:
28:99:09:24:01:b2:c2:37:94:30:e4:8e:45:b9:92:
f0:62:3d:6f:e3:78:3d:17:ab:ea:eb:71:ca:91:65:
f4:5e:6d:a0:81:9a:a3:fa:ed:50:89:e3:b2:01:f2:
f1:e8:4b:58:b2:25:4c:23:35:92:d7:7e:4b:b2:18:
ea:95:5d:68:10:21:6e:0c:d0:70:be:6a:12:92:8c:
a1:e3:45:5d:68:6b:7e:41:74:d5:d1:17:9f:80:cb:
cf:d0:33:a0:d9:e9:30:b9:0c:0d:de:31:77:10:1f:
d9:c8:a7:8b:5c:7a:39:96:f6:a6:8d:64:8d:4e:fc:
08:a7:4c:4a:fd:af:90:8b:ef:f3:76:6e:33:be:30:
c2:77:69:42:ad:b5:52:5a:3f:2d:dd:74:7b:bd:4c:
5b:b7:8d:56:26:3c:6d:e7:60:4f:77:83:93:2f:9f:
76:83:c7:22:74:7e:13:e5:ff:19:a8:4e:84:4d:cf:
4c:66:5c:31:75:70:93:18:73:80:73:85:63:67:8e:
8b:66:9c:d1:e5:d8:c9:d4:a1:b6:f0:56:cf:77:a2:
d5:bc:14:62:f8:80:0d:b4:c6:37:d6:dd:98:31:2d:
07:3f:a9:bf:7a:29:c5:39:0b:62:13:4e:fc:ec:46:
a8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:15:AF:F4:C2:79:F8:31:1A:58:26:07:8C:92:B1:59:66:68:88:4F
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/VBWv9MJ5-DEaWCYHjJKxWWZoiE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.35.0/24
37.114.43.0-37.114.45.255
103.252.89.0-103.252.90.255
Signature Algorithm: sha256WithRSAEncryption
25:01:8b:db:bf:e5:98:ca:cc:a0:c9:ad:b3:cc:74:6d:a0:7b:
75:3d:73:de:bb:7c:96:47:57:3b:e6:af:93:fa:4d:57:38:c1:
23:cc:3e:1f:c1:e1:ed:0b:55:46:64:3c:dc:42:e6:51:99:27:
21:51:fb:54:93:e5:f1:f7:96:c8:d0:8f:be:5c:a0:28:6d:26:
c9:29:2e:17:2a:db:e9:48:21:8c:6f:da:dd:30:a0:86:e9:53:
12:11:0c:df:7b:2e:1e:91:16:9e:86:23:bf:0b:1a:25:90:74:
57:b4:a8:18:fb:fc:69:5e:fc:58:f4:0b:0e:cd:5b:66:4b:0b:
97:9c:ef:94:12:34:0c:35:a0:8c:71:68:9a:05:eb:ba:19:5b:
22:fc:d2:4a:c2:e3:10:3d:ba:84:8f:01:fe:fa:c4:78:82:06:
94:71:31:d7:15:b7:44:47:27:36:66:3d:b4:66:f5:21:de:f9:
39:3b:1c:1e:62:3a:c1:46:f1:aa:4f:2e:6a:98:bd:84:de:63:
98:24:35:c8:a5:2a:0c:27:76:01:9b:bf:66:e2:79:9b:68:fa:
d2:c5:7a:9a:ce:44:71:96:b7:52:6c:b3:32:82:4b:da:0b:77:
a8:37:5b:92:8e:74:8d:67:5b:4d:af:4d:2d:b4:f4:61:18:cb:
dd:75:93:72
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJThKxS8oT6uc3BKgYq/iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE1YWZmNGMyNzlmODMxMWE1ODI2MDc4YzkyYjE1OTY2Njg4ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixBbQASp29aUhf7SccQomQkkAbLC
N5Qw5I5FuZLwYj1v43g9F6vq63HKkWX0Xm2ggZqj+u1QieOyAfLx6EtYsiVMIzWS
135LshjqlV1oECFuDNBwvmoSkoyh40VdaGt+QXTV0RefgMvP0DOg2ekwuQwN3jF3
EB/ZyKeLXHo5lvamjWSNTvwIp0xK/a+Qi+/zdm4zvjDCd2lCrbVSWj8t3XR7vUxb
t41WJjxt52BPd4OTL592g8cidH4T5f8ZqE6ETc9MZlwxdXCTGHOAc4VjZ46LZpzR
5djJ1KG28FbPd6LVvBRi+IANtMY31t2YMS0HP6m/einFOQtiE0787EaoCwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFQVr/TCefgxGlgmB4ySsVlmaIhPMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvVkJXdjlNSjUtREVhV0NZSGpKS3hXV1pvaUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAJXIjMAwD
BAAlcisDBAElciwwDAMEAGf8WQMEAGf8WjANBgkqhkiG9w0BAQsFAAOCAQEAJQGL
27/lmMrMoMmts8x0baB7dT1z3rt8lkdXO+avk/pNVzjBI8w+H8Hh7QtVRmQ83ELm
UZknIVH7VJPl8feWyNCPvlygKG0mySkuFyrb6UghjG/a3TCghulTEhEM33suHpEW
noYjvwsaJZB0V7SoGPv8aV78WPQLDs1bZksLl5zvlBI0DDWgjHFomgXruhlbIvzS
SsLjED26hI8B/vrEeIIGlHEx1xW3REcnNmY9tGb1Id75OTscHmI6wUbxqk8uapi9
hN5jmCQ1yKUqDCd2AZu/ZuJ5m2j60sV6ms5EcZa3UmyzMoJL2gt3qDdbko50jWdb
Ta9NLbT0YRjL3XWTcg==
-----END CERTIFICATE-----
Generated at Mon May 20 17:39:45 2024 by rpki-client on console-fra.rpki-client.org