Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/d6A8CkwUqu5eQDRWZPq4Vch-5Io.roa
File: d6A8CkwUqu5eQDRWZPq4Vch-5Io.roa (raw, json)
Hash identifier: p6aY4FcBl6kTsTHE3bTFxT5VKyuMkqBdvFDpiym/MPE=
Subject key identifier: 77:A0:3C:0A:4C:14:AA:EE:5E:40:34:56:64:FA:B8:55:C8:7E:E4:8A
Certificate issuer: /CN=c7208a8b85bcb807cad64138543263acb204448b
Certificate serial: 018DAC28F5AA5325DA8F0478D971243D5478
Authority key identifier: C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/d6A8CkwUqu5eQDRWZPq4Vch-5Io.roa
Signing time: Thu 15 Feb 2024 09:46:21 +0000
ROA not before: Thu 15 Feb 2024 09:46:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12479
IP address blocks: 37.11.0.0/16 maxlen: 24
37.14.0.0/15 maxlen: 24
37.35.128.0/17 maxlen: 24
37.97.124.0/22 maxlen: 24
37.132.0.0/14 maxlen: 24
62.14.0.0/15 maxlen: 24
87.216.0.0/13 maxlen: 24
95.16.0.0/13 maxlen: 24
146.158.128.0/17 maxlen: 24
185.4.188.0/22 maxlen: 24
188.76.0.0/14 maxlen: 24
212.9.64.0/19 maxlen: 24
212.106.192.0/18 maxlen: 24
213.179.96.0/19 maxlen: 24
2a02:2e00::/27 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.mft
rsync://rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:28:f5:aa:53:25:da:8f:04:78:d9:71:24:3d:54:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7208a8b85bcb807cad64138543263acb204448b
Validity
Not Before: Feb 15 09:46:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77a03c0a4c14aaee5e40345664fab855c87ee48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:48:66:16:40:c1:ec:4c:22:8b:7a:e7:68:
f0:2e:ad:ad:8e:24:02:43:29:da:1e:87:31:60:bf:
88:cd:d0:d3:19:ba:d4:ce:a8:fb:0b:dc:d6:07:2f:
cd:e1:41:87:55:7c:fe:39:49:f4:1c:d3:99:e8:92:
5d:9a:d1:ed:19:41:f4:65:fd:e0:40:bc:fc:7e:6e:
f5:cd:b9:48:89:a4:41:cf:2a:88:cc:a1:2f:a4:a8:
bf:be:f6:16:51:b5:46:9f:11:dd:bb:de:15:b6:b9:
f1:ba:9a:63:ac:4c:2e:39:3d:0f:f0:88:54:ba:09:
6b:18:5a:f2:38:e8:b9:cf:6a:7b:01:54:e6:8d:6f:
a5:dc:bc:88:96:01:38:a9:b6:04:3b:c6:31:29:40:
2d:ac:46:c1:1b:b1:0d:95:19:f1:c7:25:91:2d:45:
0c:2d:4d:9f:ae:01:0b:bc:6a:58:7f:53:58:71:92:
6d:da:57:5b:00:c8:cf:eb:e1:4c:65:08:e0:37:ff:
9b:d0:87:ea:55:26:09:49:f2:da:77:16:e3:8e:ff:
b9:de:41:25:69:a8:7c:ec:dc:c9:50:f8:3f:3d:d6:
5c:0d:ce:54:03:16:68:03:fe:99:37:22:3d:95:e4:
31:8e:dd:03:ee:dc:9d:1d:59:8f:71:3c:0a:77:7a:
a9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A0:3C:0A:4C:14:AA:EE:5E:40:34:56:64:FA:B8:55:C8:7E:E4:8A
X509v3 Authority Key Identifier:
keyid:C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/d6A8CkwUqu5eQDRWZPq4Vch-5Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.11.0.0/16
37.14.0.0/15
37.35.128.0/17
37.97.124.0/22
37.132.0.0/14
62.14.0.0/15
87.216.0.0/13
95.16.0.0/13
146.158.128.0/17
185.4.188.0/22
188.76.0.0/14
212.9.64.0/19
212.106.192.0/18
213.179.96.0/19
IPv6:
2a02:2e00::/27
Signature Algorithm: sha256WithRSAEncryption
05:df:11:69:55:50:96:1d:34:a8:56:88:9f:55:4e:ef:6a:cb:
92:ce:f2:96:c3:c5:61:16:c0:99:62:07:53:2b:99:99:35:74:
e5:2f:01:c3:ed:c5:34:48:bf:81:ac:b7:8d:3f:1f:f6:42:3d:
ef:93:7a:0b:63:d9:9c:29:c6:2e:56:37:8a:66:ed:29:2b:e3:
13:01:be:41:92:f0:f0:83:fa:fc:5c:48:61:48:e6:c7:29:88:
73:6c:de:40:99:65:5c:19:a0:5d:60:1d:4a:d6:12:d7:3d:1b:
e8:b8:e0:7b:69:10:79:1b:cf:64:c2:61:96:48:ca:40:e8:9e:
e0:62:32:d1:e5:4c:2d:6b:87:f0:9c:00:12:fd:e1:5d:fe:d7:
96:df:4a:c9:38:98:66:2e:6b:5b:e8:6b:fc:a7:fe:7c:0a:65:
c9:ca:38:61:df:b0:34:c1:79:8b:48:45:5f:c7:96:b4:a7:6b:
7c:5f:21:da:cc:88:91:13:26:1d:8d:59:af:03:49:96:9c:0e:
4f:3d:b4:4e:1b:4c:e8:56:09:a7:68:ee:57:12:75:d6:b0:cd:
32:b9:16:d7:ef:85:a8:fe:f5:49:74:52:3e:a6:60:76:01:f2:
f5:cf:a0:64:68:d2:e4:58:79:d3:f8:f1:e7:ca:25:36:92:7e:
6c:10:26:9e
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY2sKPWqUyXajwR42XEkPVR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MjA4YThiODViY2I4MDdjYWQ2NDEzODU0MzI2M2FjYjIw
NDQ0OGIwHhcNMjQwMjE1MDk0NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2EwM2MwYTRjMTRhYWVlNWU0MDM0NTY2NGZhYjg1NWM4N2VlNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjVIZhZAwexMIot652jwLq2tjiQC
QynaHocxYL+IzdDTGbrUzqj7C9zWBy/N4UGHVXz+OUn0HNOZ6JJdmtHtGUH0Zf3g
QLz8fm71zblIiaRBzyqIzKEvpKi/vvYWUbVGnxHdu94VtrnxuppjrEwuOT0P8IhU
uglrGFryOOi5z2p7AVTmjW+l3LyIlgE4qbYEO8YxKUAtrEbBG7ENlRnxxyWRLUUM
LU2frgELvGpYf1NYcZJt2ldbAMjP6+FMZQjgN/+b0IfqVSYJSfLadxbjjv+53kEl
aah87NzJUPg/PdZcDc5UAxZoA/6ZNyI9leQxjt0D7tydHVmPcTwKd3qpcQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFHegPApMFKruXkA0VmT6uFXIfuSKMB8GA1UdIwQY
MBaAFMcgiouFvLgHytZBOFQyY6yyBESLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlDS2k0Vzh1QWZLMWtFNFZESmpyTElFUklzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNzlhM2EtZTdhMC00MDY1LWI2ZDgt
MGY2YzQxMmNmM2RmLzEvZDZBOENrd1VxdTVlUURSV1pQcTRWY2gtNUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNzlhM2EtZTdhMC00MDY1LWI2ZDgtMGY2YzQxMmNmM2Rm
LzEveHlDS2k0Vzh1QWZLMWtFNFZESmpyTElFUklzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBTBAIAATBNAwMAJQsDAwEl
DgMEByUjgAMEAiVhfAMDAiWEAwMBPg4DAwNX2AMDA18QAwQHkp6AAwQCuQS8AwMC
vEwDBAXUCUADBAbUasADBAXVs2AwDQQCAAIwBwMFBSoCLgAwDQYJKoZIhvcNAQEL
BQADggEBAAXfEWlVUJYdNKhWiJ9VTu9qy5LO8pbDxWEWwJliB1MrmZk1dOUvAcPt
xTRIv4Gst40/H/ZCPe+Tegtj2Zwpxi5WN4pm7Skr4xMBvkGS8PCD+vxcSGFI5scp
iHNs3kCZZVwZoF1gHUrWEtc9G+i44HtpEHkbz2TCYZZIykDonuBiMtHlTC1rh/Cc
ABL94V3+15bfSsk4mGYua1voa/yn/nwKZcnKOGHfsDTBeYtIRV/HlrSna3xfIdrM
iJETJh2NWa8DSZacDk89tE4bTOhWCado7lcSddawzTK5Ftfvhaj+9Ul0Uj6mYHYB
8vXPoGRo0uRYedP48efKJTaSfmwQJp4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:10:31 2024 by rpki-client on console-ams.rpki-client.org