Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/bhxxmEFB7SAhgDsIsDRElp575Go.roa
File: bhxxmEFB7SAhgDsIsDRElp575Go.roa (raw, json)
Hash identifier: 0klZtiv50CZg43kqM1ti9IXiUhDq0gN3SyWV0+exp6k=
Subject key identifier: 6E:1C:71:98:41:41:ED:20:21:80:3B:08:B0:34:44:96:9E:7B:E4:6A
Certificate issuer: /CN=d77796e16b565d727366986cc9ca9ca63d1a4e58
Certificate serial: 01924BD14B06BBB536C3CE5D99E091D43626
Authority key identifier: D7:77:96:E1:6B:56:5D:72:73:66:98:6C:C9:CA:9C:A6:3D:1A:4E:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13eW4WtWXXJzZphsycqcpj0aTlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/bhxxmEFB7SAhgDsIsDRElp575Go.roa
Signing time: Wed 02 Oct 2024 06:01:00 +0000
ROA not before: Wed 02 Oct 2024 06:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52148
IP address blocks: 37.26.104.0/21 maxlen: 21
91.204.208.0/22 maxlen: 22
91.238.160.0/22 maxlen: 22
91.238.164.0/23 maxlen: 23
185.73.8.0/24 maxlen: 24
185.73.9.0/24 maxlen: 24
185.73.10.0/24 maxlen: 24
185.73.11.0/24 maxlen: 24
193.33.186.0/23 maxlen: 23
193.105.61.0/24 maxlen: 24
213.5.176.0/22 maxlen: 22
213.5.180.0/22 maxlen: 22
2a00:c980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/13eW4WtWXXJzZphsycqcpj0aTlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/13eW4WtWXXJzZphsycqcpj0aTlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/13eW4WtWXXJzZphsycqcpj0aTlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4b:d1:4b:06:bb:b5:36:c3:ce:5d:99:e0:91:d4:36:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d77796e16b565d727366986cc9ca9ca63d1a4e58
Validity
Not Before: Oct 2 06:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1c71984141ed2021803b08b03444969e7be46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:58:71:5c:0b:cd:f9:37:69:23:42:8c:42:15:
bc:5e:59:e4:5b:75:07:4f:2f:9c:f3:4e:93:53:b7:
9c:82:b9:13:02:4e:c7:23:58:57:13:4f:2a:d4:82:
80:91:0f:36:a0:3c:93:d6:f5:24:1c:0d:fd:ec:30:
ed:46:d9:40:b0:b0:24:79:a5:af:29:35:3e:e3:03:
a8:61:c9:b8:c4:b4:16:84:0d:6b:7d:ef:f8:95:fd:
fd:cb:82:75:e0:0b:f7:aa:3c:b6:07:1c:99:77:fb:
7f:e4:bc:a2:02:80:60:60:3e:36:b1:21:24:d7:ea:
b9:ac:8b:69:2d:c3:b4:7e:a2:c3:db:0a:c0:d1:89:
ff:5e:3b:f1:95:ae:fa:db:2b:23:dd:4d:98:94:83:
f9:f8:fd:31:4e:9c:9d:ee:fa:e7:0b:8d:9f:1d:47:
4f:a0:44:62:4a:9c:9f:0a:71:57:bc:dc:5c:39:88:
eb:71:b7:b9:2d:88:36:d4:16:ec:1f:dc:ac:8d:cc:
b1:ba:cb:34:f4:fa:91:96:57:57:13:28:f3:9c:7d:
48:1b:25:b2:39:33:06:db:d4:64:9a:3d:96:05:f7:
42:f7:30:4c:48:1c:8d:33:71:40:67:21:09:b8:12:
02:e2:75:27:54:1c:05:13:e4:0c:e7:74:53:54:6c:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1C:71:98:41:41:ED:20:21:80:3B:08:B0:34:44:96:9E:7B:E4:6A
X509v3 Authority Key Identifier:
keyid:D7:77:96:E1:6B:56:5D:72:73:66:98:6C:C9:CA:9C:A6:3D:1A:4E:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13eW4WtWXXJzZphsycqcpj0aTlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/bhxxmEFB7SAhgDsIsDRElp575Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5429d8-f411-4692-b0a7-155fd0b43f9f/1/13eW4WtWXXJzZphsycqcpj0aTlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.104.0/21
91.204.208.0/22
91.238.160.0-91.238.165.255
185.73.8.0/22
193.33.186.0/23
193.105.61.0/24
213.5.176.0/21
IPv6:
2a00:c980::/29
Signature Algorithm: sha256WithRSAEncryption
1f:cb:97:97:f1:21:12:ff:55:bd:ec:25:11:3b:49:cb:ad:eb:
07:9d:a3:7e:7f:95:dc:86:29:01:d8:82:35:94:a6:cd:d6:e2:
48:20:a3:47:e6:33:bb:2b:e8:f5:3c:d7:69:0f:aa:61:c5:f9:
05:d1:6f:13:9c:84:d5:d3:93:e4:a9:21:f5:46:7b:1a:97:37:
ec:b6:b4:3c:71:ac:5e:8e:05:11:37:47:78:fb:32:81:c2:6c:
2b:82:42:58:47:25:06:83:c9:17:c1:81:ed:c5:c0:df:f3:a6:
f5:29:e3:db:f4:c8:a5:a3:ca:fa:cf:d9:2e:f8:ce:39:7b:c5:
98:05:7f:23:fd:16:87:20:db:11:0e:75:35:95:68:ba:16:a3:
7d:39:81:64:ef:a9:11:45:5c:57:76:57:d8:29:f9:6f:81:8f:
f3:df:cd:de:79:5f:6b:1c:c3:cb:f2:24:9d:ce:9e:46:f6:bb:
26:0e:a2:83:f5:9d:36:4c:93:d2:fd:05:bf:93:cb:79:c0:06:
74:82:ca:01:6d:d0:f8:47:ed:e0:ff:06:b5:0c:4c:af:34:fd:
93:26:8d:55:66:39:8a:8a:1f:6f:51:15:67:7d:08:22:62:8b:
1a:38:c9:24:51:34:9b:4d:7b:ac:f9:3f:9c:47:a1:46:f1:50:
8c:5b:fc:75
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZJL0UsGu7U2w85dmeCR1DYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzc5NmUxNmI1NjVkNzI3MzY2OTg2Y2M5Y2E5Y2E2M2Qx
YTRlNTgwHhcNMjQxMDAyMDYwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFjNzE5ODQxNDFlZDIwMjE4MDNiMDhiMDM0NDQ5NjllN2JlNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlhxXAvN+TdpI0KMQhW8XlnkW3UH
Ty+c806TU7ecgrkTAk7HI1hXE08q1IKAkQ82oDyT1vUkHA397DDtRtlAsLAkeaWv
KTU+4wOoYcm4xLQWhA1rfe/4lf39y4J14Av3qjy2BxyZd/t/5LyiAoBgYD42sSEk
1+q5rItpLcO0fqLD2wrA0Yn/Xjvxla762ysj3U2YlIP5+P0xTpyd7vrnC42fHUdP
oERiSpyfCnFXvNxcOYjrcbe5LYg21BbsH9ysjcyxuss09PqRlldXEyjznH1IGyWy
OTMG29Rkmj2WBfdC9zBMSByNM3FAZyEJuBIC4nUnVBwFE+QM53RTVGwrTwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFG4ccZhBQe0gIYA7CLA0RJaee+RqMB8GA1UdIwQY
MBaAFNd3luFrVl1yc2aYbMnKnKY9Gk5YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNlVzRXdFdYWEp6WnBoc3ljcWNwajBhVGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81NDI5ZDgtZjQxMS00NjkyLWIwYTct
MTU1ZmQwYjQzZjlmLzEvYmh4eG1FRkI3U0FoZ0RzSXNEUkVscDU3NUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81NDI5ZDgtZjQxMS00NjkyLWIwYTctMTU1ZmQwYjQzZjlm
LzEvMTNlVzRXdFdYWEp6WnBoc3ljcWNwajBhVGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDJRpoAwQC
W8zQMAwDBAVb7qADBAFb7qQDBAK5SQgDBAHBIboDBADBaT0DBAPVBbAwDQQCAAIw
BwMFAyoAyYAwDQYJKoZIhvcNAQELBQADggEBAB/Ll5fxIRL/Vb3sJRE7Scut6wed
o35/ldyGKQHYgjWUps3W4kggo0fmM7sr6PU812kPqmHF+QXRbxOchNXTk+SpIfVG
exqXN+y2tDxxrF6OBRE3R3j7MoHCbCuCQlhHJQaDyRfBge3FwN/zpvUp49v0yKWj
yvrP2S74zjl7xZgFfyP9Focg2xEOdTWVaLoWo305gWTvqRFFXFd2V9gp+W+Bj/Pf
zd55X2scw8vyJJ3Onkb2uyYOooP1nTZMk9L9Bb+Ty3nABnSCygFt0PhH7eD/BrUM
TK80/ZMmjVVmOYqKH29RFWd9CCJiixo4ySRRNJtNe6z5P5xHoUbxUIxb/HU=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:09 2024 by rpki-client on console-fra.rpki-client.org