Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/3vm3MLwyI9o6_pKgKWOBKwf93P8.roa
File: 3vm3MLwyI9o6_pKgKWOBKwf93P8.roa (raw, json)
Hash identifier: rxGoUDQEytyw8oLnOSdvr5dNXaG9BR8dkmCA1M4maSE=
Subject key identifier: DE:F9:B7:30:BC:32:23:DA:3A:FE:92:A0:29:63:81:2B:07:FD:DC:FF
Certificate issuer: /CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Certificate serial: 018E7ADCF6D36045758C893977FA4DB3D6B9
Authority key identifier: AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/3vm3MLwyI9o6_pKgKWOBKwf93P8.roa
Signing time: Tue 26 Mar 2024 13:04:45 +0000
ROA not before: Tue 26 Mar 2024 13:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29222
IP address blocks: 37.156.40.0/21 maxlen: 24
45.157.188.0/22 maxlen: 24
83.166.128.0/19 maxlen: 24
84.16.64.0/19 maxlen: 24
89.47.48.0/22 maxlen: 24
91.214.188.0/22 maxlen: 24
93.88.240.0/20 maxlen: 24
128.65.192.0/21 maxlen: 24
185.74.68.0/22 maxlen: 24
185.125.24.0/22 maxlen: 24
185.143.100.0/22 maxlen: 24
185.172.100.0/22 maxlen: 24
185.176.224.0/22 maxlen: 24
185.177.60.0/22 maxlen: 24
185.181.160.0/22 maxlen: 24
188.213.128.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.111.233.0/24 maxlen: 24
193.128.7.0/24 maxlen: 24
193.134.93.0/24 maxlen: 24
193.134.250.0/24 maxlen: 24
195.15.192.0/18 maxlen: 24
2001:1600::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:dc:f6:d3:60:45:75:8c:89:39:77:fa:4d:b3:d6:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Validity
Not Before: Mar 26 13:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=def9b730bc3223da3afe92a02963812b07fddcff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:77:62:9a:7e:89:0c:40:31:18:99:e8:68:c8:
2c:20:ab:ec:1f:d2:f9:27:fe:ca:22:5d:88:66:32:
7e:d1:87:f4:4e:54:c0:56:a4:93:2c:39:e4:7c:e9:
9c:ab:ec:2b:63:2d:5f:fc:c3:d5:5c:e1:59:d0:cd:
d6:6b:5a:29:25:8b:9e:7a:83:21:a6:c8:91:bc:d3:
3f:3a:21:c3:92:94:55:79:29:78:0f:0d:cc:79:26:
9c:31:03:fd:26:0a:44:53:02:5a:e4:21:d6:1e:5c:
f6:6e:45:4c:aa:1c:ce:59:79:ec:bd:50:ca:74:9d:
89:91:c2:5b:db:46:96:9f:2c:12:f9:a3:16:3d:02:
ed:43:90:7c:83:0c:34:a5:a4:b9:1c:18:6d:36:cc:
87:df:ee:57:19:c4:25:ac:56:cd:e1:bb:be:c4:8f:
ba:e1:98:c5:96:7d:c0:52:73:7a:c8:fa:5f:8d:16:
50:e1:14:7b:87:f5:7e:12:68:9f:2f:d5:63:a4:23:
48:aa:f4:ba:d2:ad:7c:e7:d8:27:5a:95:d2:7f:c2:
e9:89:d8:c8:1f:ea:3f:f4:42:3b:ee:94:d9:0c:6a:
94:bb:41:df:4b:38:51:be:7b:e6:5f:12:5b:29:93:
e3:14:26:b6:0f:f4:c1:01:34:3b:df:a2:96:07:a5:
f3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F9:B7:30:BC:32:23:DA:3A:FE:92:A0:29:63:81:2B:07:FD:DC:FF
X509v3 Authority Key Identifier:
keyid:AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/3vm3MLwyI9o6_pKgKWOBKwf93P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.40.0/21
45.157.188.0/22
83.166.128.0/19
84.16.64.0/19
89.47.48.0/22
91.214.188.0/22
93.88.240.0/20
128.65.192.0/21
185.74.68.0/22
185.125.24.0/22
185.143.100.0/22
185.172.100.0/22
185.176.224.0/22
185.177.60.0/22
185.181.160.0/22
188.213.128.0/22
193.108.52.0/22
193.111.233.0/24
193.128.7.0/24
193.134.93.0/24
193.134.250.0/24
195.15.192.0/18
IPv6:
2001:1600::/29
Signature Algorithm: sha256WithRSAEncryption
0a:ea:a5:02:a7:71:13:05:a5:85:6b:a2:ab:de:bc:10:3e:67:
5a:04:10:43:81:33:69:a2:79:85:fb:e7:24:02:2f:2f:78:c5:
17:19:c0:9d:cb:06:e6:c4:dd:e3:3e:47:aa:1e:96:39:70:7f:
8a:60:67:fb:42:82:00:7a:43:33:61:ae:cb:8d:10:f0:64:59:
0b:10:bb:50:7b:7a:cf:5f:86:e8:22:7e:d1:d0:33:ec:7d:f4:
8a:b0:39:ff:92:31:4f:6b:e3:60:c0:f8:04:67:5d:9c:45:19:
88:df:60:5d:46:15:dc:af:e2:df:34:a7:6e:1d:4f:6e:6a:aa:
d9:ee:8c:13:a4:f8:cf:fd:b3:35:10:25:c0:e1:f3:6a:e2:20:
c4:79:8b:da:ad:e1:6b:fd:c4:7e:0e:61:b0:eb:20:e5:44:64:
3a:fb:f4:4f:ae:bf:b5:d0:c8:b6:07:8d:5e:e2:30:bc:6e:70:
cd:65:4d:79:0d:72:d1:80:19:ea:3a:2f:3c:d7:c8:fd:ad:94:
d7:50:25:c2:b9:c3:bf:2b:cf:e2:8f:19:16:60:e4:6f:0f:30:
b4:3f:f2:66:e6:c6:e1:2e:20:92:f1:2c:d2:5c:fc:53:94:7c:
d0:62:7e:bb:21:77:e0:e0:fa:c1:00:b4:4e:8e:20:42:51:58:
db:e2:7c:c1
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY563PbTYEV1jIk5d/pNs9a5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZjFlZWZhYTc1N2QzOGViMTA0ZmE0Y2JhNGQ5NjJiNzJl
NTJiNTIwHhcNMjQwMzI2MTMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY5YjczMGJjMzIyM2RhM2FmZTkyYTAyOTYzODEyYjA3ZmRkY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXdimn6JDEAxGJnoaMgsIKvsH9L5
J/7KIl2IZjJ+0Yf0TlTAVqSTLDnkfOmcq+wrYy1f/MPVXOFZ0M3Wa1opJYueeoMh
psiRvNM/OiHDkpRVeSl4Dw3MeSacMQP9JgpEUwJa5CHWHlz2bkVMqhzOWXnsvVDK
dJ2JkcJb20aWnywS+aMWPQLtQ5B8gww0paS5HBhtNsyH3+5XGcQlrFbN4bu+xI+6
4ZjFln3AUnN6yPpfjRZQ4RR7h/V+EmifL9VjpCNIqvS60q1859gnWpXSf8LpidjI
H+o/9EI77pTZDGqUu0HfSzhRvnvmXxJbKZPjFCa2D/TBATQ736KWB6XzmwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFN75tzC8MiPaOv6SoCljgSsH/dz/MB8GA1UdIwQY
MBaAFK7x7vqnV9OOsQT6TLpNlity5StSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnZIdS1xZFgwNDZ4QlBwTXVrMldLM0xsSzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jOWYzM2ItMmYxYi00YTExLWEyMWQt
OWE2YmQwMTFmOGY2LzEvM3ZtM01Md3lJOW82X3BLZ0tXT0JLd2Y5M1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jOWYzM2ItMmYxYi00YTExLWEyMWQtOWE2YmQwMTFmOGY2
LzEvcnZIdS1xZFgwNDZ4QlBwTXVrMldLM0xsSzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAMl
nCgDBAItnbwDBAVTpoADBAVUEEADBAJZLzADBAJb1rwDBARdWPADBAOAQcADBAK5
SkQDBAK5fRgDBAK5j2QDBAK5rGQDBAK5sOADBAK5sTwDBAK5taADBAK81YADBALB
bDQDBADBb+kDBADBgAcDBADBhl0DBADBhvoDBAbDD8AwDQQCAAIwBwMFAyABFgAw
DQYJKoZIhvcNAQELBQADggEBAArqpQKncRMFpYVroqvevBA+Z1oEEEOBM2mieYX7
5yQCLy94xRcZwJ3LBubE3eM+R6oeljlwf4pgZ/tCggB6QzNhrsuNEPBkWQsQu1B7
es9fhugiftHQM+x99IqwOf+SMU9r42DA+ARnXZxFGYjfYF1GFdyv4t80p24dT25q
qtnujBOk+M/9szUQJcDh82riIMR5i9qt4Wv9xH4OYbDrIOVEZDr79E+uv7XQyLYH
jV7iMLxucM1lTXkNctGAGeo6LzzXyP2tlNdQJcK5w78rz+KPGRZg5G8PMLQ/8mbm
xuEuIJLxLNJc/FOUfNBifrshd+Dg+sEAtE6OIEJRWNvifME=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:24:25 2024 by rpki-client on console-fra.rpki-client.org