Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa
File: WmXaTyZ0yCV7nVNEzHv8115SVYo.roa (raw, json)
Hash identifier: 740MJAs+s/gN3CchaxRzEy1m2zwCz6xXlEELG+fWlB0=
Subject key identifier: 5A:65:DA:4F:26:74:C8:25:7B:9D:53:44:CC:7B:FC:D7:5E:52:55:8A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DFB50BA9E1C20F9531768BF7B18FE67A2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa
Signing time: Fri 01 Mar 2024 18:39:48 +0000
ROA not before: Fri 01 Mar 2024 18:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
82.163.68.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
185.86.140.0/23 maxlen: 24
185.86.142.0/23 maxlen: 24
188.215.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fb:50:ba:9e:1c:20:f9:53:17:68:bf:7b:18:fe:67:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 1 18:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a65da4f2674c8257b9d5344cc7bfcd75e52558a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9d:87:f3:22:d4:d9:e0:f6:6d:19:3c:c2:bf:
5c:83:2b:33:b1:d9:16:44:bd:26:cc:ff:4f:e1:05:
19:aa:96:33:f1:c5:78:32:f5:60:d0:03:2e:f5:cb:
10:21:47:4e:08:aa:9a:bc:1c:53:be:e2:83:d7:e0:
59:13:20:85:97:72:0f:f2:22:ac:11:96:df:ea:5f:
1f:b7:b2:1e:db:d4:49:de:70:e5:01:54:37:b4:a8:
a1:13:71:06:b3:ca:f5:a4:74:0c:08:0a:32:47:7c:
d9:27:fe:6d:81:57:0f:37:fb:46:28:6e:84:52:8f:
7e:ba:1d:d5:d6:7a:6d:4a:ae:d7:1c:28:7e:d6:5d:
db:6d:50:27:54:7e:ca:a5:eb:c5:8a:1f:a2:8a:48:
86:5f:a2:c9:39:30:c6:e0:c1:92:e9:6e:b9:71:d9:
d7:3f:32:e8:a5:c9:fd:e6:87:93:74:45:3d:73:d3:
b9:43:43:f7:b4:95:50:3f:88:20:c7:03:e5:b7:92:
1b:60:0f:45:91:98:1e:82:b5:6a:ee:34:8c:43:28:
62:22:fe:b8:5d:2b:85:7a:f9:cd:d4:2e:cd:9c:51:
62:aa:34:da:45:e7:86:22:af:fe:81:39:95:e9:1c:
fa:94:77:fe:ee:06:d6:43:be:b9:bc:b0:dd:07:f0:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:65:DA:4F:26:74:C8:25:7B:9D:53:44:CC:7B:FC:D7:5E:52:55:8A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WmXaTyZ0yCV7nVNEzHv8115SVYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.208.0/20
82.163.68.0/22
149.126.88.0/22
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
30:c2:7d:12:54:98:4d:ba:0c:6f:35:ba:11:33:0f:89:5e:ac:
f9:1d:56:34:04:d6:e2:c6:12:85:f5:bc:ec:1a:42:19:dc:5d:
f9:7c:a1:d0:f5:96:30:d7:3e:68:61:9c:7f:11:15:d6:ec:3c:
d7:73:c0:f5:d9:a8:8d:72:12:82:63:6e:53:e9:ac:a7:0f:54:
17:e3:9a:7a:a5:71:d3:46:92:49:d2:3b:de:ba:bd:bd:87:0a:
57:3d:50:69:64:4a:35:b6:3b:7a:6f:1b:bc:df:de:e8:c2:78:
d3:cf:36:47:5e:7c:9f:97:70:ba:ff:6f:ec:79:d9:2e:8e:5a:
ce:7c:17:08:a1:2f:3b:2e:bf:2a:3c:de:3e:37:2e:53:cb:47:
4b:ca:0e:1a:a9:6a:99:44:50:19:11:e3:91:9a:87:9d:1f:a0:
53:6a:41:26:1f:95:91:17:9f:ec:61:d2:9a:c6:06:d2:7d:77:
0e:a8:79:6c:38:20:3f:c4:81:dd:71:b1:1e:e9:81:45:25:a9:
79:56:0b:86:e2:37:3a:fa:ba:5b:87:0e:b6:3d:9d:c9:6b:4f:
57:3d:f4:71:6c:9c:de:71:8b:ee:2e:00:fc:4d:53:9d:1d:be:
52:be:70:ed:2f:da:35:5e:f5:48:e7:09:a1:02:34:d3:d5:a2:
90:d9:8b:69
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY37ULqeHCD5Uxdov3sY/meiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzAxMTgzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY1ZGE0ZjI2NzRjODI1N2I5ZDUzNDRjYzdiZmNkNzVlNTI1NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx52H8yLU2eD2bRk8wr9cgyszsdkW
RL0mzP9P4QUZqpYz8cV4MvVg0AMu9csQIUdOCKqavBxTvuKD1+BZEyCFl3IP8iKs
EZbf6l8ft7Ie29RJ3nDlAVQ3tKihE3EGs8r1pHQMCAoyR3zZJ/5tgVcPN/tGKG6E
Uo9+uh3V1nptSq7XHCh+1l3bbVAnVH7KpevFih+iikiGX6LJOTDG4MGS6W65cdnX
PzLopcn95oeTdEU9c9O5Q0P3tJVQP4ggxwPlt5IbYA9FkZgegrVq7jSMQyhiIv64
XSuFevnN1C7NnFFiqjTaReeGIq/+gTmV6Rz6lHf+7gbWQ765vLDdB/CYgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFpl2k8mdMgle51TRMx7/NdeUlWKMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV21YYVR5WjB5Q1Y3blZORXpIdjgxMTVTVllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEJdrQAwQC
UqNEAwQClX5YAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAwwn0SVJhN
ugxvNboRMw+JXqz5HVY0BNbixhKF9bzsGkIZ3F35fKHQ9ZYw1z5oYZx/ERXW7DzX
c8D12aiNchKCY25T6aynD1QX45p6pXHTRpJJ0jveur29hwpXPVBpZEo1tjt6bxu8
397ownjTzzZHXnyfl3C6/2/sedkujlrOfBcIoS87Lr8qPN4+Ny5Ty0dLyg4aqWqZ
RFAZEeORmoedH6BTakEmH5WRF5/sYdKaxgbSfXcOqHlsOCA/xIHdcbEe6YFFJal5
VguG4jc6+rpbhw62PZ3Ja09XPfRxbJzecYvuLgD8TVOdHb5SvnDtL9o1XvVI5wmh
AjTT1aKQ2Ytp
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:10:18 2024 by rpki-client on console-fra.rpki-client.org