Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa
File: tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa (raw, json)
Hash identifier: VNLTNuL2jkv/awqdFeATLIY5BBdYPdMUrtHU1Dsfdu0=
Subject key identifier: B7:1E:EA:BE:3B:13:9C:B4:78:61:22:E0:97:60:AB:62:91:6D:3F:47
Certificate issuer: /CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Certificate serial: 0191E51203E9D1683EB5ADA87A3F21B5539F
Authority key identifier: 8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa
Signing time: Thu 12 Sep 2024 07:10:48 +0000
ROA not before: Thu 12 Sep 2024 07:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60522
IP address blocks: 37.131.179.0/24 maxlen: 24
37.131.180.0/22 maxlen: 24
185.212.52.0/22 maxlen: 24
2a0b:72c0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:12:03:e9:d1:68:3e:b5:ad:a8:7a:3f:21:b5:53:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Validity
Not Before: Sep 12 07:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b71eeabe3b139cb4786122e09760ab62916d3f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:40:c6:1d:ae:26:46:7b:ec:73:91:45:19:
30:40:37:b9:42:32:05:51:1e:2c:09:80:73:d6:8a:
ec:d7:9f:5b:59:d7:a1:41:55:eb:55:21:95:64:de:
1e:2a:c8:c7:59:95:64:4f:cd:4e:b0:c5:9e:06:d2:
f8:95:d5:21:e4:a1:fb:61:aa:10:a5:98:7c:7f:07:
8e:1f:98:c8:60:f6:4e:6e:62:f4:c5:c9:f4:49:b5:
57:f3:4f:aa:9e:f9:48:e1:fd:42:bd:13:d2:34:91:
4f:60:1e:6d:e5:6a:f2:8a:76:9e:13:9e:50:07:b7:
f5:a5:20:85:2d:6c:48:e8:15:4c:4a:72:b3:d0:84:
a2:c7:83:e6:a6:56:14:67:a5:9d:56:3d:cc:5b:b4:
30:a1:15:c1:74:d6:56:80:31:a2:64:71:d8:71:36:
c8:fc:26:87:fb:3b:82:43:d1:c2:35:43:15:dc:f5:
33:7e:c8:21:ab:12:0b:04:f3:b0:9b:fd:fd:87:f9:
91:4e:6b:d2:54:e7:74:e5:b7:07:19:81:78:94:2b:
3c:8c:ac:34:d1:fb:ab:f8:c2:9b:24:bd:d1:d0:a4:
b9:67:ff:66:f8:53:dc:37:59:aa:53:30:0f:e0:64:
2a:bb:e3:91:f6:44:c3:ec:7c:1a:71:ee:99:d9:78:
b5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1E:EA:BE:3B:13:9C:B4:78:61:22:E0:97:60:AB:62:91:6D:3F:47
X509v3 Authority Key Identifier:
keyid:8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.179.0-37.131.183.255
185.212.52.0/22
IPv6:
2a0b:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:31:74:27:eb:be:dd:d8:13:7b:62:f8:27:e5:e0:9f:8b:2c:
49:3f:25:9e:c2:99:61:9e:6d:98:51:62:3f:64:98:d1:85:5b:
0e:03:6e:91:b3:1b:45:d0:3a:3a:0f:cf:fe:77:0e:9f:db:86:
e4:24:91:c4:e9:6f:b0:4f:1c:63:f3:30:cd:7a:13:ee:63:24:
81:8e:53:cf:1d:ee:21:95:c9:5a:d0:77:a5:f9:3d:95:9f:97:
13:e8:e0:03:52:2b:f8:5c:98:5a:59:02:20:7b:8f:0a:2c:2c:
38:b3:73:30:b8:65:52:ad:c7:74:2b:ab:93:7c:12:ef:75:7b:
8d:9d:e5:71:9c:65:2d:ed:0d:95:be:3a:7e:d0:7e:7c:66:a8:
f4:7f:e8:7f:69:e3:6b:7f:8f:40:2c:eb:c9:0c:6f:c2:19:54:
52:39:0f:46:ca:6a:9f:4c:1f:33:5c:dc:2d:9e:a1:c6:68:3d:
e7:a6:a5:da:dd:49:8d:63:c7:66:15:f5:ad:f6:88:41:60:df:
27:16:1b:a2:32:43:8a:05:ae:ce:e0:32:73:d9:c3:8c:51:a6:
1d:47:77:31:ef:04:9f:f1:52:ad:61:2f:73:b1:29:17:7d:27:
b7:91:5a:2a:6d:24:32:3d:f8:97:5d:ae:13:7c:b2:69:7a:ab:
ed:f8:ef:8e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHlEgPp0Wg+ta2oej8htVOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNzQxNWFlNjM0ZDYxMzE1OWNiZDJjZTc0YWMyNjFhN2Q1
YWM0ZDQwHhcNMjQwOTEyMDcxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFlZWFiZTNiMTM5Y2I0Nzg2MTIyZTA5NzYwYWI2MjkxNmQzZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc1Axh2uJkZ77HORRRkwQDe5QjIF
UR4sCYBz1ors159bWdehQVXrVSGVZN4eKsjHWZVkT81OsMWeBtL4ldUh5KH7YaoQ
pZh8fweOH5jIYPZObmL0xcn0SbVX80+qnvlI4f1CvRPSNJFPYB5t5WryinaeE55Q
B7f1pSCFLWxI6BVMSnKz0ISix4PmplYUZ6WdVj3MW7QwoRXBdNZWgDGiZHHYcTbI
/CaH+zuCQ9HCNUMV3PUzfsghqxILBPOwm/39h/mRTmvSVOd05bcHGYF4lCs8jKw0
0fur+MKbJL3R0KS5Z/9m+FPcN1mqUzAP4GQqu+OR9kTD7Hwace6Z2Xi1ZQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLce6r47E5y0eGEi4Jdgq2KRbT9HMB8GA1UdIwQY
MBaAFIp0Fa5jTWExWcvSznSsJhp9WsTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMt
ZWY3ZjU2ODQyNTQ2LzEvdHg3cXZqc1RuTFI0WVNMZ2wyQ3JZcEZ0UDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMtZWY3ZjU2ODQyNTQ2
LzEvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAAlg7MD
BAMlg7ADBAK51DQwDQQCAAIwBwMFACoLcsAwDQYJKoZIhvcNAQELBQADggEBAIMx
dCfrvt3YE3ti+Cfl4J+LLEk/JZ7CmWGebZhRYj9kmNGFWw4DbpGzG0XQOjoPz/53
Dp/bhuQkkcTpb7BPHGPzMM16E+5jJIGOU88d7iGVyVrQd6X5PZWflxPo4ANSK/hc
mFpZAiB7jwosLDizczC4ZVKtx3Qrq5N8Eu91e42d5XGcZS3tDZW+On7QfnxmqPR/
6H9p42t/j0As68kMb8IZVFI5D0bKap9MHzNc3C2eocZoPeempdrdSY1jx2YV9a32
iEFg3ycWG6IyQ4oFrs7gMnPZw4xRph1HdzHvBJ/xUq1hL3OxKRd9J7eRWiptJDI9
+JddrhN8sml6q+34744=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:20 2024 by rpki-client on console-ams.rpki-client.org