Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/te6O0wHo1GIJyWFDSa7RrVDyAwA.roa
File: te6O0wHo1GIJyWFDSa7RrVDyAwA.roa (raw, json)
Hash identifier: Vek+21MYvONvvYXAxrtt2E4tr0UpKx3dA+t6aUXdaIo=
Subject key identifier: B5:EE:8E:D3:01:E8:D4:62:09:C9:61:43:49:AE:D1:AD:50:F2:03:00
Certificate issuer: /CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Certificate serial: 01929A6B01A72F890B68C03D32B4CC338991
Authority key identifier: 37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/te6O0wHo1GIJyWFDSa7RrVDyAwA.roa
Signing time: Thu 17 Oct 2024 12:19:16 +0000
ROA not before: Thu 17 Oct 2024 12:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202373
IP address blocks: 84.38.76.0/23 maxlen: 23
194.55.96.0/22 maxlen: 22
194.55.97.0/24 maxlen: 24
194.55.98.0/24 maxlen: 24
2a0c:cac0::/29 maxlen: 29
2a0c:cac1::/32 maxlen: 32
2a0c:cac2::/32 maxlen: 32
2a0c:cac6:1000::/36 maxlen: 36
2a0c:cac6:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/N8SLeJzH_-e-CURGQ_24a9tXP30.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/N8SLeJzH_-e-CURGQ_24a9tXP30.mft
rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:6b:01:a7:2f:89:0b:68:c0:3d:32:b4:cc:33:89:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37c48b789cc7ffe7be09444643fdb86bdb573f7d
Validity
Not Before: Oct 17 12:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5ee8ed301e8d46209c9614349aed1ad50f20300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:70:cf:b4:1a:05:b7:8e:c4:7a:f8:36:05:a7:
6e:76:74:9d:3a:3e:18:89:97:f4:5d:3f:98:a5:92:
ec:b1:59:e5:b0:69:65:97:dc:65:c2:dd:df:ec:08:
93:ee:d4:ff:6f:f4:80:01:e8:ab:69:86:78:cb:c7:
9e:4c:e2:df:40:50:b4:96:03:2b:81:40:f2:70:dd:
49:81:82:d1:f0:c1:b3:5b:bc:4f:33:c3:77:16:15:
56:78:4c:66:9e:64:04:44:fc:82:59:2f:86:4d:ff:
37:22:94:19:dc:7a:8b:51:7e:1d:69:69:5d:e6:8d:
9a:a7:51:f1:d5:51:d6:ee:e9:3c:1b:22:84:c8:0b:
88:61:68:08:f6:54:16:4a:47:f0:67:f7:1f:ed:d6:
8b:8a:4b:99:f7:6c:00:a4:b7:33:3d:39:4d:7d:42:
5d:5e:38:48:62:74:6c:79:fe:38:a4:e0:1b:96:88:
de:9a:eb:19:b1:78:f6:81:df:22:1d:20:a3:48:b7:
8f:b3:a7:4a:0b:6e:a5:f7:34:95:56:aa:db:9f:ff:
dd:9b:09:5b:3e:a3:30:ab:1f:82:19:28:5a:cf:c6:
0d:53:a5:98:94:14:f4:96:d1:dd:db:51:f1:eb:7b:
ef:a3:da:19:b9:0f:2d:71:4d:68:c0:ae:d3:35:be:
89:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EE:8E:D3:01:E8:D4:62:09:C9:61:43:49:AE:D1:AD:50:F2:03:00
X509v3 Authority Key Identifier:
keyid:37:C4:8B:78:9C:C7:FF:E7:BE:09:44:46:43:FD:B8:6B:DB:57:3F:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8SLeJzH_-e-CURGQ_24a9tXP30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/te6O0wHo1GIJyWFDSa7RrVDyAwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/1d575d-7b22-47c7-a17e-8a136cb0dd5c/1/N8SLeJzH_-e-CURGQ_24a9tXP30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.76.0/23
194.55.96.0/22
IPv6:
2a0c:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
26:7c:39:03:ac:80:f4:94:6b:06:ca:44:d8:86:3a:5a:b9:30:
57:06:a0:ce:81:02:6a:3b:b6:ee:12:58:99:96:c3:97:ef:3b:
b9:60:1a:5c:b7:ba:70:2e:32:c6:5e:7f:3f:f1:41:de:37:ba:
f4:31:db:81:60:11:66:71:a3:a5:91:57:a6:28:08:da:96:97:
e5:18:76:4b:93:9b:e1:97:2f:f5:76:a7:39:05:d3:54:de:32:
61:3e:95:81:c5:4e:dd:1c:d2:7a:9a:c3:65:37:ce:7e:3e:c6:
2e:81:f0:59:3f:20:b1:14:22:e4:a6:0c:60:16:d3:83:79:b4:
c2:ae:c2:8f:8f:2e:e7:c7:b1:73:35:fa:09:7d:7b:dd:ac:98:
19:32:0f:02:c9:64:d2:b2:ad:27:d9:52:62:72:ed:16:95:09:
e4:84:c4:1d:b0:0a:c7:72:c7:3f:1e:3d:10:a2:89:77:73:54:
d6:db:9f:28:c7:fe:55:c2:65:29:29:5d:be:81:3f:8d:28:e4:
91:c3:1e:1b:82:da:87:94:52:f7:95:b1:e2:a2:a6:0f:48:81:
94:cf:fc:cc:2d:e1:3f:04:60:4e:f9:11:f8:79:30:a2:29:54:
1e:65:02:8d:3f:c6:6a:dc:64:44:19:79:8d:80:a2:8d:3f:46:
ba:ce:ab:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKaawGnL4kLaMA9MrTMM4mRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YzQ4Yjc4OWNjN2ZmZTdiZTA5NDQ0NjQzZmRiODZiZGI1
NzNmN2QwHhcNMjQxMDE3MTIxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWVlOGVkMzAxZThkNDYyMDljOTYxNDM0OWFlZDFhZDUwZjIwMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3DPtBoFt47Eevg2BadudnSdOj4Y
iZf0XT+YpZLssVnlsGlll9xlwt3f7AiT7tT/b/SAAeiraYZ4y8eeTOLfQFC0lgMr
gUDycN1JgYLR8MGzW7xPM8N3FhVWeExmnmQERPyCWS+GTf83IpQZ3HqLUX4daWld
5o2ap1Hx1VHW7uk8GyKEyAuIYWgI9lQWSkfwZ/cf7daLikuZ92wApLczPTlNfUJd
XjhIYnRsef44pOAblojemusZsXj2gd8iHSCjSLePs6dKC26l9zSVVqrbn//dmwlb
PqMwqx+CGShaz8YNU6WYlBT0ltHd21Hx63vvo9oZuQ8tcU1owK7TNb6JswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLXujtMB6NRiCclhQ0mu0a1Q8gMAMB8GA1UdIwQY
MBaAFDfEi3icx//nvglERkP9uGvbVz99MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2Ut
OGExMzZjYjBkZDVjLzEvdGU2TzB3SG8xR0lKeVdGRFNhN1JyVkR5QXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xZDU3NWQtN2IyMi00N2M3LWExN2UtOGExMzZjYjBkZDVj
LzEvTjhTTGVKekhfLWUtQ1VSR1FfMjRhOXRYUDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBVCZMAwQC
wjdgMA0EAgACMAcDBQMqDMrAMA0GCSqGSIb3DQEBCwUAA4IBAQAmfDkDrID0lGsG
ykTYhjpauTBXBqDOgQJqO7buEliZlsOX7zu5YBpct7pwLjLGXn8/8UHeN7r0MduB
YBFmcaOlkVemKAjalpflGHZLk5vhly/1dqc5BdNU3jJhPpWBxU7dHNJ6msNlN85+
PsYugfBZPyCxFCLkpgxgFtODebTCrsKPjy7nx7FzNfoJfXvdrJgZMg8CyWTSsq0n
2VJicu0WlQnkhMQdsArHcsc/Hj0Qool3c1TW258ox/5VwmUpKV2+gT+NKOSRwx4b
gtqHlFL3lbHioqYPSIGUz/zMLeE/BGBO+RH4eTCiKVQeZQKNP8Zq3GREGXmNgKKN
P0a6zqvV
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:18 2024 by rpki-client on console-fra.rpki-client.org