Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/Ehk33GNlzsw-O91dX-zKhugDZu4.roa
File: Ehk33GNlzsw-O91dX-zKhugDZu4.roa (raw, json)
Hash identifier: XKvbQ2PUaPUekDD6LgU1c6UHj9ba/DCkDJvHhJpYxZE=
Subject key identifier: 12:19:37:DC:63:65:CE:CC:3E:3B:DD:5D:5F:EC:CA:86:E8:03:66:EE
Certificate issuer: /CN=1ccd05226cb4c1979f96a06d2eb6683b5b0f6a8e
Certificate serial: 018CC4923FEDBBE8EC355A904CA937E2BDDA
Authority key identifier: 1C:CD:05:22:6C:B4:C1:97:9F:96:A0:6D:2E:B6:68:3B:5B:0F:6A:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HM0FImy0wZeflqBtLrZoO1sPao4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/Ehk33GNlzsw-O91dX-zKhugDZu4.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15699
IP address blocks: 37.46.72.0/21 maxlen: 32
185.32.28.0/22 maxlen: 32
185.32.28.0/24 maxlen: 32
2a00:6640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/HM0FImy0wZeflqBtLrZoO1sPao4.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/HM0FImy0wZeflqBtLrZoO1sPao4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HM0FImy0wZeflqBtLrZoO1sPao4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 10:03:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3f:ed:bb:e8:ec:35:5a:90:4c:a9:37:e2:bd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ccd05226cb4c1979f96a06d2eb6683b5b0f6a8e
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=121937dc6365cecc3e3bdd5d5fecca86e80366ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:15:a7:ef:77:06:e7:4e:04:28:fe:c9:14:
51:e7:0b:9e:07:c8:42:c3:5a:17:57:02:d4:9e:6c:
8f:33:c8:53:e8:3e:13:c8:32:a1:94:c3:54:2e:17:
7b:2a:eb:10:63:88:10:7c:6d:bc:0b:e6:f1:59:f3:
92:b4:4d:3f:33:56:bb:44:40:05:1a:29:f1:dc:1a:
bb:fc:e9:d5:fe:31:2a:eb:fa:d9:c4:a8:47:f1:7a:
ce:f7:0a:57:0a:91:58:51:a9:95:37:d7:ea:5f:a5:
ad:62:b6:35:e7:65:b9:b0:23:77:5a:2c:92:5f:a1:
d0:a5:77:6b:c3:a3:a3:9d:dd:53:63:b2:24:4d:5e:
f1:a8:d8:55:7a:df:32:da:d3:b9:b6:8f:16:57:07:
f5:9c:ed:76:35:d6:f6:cc:68:62:1e:7e:03:d4:a2:
33:a2:30:0e:8d:7e:4c:68:68:3a:66:fe:82:c9:44:
8a:03:c1:75:7b:a9:b4:f5:23:f3:e1:08:9d:8e:06:
2e:2f:d2:a5:75:96:17:68:5a:84:e8:55:99:8c:93:
fd:b4:7d:cc:ab:1d:f6:96:0b:f2:51:80:2d:67:93:
b2:ef:b7:7b:17:19:19:84:92:c9:77:ed:5c:3a:99:
48:ed:cf:95:56:f1:d4:99:d4:bf:8b:66:90:46:72:
e8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:19:37:DC:63:65:CE:CC:3E:3B:DD:5D:5F:EC:CA:86:E8:03:66:EE
X509v3 Authority Key Identifier:
keyid:1C:CD:05:22:6C:B4:C1:97:9F:96:A0:6D:2E:B6:68:3B:5B:0F:6A:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HM0FImy0wZeflqBtLrZoO1sPao4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/Ehk33GNlzsw-O91dX-zKhugDZu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e21739-b00b-41c8-a645-db9c3a0c08b9/1/HM0FImy0wZeflqBtLrZoO1sPao4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.72.0/21
185.32.28.0/22
IPv6:
2a00:6640::/32
Signature Algorithm: sha256WithRSAEncryption
57:e7:1a:53:ad:f6:83:9d:d2:c3:79:28:14:70:ed:bd:61:6d:
5a:2f:be:4e:2d:ae:2f:6f:3b:4a:d2:ad:74:4d:d9:07:8f:5e:
be:ae:3e:73:f5:45:c0:18:e7:c4:6f:6d:e2:f2:15:cc:62:31:
1c:11:ae:df:76:ab:95:70:96:91:6f:d0:ac:91:60:e4:68:d6:
3a:e7:e6:da:92:4b:4e:73:f2:a5:06:f7:9e:86:10:6f:ef:61:
68:36:dd:a9:28:66:e7:84:39:a3:a3:e6:9c:88:e9:fc:2b:c9:
1a:2f:93:fd:9c:3a:2f:a6:12:f8:e6:ec:16:ce:66:f2:30:0a:
cd:ea:bf:34:4c:32:d6:4a:ee:ab:54:4f:d3:64:ed:17:5b:11:
2f:e4:68:54:43:23:6c:ca:4a:b2:54:14:8b:12:e5:77:a8:ca:
3a:47:0e:c8:b2:29:9d:60:3e:29:7c:1a:1c:ef:37:57:aa:71:
b6:5e:a3:67:0a:cd:c1:2d:84:6d:ed:f8:d8:44:11:a4:01:2f:
fc:b3:a9:34:2e:9b:84:45:4f:d9:c6:15:b3:f9:3a:92:83:5b:
d8:8c:7f:15:0e:67:b5:1a:57:ee:e8:99:21:f1:26:58:0a:b9:
f1:71:50:81:12:93:54:d5:86:20:f8:83:36:71:ac:04:00:e0:
55:48:50:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkj/tu+jsNVqQTKk34r3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjY2QwNTIyNmNiNGMxOTc5Zjk2YTA2ZDJlYjY2ODNiNWIw
ZjZhOGUwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE5MzdkYzYzNjVjZWNjM2UzYmRkNWQ1ZmVjY2E4NmU4MDM2NmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ4Vp+93BudOBCj+yRRR5wueB8hC
w1oXVwLUnmyPM8hT6D4TyDKhlMNULhd7KusQY4gQfG28C+bxWfOStE0/M1a7REAF
Ginx3Bq7/OnV/jEq6/rZxKhH8XrO9wpXCpFYUamVN9fqX6WtYrY152W5sCN3WiyS
X6HQpXdrw6Ojnd1TY7IkTV7xqNhVet8y2tO5to8WVwf1nO12Ndb2zGhiHn4D1KIz
ojAOjX5MaGg6Zv6CyUSKA8F1e6m09SPz4QidjgYuL9KldZYXaFqE6FWZjJP9tH3M
qx32lgvyUYAtZ5Oy77d7FxkZhJLJd+1cOplI7c+VVvHUmdS/i2aQRnLoqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBIZN9xjZc7MPjvdXV/syoboA2buMB8GA1UdIwQY
MBaAFBzNBSJstMGXn5agbS62aDtbD2qOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE0wRklteTB3WmVmbHFCdExyWm9PMXNQYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lMjE3MzktYjAwYi00MWM4LWE2NDUt
ZGI5YzNhMGMwOGI5LzEvRWhrMzNHTmx6c3ctTzkxZFgtektodWdEWnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lMjE3MzktYjAwYi00MWM4LWE2NDUtZGI5YzNhMGMwOGI5
LzEvSE0wRklteTB3WmVmbHFCdExyWm9PMXNQYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJS5IAwQC
uSAcMA0EAgACMAcDBQAqAGZAMA0GCSqGSIb3DQEBCwUAA4IBAQBX5xpTrfaDndLD
eSgUcO29YW1aL75OLa4vbztK0q10TdkHj16+rj5z9UXAGOfEb23i8hXMYjEcEa7f
dquVcJaRb9CskWDkaNY65+bakktOc/KlBveehhBv72FoNt2pKGbnhDmjo+aciOn8
K8kaL5P9nDovphL45uwWzmbyMArN6r80TDLWSu6rVE/TZO0XWxEv5GhUQyNsykqy
VBSLEuV3qMo6Rw7IsimdYD4pfBoc7zdXqnG2XqNnCs3BLYRt7fjYRBGkAS/8s6k0
LpuERU/ZxhWz+TqSg1vYjH8VDme1Glfu6Jkh8SZYCrnxcVCBEpNU1YYg+IM2cawE
AOBVSFAI
-----END CERTIFICATE-----
Generated at Thu May 30 16:25:32 2024 by rpki-client on console-ams.rpki-client.org