Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/xVnKaeyEFEJcT4-BLriAsFEi4Q0.roa
File: xVnKaeyEFEJcT4-BLriAsFEi4Q0.roa (raw, json)
Hash identifier: VrSWrE/FR8flv2kqEcHf0t/8W16QxawUVvHjAxxymLY=
Subject key identifier: C5:59:CA:69:EC:84:14:42:5C:4F:8F:81:2E:B8:80:B0:51:22:E1:0D
Certificate issuer: /CN=ebf58388c631c977ea51fcadb50cd20a7492f5e7
Certificate serial: 018CCA2A416C51B43B50BDA35D1196DCACA4
Authority key identifier: EB:F5:83:88:C6:31:C9:77:EA:51:FC:AD:B5:0C:D2:0A:74:92:F5:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_WDiMYxyXfqUfyttQzSCnSS9ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/xVnKaeyEFEJcT4-BLriAsFEi4Q0.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213270
IP address blocks: 37.200.86.0/24 maxlen: 24
2a02:f980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/6_WDiMYxyXfqUfyttQzSCnSS9ec.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/6_WDiMYxyXfqUfyttQzSCnSS9ec.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_WDiMYxyXfqUfyttQzSCnSS9ec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:41:6c:51:b4:3b:50:bd:a3:5d:11:96:dc:ac:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf58388c631c977ea51fcadb50cd20a7492f5e7
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c559ca69ec8414425c4f8f812eb880b05122e10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f7:4d:12:17:e1:1b:9a:9b:79:69:4a:56:9e:
aa:30:26:be:e0:ed:3b:de:6c:ef:1a:cd:16:6d:ef:
ad:4d:05:38:31:36:76:1a:87:eb:bf:70:a3:d8:c8:
5b:d7:ed:35:75:a0:eb:df:f3:4f:8a:0d:12:a4:76:
84:72:86:34:fd:c5:54:27:b3:56:21:4a:e8:a4:c2:
a4:0d:3f:c3:ec:9e:05:ec:be:8b:21:7a:c3:af:b4:
6e:b9:29:1a:ae:9a:75:94:7f:91:39:6a:e0:bf:3d:
cd:fe:74:22:29:f5:b9:3e:c1:6c:93:c5:13:21:73:
77:b3:2c:98:c5:40:35:d5:e5:61:c2:e5:2b:d3:31:
7a:64:37:82:19:94:90:50:da:c3:96:dd:e3:1f:77:
4b:66:82:8e:24:50:66:ac:57:36:ff:d7:14:97:9a:
64:cb:6d:0f:51:68:a1:3f:3a:8f:a2:0d:5e:1c:15:
71:49:0a:47:70:4d:9d:13:ab:47:ec:be:dd:94:b9:
be:0c:65:84:b7:a0:0c:2b:4f:8c:7a:c9:ed:e7:00:
3d:28:3d:3b:13:45:7c:35:37:ad:9d:f0:87:c2:9d:
9c:51:92:5a:be:20:19:06:9a:30:7d:ab:19:70:1b:
6b:a0:70:9b:1f:b5:b8:41:8e:1d:fa:51:fe:59:8f:
76:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:59:CA:69:EC:84:14:42:5C:4F:8F:81:2E:B8:80:B0:51:22:E1:0D
X509v3 Authority Key Identifier:
keyid:EB:F5:83:88:C6:31:C9:77:EA:51:FC:AD:B5:0C:D2:0A:74:92:F5:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_WDiMYxyXfqUfyttQzSCnSS9ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/xVnKaeyEFEJcT4-BLriAsFEi4Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/1c8bee-8df8-4102-a4ec-4f1ade1da20d/1/6_WDiMYxyXfqUfyttQzSCnSS9ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.86.0/24
IPv6:
2a02:f980::/32
Signature Algorithm: sha256WithRSAEncryption
95:cc:7d:6e:2a:ea:f9:1f:39:75:8e:d8:56:bd:9b:be:d9:85:
42:5a:e8:9e:5a:bf:61:bd:fc:65:8b:2c:77:01:09:95:af:0c:
00:73:af:b2:e5:f2:92:f1:36:c3:e8:a3:35:ee:fe:04:f6:41:
70:10:34:4b:a9:89:c6:39:3a:04:29:f3:2f:fe:8d:7f:78:f0:
bb:20:59:e9:cd:18:9c:52:5f:ba:9c:1e:53:2a:8e:2b:0f:00:
1a:97:a5:18:dd:69:32:21:7a:4f:99:35:db:ac:70:f5:aa:38:
ad:4c:89:2b:48:9e:d4:d7:00:b9:0a:41:0e:9e:1a:77:ac:64:
b5:22:c3:95:63:2f:60:e7:be:00:9f:9f:c2:31:1e:ee:7c:7d:
7e:5a:cb:fc:ab:bf:2d:fb:ee:31:fe:ed:20:b9:03:a5:d2:86:
4a:65:d9:0b:91:90:76:24:7b:e0:30:20:f0:fa:3d:10:2a:15:
ee:eb:c1:bf:c7:b6:3e:6c:82:dc:1d:78:41:21:ed:7b:12:6f:
5f:e6:52:b2:4a:05:50:0f:06:9e:aa:2d:79:53:26:bf:6d:05:
30:eb:c0:fd:19:90:10:b8:58:03:2d:12:88:d1:ec:cf:fa:88:
45:e0:c9:25:95:33:d8:7b:60:24:8a:f7:94:f9:32:5a:b5:6c:
fa:22:b1:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKkFsUbQ7UL2jXRGW3KykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjU4Mzg4YzYzMWM5NzdlYTUxZmNhZGI1MGNkMjBhNzQ5
MmY1ZTcwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTU5Y2E2OWVjODQxNDQyNWM0ZjhmODEyZWI4ODBiMDUxMjJlMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPdNEhfhG5qbeWlKVp6qMCa+4O07
3mzvGs0Wbe+tTQU4MTZ2Gofrv3Cj2Mhb1+01daDr3/NPig0SpHaEcoY0/cVUJ7NW
IUropMKkDT/D7J4F7L6LIXrDr7RuuSkarpp1lH+ROWrgvz3N/nQiKfW5PsFsk8UT
IXN3syyYxUA11eVhwuUr0zF6ZDeCGZSQUNrDlt3jH3dLZoKOJFBmrFc2/9cUl5pk
y20PUWihPzqPog1eHBVxSQpHcE2dE6tH7L7dlLm+DGWEt6AMK0+Mesnt5wA9KD07
E0V8NTetnfCHwp2cUZJaviAZBpowfasZcBtroHCbH7W4QY4d+lH+WY92PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVZymnshBRCXE+PgS64gLBRIuENMB8GA1UdIwQY
MBaAFOv1g4jGMcl36lH8rbUM0gp0kvXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9XRGlNWXh5WGZxVWZ5dHRRelNDblNTOWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xYzhiZWUtOGRmOC00MTAyLWE0ZWMt
NGYxYWRlMWRhMjBkLzEveFZuS2FleUVGRUpjVDQtQkxyaUFzRkVpNFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xYzhiZWUtOGRmOC00MTAyLWE0ZWMtNGYxYWRlMWRhMjBk
LzEvNl9XRGlNWXh5WGZxVWZ5dHRRelNDblNTOWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJchWMA0E
AgACMAcDBQAqAvmAMA0GCSqGSIb3DQEBCwUAA4IBAQCVzH1uKur5Hzl1jthWvZu+
2YVCWuieWr9hvfxliyx3AQmVrwwAc6+y5fKS8TbD6KM17v4E9kFwEDRLqYnGOToE
KfMv/o1/ePC7IFnpzRicUl+6nB5TKo4rDwAal6UY3WkyIXpPmTXbrHD1qjitTIkr
SJ7U1wC5CkEOnhp3rGS1IsOVYy9g574An5/CMR7ufH1+Wsv8q78t++4x/u0guQOl
0oZKZdkLkZB2JHvgMCDw+j0QKhXu68G/x7Y+bILcHXhBIe17Em9f5lKySgVQDwae
qi15Uya/bQUw68D9GZAQuFgDLRKI0ezP+ohF4MkllTPYe2AkiveU+TJatWz6IrER
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:33 2024 by rpki-client on console-ams.rpki-client.org