Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/vhzvLObXYbusiJFNqw9KuTLMG-s.roa
File: vhzvLObXYbusiJFNqw9KuTLMG-s.roa (raw, json)
Hash identifier: n3bTnsyb+RPGHI1NNpAZzZIakmionam0zNc+0CNp37Y=
Subject key identifier: BE:1C:EF:2C:E6:D7:61:BB:AC:88:91:4D:AB:0F:4A:B9:32:CC:1B:EB
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 019097F1572691F5A3488CB77D8F95E23B97
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/vhzvLObXYbusiJFNqw9KuTLMG-s.roa
Signing time: Tue 09 Jul 2024 14:41:34 +0000
ROA not before: Tue 09 Jul 2024 14:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41944
IP address blocks: 37.114.33.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:f1:57:26:91:f5:a3:48:8c:b7:7d:8f:95:e2:3b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jul 9 14:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1cef2ce6d761bbac88914dab0f4ab932cc1beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:47:a9:10:59:18:f2:6c:f1:11:25:41:fe:24:
09:74:33:cc:e2:10:ba:3f:f0:04:29:a4:b6:e5:24:
5f:87:f7:b4:25:9b:af:57:a7:8f:51:22:ba:08:4d:
66:3c:fd:b0:da:a1:02:ed:41:5a:e3:a5:c2:a6:f3:
93:15:25:99:c3:80:cd:c1:aa:2e:e6:47:0a:d5:75:
0e:1d:0b:6e:7d:62:08:9a:0b:18:b6:c3:67:45:5d:
ca:ad:7b:12:e8:6a:a7:8b:e8:c7:05:0d:15:84:01:
79:df:28:a5:11:e1:df:b8:dc:af:7e:b7:10:4c:89:
ae:bf:dc:4a:87:75:7e:d8:5d:1a:b0:50:ee:9a:40:
48:29:0e:ed:3f:7e:c8:22:2b:7e:4c:d2:bd:af:ef:
28:ea:06:8d:7a:3a:e4:6e:46:73:35:59:1d:46:f6:
bd:99:87:7b:8c:7a:56:19:50:cc:69:f2:1a:9e:a8:
8b:19:69:ea:2c:84:82:9a:15:f6:c2:90:a7:07:31:
a9:a7:58:1c:3a:04:ea:3e:a1:24:e5:64:90:68:fd:
2a:c4:45:07:64:d2:b3:34:1d:a8:fd:c4:88:7e:d8:
df:1e:d7:04:e8:08:4f:94:a8:4a:a5:85:f2:b5:84:
0f:f1:93:22:0c:a1:84:ef:92:17:fc:e5:58:ad:e3:
73:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1C:EF:2C:E6:D7:61:BB:AC:88:91:4D:AB:0F:4A:B9:32:CC:1B:EB
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/vhzvLObXYbusiJFNqw9KuTLMG-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.43.0/24
37.114.48.0/23
37.114.51.0/24
37.114.55.0/24
37.114.63.0/24
176.100.37.0/24
Signature Algorithm: sha256WithRSAEncryption
42:57:09:c6:17:fb:d2:cc:84:d6:44:70:f9:36:7b:39:9c:0e:
d5:1a:db:01:f2:c4:05:3e:5e:ea:96:26:cd:f1:e9:66:44:e5:
2d:4a:b1:f7:60:bd:bb:06:89:79:fe:f0:a3:23:76:69:0b:cd:
b0:aa:3c:e3:a8:76:27:fa:0f:05:39:cb:46:24:c4:a7:f7:7b:
2c:d8:68:2c:66:be:d4:e6:33:52:88:bd:31:80:b6:5b:ec:92:
e8:ea:94:a7:08:f8:9c:a8:ff:3a:4f:35:2a:14:1c:44:8a:13:
e8:bc:b2:50:63:8e:32:25:13:61:17:a1:66:1c:cf:85:f5:ca:
22:45:55:ef:8e:59:4e:e4:01:a1:31:63:b1:ec:9c:64:68:c1:
0b:dd:be:8b:3d:32:93:68:90:4b:8d:67:92:8c:8a:b9:50:ce:
fe:4f:67:6f:0b:2a:dc:ad:11:e7:b6:4c:4d:02:a7:1c:e4:36:
7b:11:a6:1b:5b:7b:1c:ed:1b:23:78:bb:44:5c:7b:14:19:54:
36:c4:1a:53:ae:4e:06:30:9d:d4:60:6e:02:c9:37:37:e4:3c:
b1:ec:3c:9f:e7:77:da:ad:29:95:11:ff:f7:d3:6b:06:08:88:
49:57:e7:bd:51:44:23:c9:e6:f3:3e:91:c1:ef:4e:17:5a:1c:
53:1b:72:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZCX8VcmkfWjSIy3fY+V4juXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNzA5MTQ0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFjZWYyY2U2ZDc2MWJiYWM4ODkxNGRhYjBmNGFiOTMyY2MxYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykepEFkY8mzxESVB/iQJdDPM4hC6
P/AEKaS25SRfh/e0JZuvV6ePUSK6CE1mPP2w2qEC7UFa46XCpvOTFSWZw4DNwaou
5kcK1XUOHQtufWIImgsYtsNnRV3KrXsS6Gqni+jHBQ0VhAF53yilEeHfuNyvfrcQ
TImuv9xKh3V+2F0asFDumkBIKQ7tP37IIit+TNK9r+8o6gaNejrkbkZzNVkdRva9
mYd7jHpWGVDMafIanqiLGWnqLISCmhX2wpCnBzGpp1gcOgTqPqEk5WSQaP0qxEUH
ZNKzNB2o/cSIftjfHtcE6AhPlKhKpYXytYQP8ZMiDKGE75IX/OVYreNz9QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL4c7yzm12G7rIiRTasPSrkyzBvrMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvdmh6dkxPYlhZYnVzaUpGTnF3OUt1VExNRy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJXIhAwQA
JXIrAwQBJXIwAwQAJXIzAwQAJXI3AwQAJXI/AwQAsGQlMA0GCSqGSIb3DQEBCwUA
A4IBAQBCVwnGF/vSzITWRHD5Nns5nA7VGtsB8sQFPl7qlibN8elmROUtSrH3YL27
Bol5/vCjI3ZpC82wqjzjqHYn+g8FOctGJMSn93ss2GgsZr7U5jNSiL0xgLZb7JLo
6pSnCPicqP86TzUqFBxEihPovLJQY44yJRNhF6FmHM+F9coiRVXvjllO5AGhMWOx
7JxkaMEL3b6LPTKTaJBLjWeSjIq5UM7+T2dvCyrcrRHntkxNAqcc5DZ7EaYbW3sc
7RsjeLtEXHsUGVQ2xBpTrk4GMJ3UYG4CyTc35Dyx7Dyf53farSmVEf/302sGCIhJ
V+e9UUQjyebzPpHB704XWhxTG3L1
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:13:04 2024 by rpki-client on console-fra.rpki-client.org