Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/173XCGuWwq5g4SYyuCKpmiLksE0.roa
File: 173XCGuWwq5g4SYyuCKpmiLksE0.roa (raw, json)
Hash identifier: eflSdKbu4fIOHMe2PRbyyDc4R9xfZEjM3Gp8gsNGHjU=
Subject key identifier: D7:BD:D7:08:6B:96:C2:AE:60:E1:26:32:B8:22:A9:9A:22:E4:B0:4D
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018EA59145F1E358D570F2D53186E3CB75F2
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/173XCGuWwq5g4SYyuCKpmiLksE0.roa
Signing time: Wed 03 Apr 2024 20:05:44 +0000
ROA not before: Wed 03 Apr 2024 20:05:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198484
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.144.0/24 maxlen: 24
37.26.145.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
141.226.132.0/24 maxlen: 24
2a03:c5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 06:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:91:45:f1:e3:58:d5:70:f2:d5:31:86:e3:cb:75:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Apr 3 20:05:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7bdd7086b96c2ae60e12632b822a99a22e4b04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:35:fd:4d:4a:7f:37:37:ae:d6:46:e2:05:38:
c8:31:bc:1c:e1:6c:79:58:29:5f:94:70:b1:ae:13:
ff:95:5f:39:5d:3b:60:d1:aa:ba:29:cf:98:7a:8a:
9a:b7:16:3d:94:35:39:06:53:69:7f:f6:10:3e:c7:
df:69:ff:ea:c2:3f:d1:45:7a:b9:a3:5c:c5:a7:6c:
01:6a:85:8a:0f:84:76:19:ae:63:82:56:5c:21:d0:
c6:42:a5:45:c3:25:63:f6:e7:df:8c:34:74:c8:0a:
1e:18:60:35:4a:cb:20:2b:c6:4f:2f:50:93:de:cf:
b2:74:95:bf:95:a1:a1:47:8c:ee:f3:ec:ee:3a:2f:
b2:d4:35:7f:5c:c4:28:a0:6f:85:4a:ef:0f:6a:c8:
14:66:da:e5:8b:af:96:fe:b7:e4:49:15:af:48:08:
8d:4e:a6:4d:e8:fd:3d:74:58:63:81:52:02:4f:9e:
3d:fb:d7:be:67:ae:a5:f6:55:8a:50:25:41:db:7a:
58:ba:37:07:6d:e0:eb:e0:62:25:88:d8:86:26:fd:
02:3f:e8:8f:7f:73:81:4a:83:8c:94:a4:c2:90:52:
9f:b7:3c:e1:cc:12:37:c0:58:9b:93:e3:75:dc:0a:
41:83:be:a4:68:fe:29:dc:91:62:01:19:04:79:65:
d9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BD:D7:08:6B:96:C2:AE:60:E1:26:32:B8:22:A9:9A:22:E4:B0:4D
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/173XCGuWwq5g4SYyuCKpmiLksE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
141.226.132.0/24
IPv6:
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:ca:16:96:ea:9f:73:77:b8:3b:80:03:4f:71:48:7d:44:65:
44:90:ca:76:51:29:b6:0c:e1:f2:bb:8c:07:3e:a2:b2:22:91:
de:09:bf:de:9e:0b:49:ea:b8:4c:92:40:30:c8:fa:c9:b9:f5:
4d:5a:16:78:40:7e:68:6f:30:5d:6c:3c:8a:ab:96:99:75:88:
9c:4e:8c:fa:c1:ef:13:15:1c:58:de:34:0f:23:12:55:57:34:
7e:17:40:70:55:24:08:11:2a:15:5a:25:6f:0e:5f:46:f4:83:
4e:71:45:0e:dc:cb:69:20:fa:1f:ff:29:ac:db:be:32:2d:f2:
8a:6d:7c:c4:ca:1d:f7:11:96:ae:1d:f3:2d:0c:d0:8a:5f:8e:
66:1f:89:07:56:30:09:a2:48:75:e1:25:e6:4e:86:c9:f9:00:
df:af:cc:65:c4:e0:4e:e8:3e:2b:80:16:5d:ca:37:7c:34:1e:
6e:47:fc:12:2d:68:56:1c:85:f5:d7:32:02:14:db:64:56:cc:
df:c5:ee:9a:d1:2a:76:7b:42:d1:c9:f1:1e:ad:69:5b:c7:42:
2e:70:c8:44:a9:b5:2f:2c:67:57:d3:7e:3f:62:fa:d0:8a:6f:
b5:c8:2d:f4:d4:1f:be:66:3d:56:48:60:ec:b6:de:02:a3:64:
96:19:4c:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6lkUXx41jVcPLVMYbjy3XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwNDAzMjAwNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JkZDcwODZiOTZjMmFlNjBlMTI2MzJiODIyYTk5YTIyZTRiMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDX9TUp/Nzeu1kbiBTjIMbwc4Wx5
WClflHCxrhP/lV85XTtg0aq6Kc+YeoqatxY9lDU5BlNpf/YQPsffaf/qwj/RRXq5
o1zFp2wBaoWKD4R2Ga5jglZcIdDGQqVFwyVj9uffjDR0yAoeGGA1SssgK8ZPL1CT
3s+ydJW/laGhR4zu8+zuOi+y1DV/XMQooG+FSu8PasgUZtrli6+W/rfkSRWvSAiN
TqZN6P09dFhjgVICT549+9e+Z66l9lWKUCVB23pYujcHbeDr4GIliNiGJv0CP+iP
f3OBSoOMlKTCkFKftzzhzBI3wFibk+N13ApBg76kaP4p3JFiARkEeWXZkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNe91whrlsKuYOEmMrgiqZoi5LBNMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvMTczWENHdVd3cTVnNFNZeXVDS3BtaUxrc0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRqQAwQA
jeKEMA0EAgACMAcDBQAqA8XAMA0GCSqGSIb3DQEBCwUAA4IBAQC6yhaW6p9zd7g7
gANPcUh9RGVEkMp2USm2DOHyu4wHPqKyIpHeCb/engtJ6rhMkkAwyPrJufVNWhZ4
QH5obzBdbDyKq5aZdYicToz6we8TFRxY3jQPIxJVVzR+F0BwVSQIESoVWiVvDl9G
9INOcUUO3MtpIPof/yms274yLfKKbXzEyh33EZauHfMtDNCKX45mH4kHVjAJokh1
4SXmTobJ+QDfr8xlxOBO6D4rgBZdyjd8NB5uR/wSLWhWHIX11zICFNtkVszfxe6a
0Sp2e0LRyfEerWlbx0IucMhEqbUvLGdX034/YvrQim+1yC301B++Zj1WSGDstt4C
o2SWGUxb
-----END CERTIFICATE-----
Generated at Tue May 28 12:52:51 2024 by rpki-client on console-ams.rpki-client.org