Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/s2oFzOBHOe4xcwbiYtcAId36Mv8.roa
File: s2oFzOBHOe4xcwbiYtcAId36Mv8.roa (raw, json)
Hash identifier: q0QjgCwvuoR7SXi+TrVKwk8LwdQdhgJVYVsG8zgpp5c=
Subject key identifier: B3:6A:05:CC:E0:47:39:EE:31:73:06:E2:62:D7:00:21:DD:FA:32:FF
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018FBE3DA8664286C4C99E6A0BD655322FB2
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/s2oFzOBHOe4xcwbiYtcAId36Mv8.roa
Signing time: Tue 28 May 2024 08:07:42 +0000
ROA not before: Tue 28 May 2024 08:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.35.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
176.100.32.0/21 maxlen: 32
176.100.32.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
185.14.92.0/22 maxlen: 22
2a00:ccc0::/29 maxlen: 128
2a00:ccc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:3d:a8:66:42:86:c4:c9:9e:6a:0b:d6:55:32:2f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: May 28 08:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b36a05cce04739ee317306e262d70021ddfa32ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ff:cb:90:75:51:53:07:1b:91:fd:65:67:bb:
2e:f1:6f:76:09:dc:8f:c2:0d:7d:d6:b9:a8:7b:2d:
06:ae:c5:e5:1f:e1:e9:74:62:c9:02:b6:14:ac:41:
b3:59:66:e3:9d:4f:11:e6:31:51:0d:ec:cf:9e:27:
89:7c:27:01:14:b1:dd:db:eb:d9:2b:a0:28:58:b9:
81:c5:4c:72:08:b9:9f:c9:16:19:a6:0b:ec:ae:23:
19:6a:e4:e2:32:45:d3:72:4c:48:51:10:9c:fc:36:
10:fd:ae:33:af:b4:e8:8e:49:23:c3:bc:ad:7d:06:
10:39:e1:9d:e9:d2:6b:b6:b6:77:ef:27:e0:a3:c2:
be:c4:68:05:a1:18:87:40:4e:46:60:97:e1:9b:80:
c0:22:37:f0:8b:d8:e1:47:cd:3e:27:51:65:da:e0:
10:36:62:43:b2:6b:b8:e2:2f:fe:a2:a9:29:ac:a1:
5c:aa:37:b1:7f:c1:9b:94:19:9e:13:f6:6e:21:4e:
d8:19:d9:f7:ba:ca:0f:e6:40:70:64:40:01:c3:cd:
8d:b5:50:27:41:64:57:11:00:da:6e:35:ed:08:eb:
8a:a2:7a:b3:98:b9:40:24:80:77:98:53:92:29:b5:
b4:11:e4:a6:92:80:4a:df:3b:e5:c6:12:d1:46:f3:
be:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6A:05:CC:E0:47:39:EE:31:73:06:E2:62:D7:00:21:DD:FA:32:FF
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/s2oFzOBHOe4xcwbiYtcAId36Mv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.48.0/21
176.100.32.0/21
185.14.92.0/22
IPv6:
2a00:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
af:6d:a9:e5:65:3c:26:7f:e1:80:ef:04:d5:3e:60:31:1c:78:
25:c0:e2:b3:77:bb:66:44:3b:a9:ac:85:00:d0:1f:3c:34:9b:
ef:eb:59:c7:2e:9e:ab:c7:5f:da:1d:78:ee:e5:93:d5:32:f8:
fb:0b:4c:0f:79:8b:f2:03:1c:82:d4:74:8a:ba:c4:47:07:34:
b0:7d:09:bc:88:7e:af:5b:7f:46:5e:56:37:1c:1e:68:f0:00:
eb:f9:50:b8:cf:99:08:a0:92:d7:63:c6:dc:b5:2c:3f:70:63:
9a:6e:b8:e2:9e:0b:71:a0:c5:f9:38:ec:e8:44:8f:2f:19:87:
ae:45:e7:64:e5:da:da:b1:0e:b4:cf:c0:f0:5f:18:72:ac:3a:
85:f0:90:86:94:6d:7b:b6:f3:77:89:22:56:9f:72:79:9e:42:
73:1e:ed:8e:ec:50:3b:98:e4:d8:65:66:76:04:0c:da:97:70:
ea:14:51:e8:64:37:15:c1:af:c2:cb:8f:79:3e:76:24:c1:ed:
98:13:b6:5c:73:f6:73:60:48:fe:30:a4:cf:0f:f0:39:81:df:
1c:6c:43:04:c1:02:ec:1e:94:66:5b:a9:d6:67:52:73:94:4a:
dc:a7:b5:25:bc:b9:30:8b:ed:a8:8f:a6:e6:3e:10:25:4e:f2:
1d:73:41:8a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY++PahmQobEyZ5qC9ZVMi+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNTI4MDgwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzZhMDVjY2UwNDczOWVlMzE3MzA2ZTI2MmQ3MDAyMWRkZmEzMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8v/LkHVRUwcbkf1lZ7su8W92CdyP
wg191rmoey0GrsXlH+HpdGLJArYUrEGzWWbjnU8R5jFRDezPnieJfCcBFLHd2+vZ
K6AoWLmBxUxyCLmfyRYZpgvsriMZauTiMkXTckxIURCc/DYQ/a4zr7Tojkkjw7yt
fQYQOeGd6dJrtrZ37yfgo8K+xGgFoRiHQE5GYJfhm4DAIjfwi9jhR80+J1Fl2uAQ
NmJDsmu44i/+oqkprKFcqjexf8GblBmeE/ZuIU7YGdn3usoP5kBwZEABw82NtVAn
QWRXEQDabjXtCOuKonqzmLlAJIB3mFOSKbW0EeSmkoBK3zvlxhLRRvO+mwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLNqBczgRznuMXMG4mLXACHd+jL/MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvczJvRnpPQkhPZTR4Y3diaVl0Y0FJZDM2TXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFJXIgAwQB
K/ugAwQDXpowAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQMqAMzAMA0GCSqGSIb3DQEB
CwUAA4IBAQCvbanlZTwmf+GA7wTVPmAxHHglwOKzd7tmRDuprIUA0B88NJvv61nH
Lp6rx1/aHXju5ZPVMvj7C0wPeYvyAxyC1HSKusRHBzSwfQm8iH6vW39GXlY3HB5o
8ADr+VC4z5kIoJLXY8bctSw/cGOabrjingtxoMX5OOzoRI8vGYeuRedk5drasQ60
z8DwXxhyrDqF8JCGlG17tvN3iSJWn3J5nkJzHu2O7FA7mOTYZWZ2BAzal3DqFFHo
ZDcVwa/Cy495PnYkwe2YE7Zcc/ZzYEj+MKTPD/A5gd8cbEMEwQLsHpRmW6nWZ1Jz
lErcp7UlvLkwi+2oj6bmPhAlTvIdc0GK
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:49:09 2024 by rpki-client on console-ams.rpki-client.org