Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/JdhNdcUoSwyHHmz-WPthDGPUHgg.roa
File: JdhNdcUoSwyHHmz-WPthDGPUHgg.roa (raw, json)
Hash identifier: 7jIzQ6PwUEAf92gjC/oMaJ0qlL5dZ1BktOevs62N2XE=
Subject key identifier: 25:D8:4D:75:C5:28:4B:0C:87:1E:6C:FE:58:FB:61:0C:63:D4:1E:08
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018CC5DBEE719B00D18B00F13F893EF8A5D3
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/JdhNdcUoSwyHHmz-WPthDGPUHgg.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 37.0.15.0/24 maxlen: 24
37.0.14.0/24 maxlen: 24
85.202.168.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ee:71:9b:00:d1:8b:00:f1:3f:89:3e:f8:a5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25d84d75c5284b0c871e6cfe58fb610c63d41e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:33:5d:00:e0:03:c2:3b:79:9a:32:62:23:
93:ef:aa:7e:f0:89:66:2f:37:cd:46:e9:d2:ae:8a:
98:c3:e4:42:4b:ce:02:db:36:6b:0d:5c:af:bc:e3:
3a:e5:74:a2:b1:df:ab:41:57:57:4a:e0:5f:46:91:
a2:23:ac:0e:e5:56:45:07:30:5e:13:05:8a:7e:08:
e4:58:5e:07:f7:41:0b:73:b4:6d:b7:90:74:89:59:
f5:b9:b3:e2:e1:9f:e4:ac:a3:07:79:cc:22:54:7e:
f5:91:12:47:94:1e:15:d7:41:4d:25:a8:16:58:1a:
90:6e:3c:32:fe:a8:c3:cd:fd:fc:fa:7a:80:65:86:
b1:a4:99:44:d1:4d:08:17:d6:b8:c5:d6:0a:ea:fd:
3a:92:16:09:9a:c6:ee:e0:fd:f4:90:b8:c9:ea:86:
f3:20:4d:b5:0b:62:e3:8f:8b:bb:40:61:f7:6d:90:
03:12:eb:3b:50:19:c2:ac:94:86:51:8b:36:97:ab:
da:15:7c:6d:88:d6:8c:de:c5:d7:2c:84:8d:97:d8:
32:4e:69:5e:7b:af:b8:b6:32:e5:e6:0e:67:5c:a4:
62:74:a4:bc:17:0e:a8:b4:14:75:3c:97:e9:84:f3:
ca:20:75:93:f8:2e:b2:57:ef:6a:ac:7a:e9:e2:56:
b7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D8:4D:75:C5:28:4B:0C:87:1E:6C:FE:58:FB:61:0C:63:D4:1E:08
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/JdhNdcUoSwyHHmz-WPthDGPUHgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.14.0/23
85.202.168.0/23
Signature Algorithm: sha256WithRSAEncryption
98:ca:21:35:6a:69:86:21:49:6c:61:99:e5:6b:85:44:d9:ec:
ff:62:a3:c2:52:41:fe:68:11:4a:6f:da:eb:01:56:83:65:03:
0e:e2:81:b9:3c:53:09:68:56:17:a1:7c:8a:ac:3f:6b:fb:94:
b3:ed:9a:96:b1:43:e8:c1:2b:78:9c:89:ff:36:ed:d1:1a:bc:
73:26:79:26:e6:65:23:85:44:1b:f6:2d:a6:2c:6c:04:1f:0d:
f2:99:65:89:2d:90:e2:76:66:c7:d8:76:d6:54:11:64:8e:cb:
80:b0:84:c4:63:62:0e:05:4d:3c:a8:5a:5f:1e:ab:bc:0a:52:
0e:51:ee:66:b7:9d:51:42:71:bb:ed:78:7c:23:f5:75:79:0b:
f1:d5:cf:20:18:87:67:6e:85:4a:d2:74:22:37:b3:11:3b:01:
c0:42:88:7f:84:70:5a:93:6d:c2:f1:9b:fa:e0:b9:5e:13:65:
26:dd:c2:1d:4d:5c:57:49:ea:68:4f:1b:cf:60:6d:e9:30:8b:
2a:6e:5f:0c:e7:3a:e0:27:d8:12:cb:b7:d0:94:c3:4b:0e:91:
10:02:c4:1e:77:bc:c1:63:47:f2:87:a2:92:de:a4:66:6f:34:
37:12:5a:81:01:7b:a1:e0:90:6f:45:d1:84:e6:57:69:c3:a0:
53:9b:dd:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+5xmwDRiwDxP4k++KXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ4NGQ3NWM1Mjg0YjBjODcxZTZjZmU1OGZiNjEwYzYzZDQxZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlUzXQDgA8I7eZoyYiOT76p+8Ilm
LzfNRunSroqYw+RCS84C2zZrDVyvvOM65XSisd+rQVdXSuBfRpGiI6wO5VZFBzBe
EwWKfgjkWF4H90ELc7Rtt5B0iVn1ubPi4Z/krKMHecwiVH71kRJHlB4V10FNJagW
WBqQbjwy/qjDzf38+nqAZYaxpJlE0U0IF9a4xdYK6v06khYJmsbu4P30kLjJ6obz
IE21C2Ljj4u7QGH3bZADEus7UBnCrJSGUYs2l6vaFXxtiNaM3sXXLISNl9gyTmle
e6+4tjLl5g5nXKRidKS8Fw6otBR1PJfphPPKIHWT+C6yV+9qrHrp4la3mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCXYTXXFKEsMhx5s/lj7YQxj1B4IMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvSmRoTmRjVW9Td3lISG16LVdQdGhER1BVSGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJQAOAwQB
VcqoMA0GCSqGSIb3DQEBCwUAA4IBAQCYyiE1ammGIUlsYZnla4VE2ez/YqPCUkH+
aBFKb9rrAVaDZQMO4oG5PFMJaFYXoXyKrD9r+5Sz7ZqWsUPowSt4nIn/Nu3RGrxz
Jnkm5mUjhUQb9i2mLGwEHw3ymWWJLZDidmbH2HbWVBFkjsuAsITEY2IOBU08qFpf
Hqu8ClIOUe5mt51RQnG77Xh8I/V1eQvx1c8gGIdnboVK0nQiN7MROwHAQoh/hHBa
k23C8Zv64LleE2Um3cIdTVxXSepoTxvPYG3pMIsqbl8M5zrgJ9gSy7fQlMNLDpEQ
AsQed7zBY0fyh6KS3qRmbzQ3ElqBAXuh4JBvRdGE5ldpw6BTm933
-----END CERTIFICATE-----
Generated at Thu May 2 12:58:01 2024 by rpki-client on console-ams.rpki-client.org