Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-WBlUbDJ1YRSfQ0Meu3V2NWwmd4.roa
File: 1-WBlUbDJ1YRSfQ0Meu3V2NWwmd4.roa (raw, json)
Hash identifier: CHkmzQWqWE+jFnWLBZ41y1wF4EBPJiYu5W/Umbucb9I=
Subject key identifier: F9:60:65:51:B0:C9:D5:84:52:7D:0D:0C:7A:ED:D5:D8:D5:B0:99:DE
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 018CC64AEAE364BFD5E6F585D12523BFF8A9
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-WBlUbDJ1YRSfQ0Meu3V2NWwmd4.roa
Signing time: Mon 01 Jan 2024 18:30:47 +0000
ROA not before: Mon 01 Jan 2024 18:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15874
IP address blocks: 37.130.0.0/18 maxlen: 24
185.237.56.0/22 maxlen: 24
46.174.232.0/21 maxlen: 24
2a0c:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ea:e3:64:bf:d5:e6:f5:85:d1:25:23:bf:f8:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Jan 1 18:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9606551b0c9d584527d0d0c7aedd5d8d5b099de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:59:2b:3c:1e:a3:c1:e7:f6:da:a1:6c:45:a9:
50:95:53:92:2a:fb:5d:cc:c2:91:2b:ea:b3:3b:26:
45:ae:73:24:14:ce:24:cd:84:4d:f8:a2:a4:36:74:
00:b3:1d:dc:b2:21:5d:53:4b:05:fb:5b:fa:fe:b8:
03:98:54:4a:98:cd:fc:c2:80:50:25:43:25:35:da:
bd:dd:13:60:01:6a:d1:00:0d:d7:20:a8:fa:f6:81:
7f:36:31:3e:2f:72:bc:43:e5:58:cb:e7:ca:ea:c7:
e8:13:95:db:67:58:1a:9e:f7:33:be:bc:f0:be:9b:
6d:93:74:89:af:36:d8:f7:58:67:62:5f:54:6b:98:
f9:be:07:ff:58:52:0b:9d:6c:94:77:76:27:38:d3:
1c:c5:da:8b:f2:ae:4d:37:2e:1e:0d:e9:e0:e4:3f:
b6:8d:de:c4:d9:30:b1:f9:ed:b9:5d:02:11:a5:40:
7b:76:b7:e2:05:7b:28:67:64:e7:4e:bc:59:5d:1d:
88:52:83:72:0b:97:71:2e:b2:bb:d5:2a:bd:d1:05:
42:e4:d0:f6:eb:8f:ea:35:ae:71:94:57:73:ac:76:
17:21:c0:8b:c3:09:26:76:a1:3f:cd:37:55:f7:75:
32:42:98:22:60:22:9e:df:ee:c5:27:d7:71:5b:4e:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:60:65:51:B0:C9:D5:84:52:7D:0D:0C:7A:ED:D5:D8:D5:B0:99:DE
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-WBlUbDJ1YRSfQ0Meu3V2NWwmd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.0.0/18
46.174.232.0/21
185.237.56.0/22
IPv6:
2a0c:1680::/29
Signature Algorithm: sha256WithRSAEncryption
95:30:5a:5e:27:be:c8:a9:17:b6:6a:b5:60:68:3a:d4:c7:f8:
aa:67:a5:22:f0:e9:6e:78:9e:16:dd:59:bb:7e:36:14:90:9a:
c9:6d:2b:a5:ea:d0:cc:ef:fc:53:bc:43:32:30:dd:e5:c6:74:
7b:34:29:e9:fa:3d:0a:11:15:d8:3f:2d:8a:49:29:fd:56:a4:
4d:f3:8e:cf:4c:cb:37:7a:41:b7:2e:d3:5f:62:b5:6a:6d:de:
89:6f:78:f9:4a:80:8a:37:3a:d8:2c:31:a6:2a:37:f5:16:14:
60:9f:a2:14:fd:fc:55:e4:45:6d:8c:26:e4:7c:dd:48:1a:b0:
c7:ae:d4:0d:25:f5:83:43:4d:52:5f:80:d8:e2:2b:cb:b5:08:
58:77:0e:e7:e2:d1:8a:d0:05:a0:90:49:fb:97:4d:49:62:e3:
a2:17:91:d2:09:dd:ce:d2:17:8d:4f:19:d6:52:9b:ed:32:f8:
62:7d:1f:68:40:6a:d5:34:0a:c7:83:c9:04:cd:84:69:b7:b1:
00:8d:a1:aa:a5:32:1f:f7:78:14:dc:b9:4f:3f:69:04:2d:68:
1f:f4:98:68:80:d3:f6:94:b7:32:5e:0a:60:33:fb:9b:27:ba:
de:b1:b7:4c:6c:27:89:79:ca:98:18:16:04:57:01:47:61:ef:
7b:7e:85:7c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSurjZL/V5vWF0SUjv/ipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYwNjU1MWIwYzlkNTg0NTI3ZDBkMGM3YWVkZDVkOGQ1YjA5OWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilkrPB6jwef22qFsRalQlVOSKvtd
zMKRK+qzOyZFrnMkFM4kzYRN+KKkNnQAsx3csiFdU0sF+1v6/rgDmFRKmM38woBQ
JUMlNdq93RNgAWrRAA3XIKj69oF/NjE+L3K8Q+VYy+fK6sfoE5XbZ1ganvczvrzw
vpttk3SJrzbY91hnYl9Ua5j5vgf/WFILnWyUd3YnONMcxdqL8q5NNy4eDeng5D+2
jd7E2TCx+e25XQIRpUB7drfiBXsoZ2TnTrxZXR2IUoNyC5dxLrK71Sq90QVC5ND2
64/qNa5xlFdzrHYXIcCLwwkmdqE/zTdV93UyQpgiYCKe3+7FJ9dxW07MWwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPlgZVGwydWEUn0NDHrt1djVsJneMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvMS1XQmxVYkRKMVlSU2ZRME1ldTNWMk5Xd21kNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTUvYTJkZjQ0LTM4YjItNGQxMi04MzQ3LTc4ZTk5Nzg2OTk1
Mi8xL2tMaWhWR2JEX3g2UlhYZ0tFTEM2cWExcFNHQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBiWCAAME
Ay6u6AMEArntODANBAIAAjAHAwUDKgwWgDANBgkqhkiG9w0BAQsFAAOCAQEAlTBa
Xie+yKkXtmq1YGg61Mf4qmelIvDpbnieFt1Zu342FJCayW0rperQzO/8U7xDMjDd
5cZ0ezQp6fo9ChEV2D8tikkp/VakTfOOz0zLN3pBty7TX2K1am3eiW94+UqAijc6
2Cwxpio39RYUYJ+iFP38VeRFbYwm5HzdSBqwx67UDSX1g0NNUl+A2OIry7UIWHcO
5+LRitAFoJBJ+5dNSWLjoheR0gndztIXjU8Z1lKb7TL4Yn0faEBq1TQKx4PJBM2E
abexAI2hqqUyH/d4FNy5Tz9pBC1oH/SYaIDT9pS3Ml4KYDP7mye63rG3TGwniXnK
mBgWBFcBR2Hve36FfA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:46:19 2024 by rpki-client on console-ams.rpki-client.org