Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gLi7trmU_I4FQRHfEyerV8Du2A4.roa
File: gLi7trmU_I4FQRHfEyerV8Du2A4.roa (raw, json)
Hash identifier: Fdb5+gnS91/ShIpzlMTLenJBLQk/2SELOLzh5+zZk0I=
Subject key identifier: 80:B8:BB:B6:B9:94:FC:8E:05:41:11:DF:13:27:AB:57:C0:EE:D8:0E
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 0191700467D9D0FABDB82EFE274888794AB8
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gLi7trmU_I4FQRHfEyerV8Du2A4.roa
Signing time: Tue 20 Aug 2024 13:40:22 +0000
ROA not before: Tue 20 Aug 2024 13:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.0.9.0/24 maxlen: 24
37.0.13.0/24 maxlen: 24
37.0.14.0/24 maxlen: 24
37.0.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:04:67:d9:d0:fa:bd:b8:2e:fe:27:48:88:79:4a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Aug 20 13:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80b8bbb6b994fc8e054111df1327ab57c0eed80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:29:7e:95:ed:c3:23:e5:53:fa:8c:16:13:a8:
ca:ce:da:fb:19:92:cc:8f:73:79:e0:30:6b:17:bb:
89:b4:37:88:ca:05:1c:d1:92:88:b0:29:e2:23:1c:
6d:5f:82:7a:f8:b6:e7:fa:59:7a:3c:7c:92:84:cb:
a9:68:a4:c7:22:a3:cf:0f:e6:a3:dd:9b:9c:ec:28:
81:18:17:d3:04:68:e6:e6:be:58:9c:b3:fb:24:60:
43:4a:e0:6b:2f:0b:77:ec:14:30:e0:d7:2a:1f:f5:
25:ea:75:20:5c:79:6d:d2:85:72:f6:79:90:47:af:
f5:5a:25:6a:d7:1b:4c:43:a7:fd:2b:b9:09:a7:8c:
3f:43:54:0a:98:34:13:2d:68:d1:cc:33:f4:05:ef:
b6:26:eb:11:82:c6:40:cc:f0:14:0c:c7:57:8b:06:
5c:61:76:8d:8c:46:54:8c:93:14:3d:43:11:4a:f2:
37:c3:d9:4f:50:da:49:4e:d1:b3:a6:d8:53:23:93:
75:ca:07:aa:0d:aa:4d:bf:0a:20:ee:ea:10:93:23:
5c:0d:bf:b9:4f:96:88:9d:50:cb:38:fd:17:c7:6b:
7c:c8:0c:f7:d2:d9:0d:94:02:d2:28:03:53:6d:5a:
c9:6f:45:5a:16:87:c5:b7:6b:24:f0:22:4d:ad:d1:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B8:BB:B6:B9:94:FC:8E:05:41:11:DF:13:27:AB:57:C0:EE:D8:0E
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/gLi7trmU_I4FQRHfEyerV8Du2A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.9.0/24
37.0.13.0-37.0.15.255
Signature Algorithm: sha256WithRSAEncryption
97:47:47:38:b0:37:42:9c:ce:b2:04:36:19:0d:7f:36:a2:9d:
8f:e7:82:52:7b:bc:c8:55:a0:35:21:0e:0f:25:99:9d:46:4f:
00:02:df:67:f0:4a:16:02:06:69:1c:e4:8e:78:62:db:dc:fb:
33:8f:a1:93:b0:6d:4b:d4:37:95:65:15:81:03:2a:c7:bb:e3:
8a:99:5d:25:97:35:80:d5:3c:2f:f2:1a:fd:cc:d2:aa:f5:bc:
c3:08:3b:c3:fb:e0:c5:e9:68:66:da:70:92:37:07:4b:84:ad:
50:db:8b:4a:ad:91:99:ed:74:53:35:2f:7e:ed:2d:e1:89:07:
ca:85:03:96:51:d6:df:19:47:38:45:b6:2f:f7:1e:72:d5:0b:
6d:d6:d1:a9:3b:a7:3d:4f:2a:8e:a3:5f:af:2f:39:87:45:ca:
fe:af:36:50:e8:3c:b8:f5:cd:eb:94:5a:27:5f:68:50:65:cb:
a4:7d:f7:58:ef:11:65:10:66:54:43:a8:a0:0c:76:e5:84:a5:
01:0a:f3:a0:3c:ef:d8:8f:a6:8a:fa:05:7f:01:45:a3:44:e8:
a9:fc:42:cb:35:96:a9:9d:1f:f0:0c:45:d8:b7:ca:76:11:f2:
c5:68:b9:5c:1e:7f:1f:73:6d:2f:99:43:ce:5c:95:b7:bf:09:
2f:84:74:00
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZFwBGfZ0Pq9uC7+J0iIeUq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwODIwMTM0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI4YmJiNmI5OTRmYzhlMDU0MTExZGYxMzI3YWI1N2MwZWVkODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCl+le3DI+VT+owWE6jKztr7GZLM
j3N54DBrF7uJtDeIygUc0ZKIsCniIxxtX4J6+Lbn+ll6PHyShMupaKTHIqPPD+aj
3Zuc7CiBGBfTBGjm5r5YnLP7JGBDSuBrLwt37BQw4NcqH/Ul6nUgXHlt0oVy9nmQ
R6/1WiVq1xtMQ6f9K7kJp4w/Q1QKmDQTLWjRzDP0Be+2JusRgsZAzPAUDMdXiwZc
YXaNjEZUjJMUPUMRSvI3w9lPUNpJTtGzpthTI5N1ygeqDapNvwog7uoQkyNcDb+5
T5aInVDLOP0Xx2t8yAz30tkNlALSKANTbVrJb0VaFofFt2sk8CJNrdHUmwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIC4u7a5lPyOBUER3xMnq1fA7tgOMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvZ0xpN3RybVVfSTRGUVJIZkV5ZXJWOER1MkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJQAJMAwD
BAAlAA0DBAQlAAAwDQYJKoZIhvcNAQELBQADggEBAJdHRziwN0KczrIENhkNfzai
nY/nglJ7vMhVoDUhDg8lmZ1GTwAC32fwShYCBmkc5I54Ytvc+zOPoZOwbUvUN5Vl
FYEDKse744qZXSWXNYDVPC/yGv3M0qr1vMMIO8P74MXpaGbacJI3B0uErVDbi0qt
kZntdFM1L37tLeGJB8qFA5ZR1t8ZRzhFti/3HnLVC23W0ak7pz1PKo6jX68vOYdF
yv6vNlDoPLj1zeuUWidfaFBly6R991jvEWUQZlRDqKAMduWEpQEK86A879iPpor6
BX8BRaNE6Kn8Qss1lqmdH/AMRdi3ynYR8sVouVwefx9zbS+ZQ85clbe/CS+EdAA=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:06:40 2024 by rpki-client on console-ams.rpki-client.org