Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/1K7Fjiv_QF_ERoI4zPn-w9YUg2E.roa
File: 1K7Fjiv_QF_ERoI4zPn-w9YUg2E.roa (raw, json)
Hash identifier: qgDbcrhhOGKpK3TwHDtZAj+Roc94V5RszymGPWebKgs=
Subject key identifier: D4:AE:C5:8E:2B:FF:40:5F:C4:46:82:38:CC:F9:FE:C3:D6:14:83:61
Certificate issuer: /CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Certificate serial: 018E6696D64F52BAA7CA400BCE33665AE21B
Authority key identifier: B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/1K7Fjiv_QF_ERoI4zPn-w9YUg2E.roa
Signing time: Fri 22 Mar 2024 14:35:45 +0000
ROA not before: Fri 22 Mar 2024 14:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48101
IP address blocks: 37.25.44.0/24 maxlen: 24
37.25.45.0/24 maxlen: 24
37.25.46.0/23 maxlen: 23
91.151.240.0/20 maxlen: 22
91.228.232.0/23 maxlen: 24
91.228.234.0/24 maxlen: 24
95.166.0.0/18 maxlen: 21
98.96.160.0/20 maxlen: 23
134.19.192.0/22 maxlen: 22
134.19.196.0/22 maxlen: 23
134.65.128.0/21 maxlen: 21
134.65.136.0/22 maxlen: 22
134.65.140.0/22 maxlen: 22
134.65.144.0/22 maxlen: 22
134.65.148.0/22 maxlen: 22
134.65.152.0/21 maxlen: 21
176.20.128.0/18 maxlen: 21
185.16.160.0/22 maxlen: 24
185.122.192.0/22 maxlen: 22
199.15.232.0/22 maxlen: 22
199.15.236.0/24 maxlen: 24
199.15.237.0/24 maxlen: 24
199.15.238.0/24 maxlen: 24
199.15.239.0/24 maxlen: 24
2a04:200::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/tGasCkklUoPNUwZpcc17Pf4qPOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/tGasCkklUoPNUwZpcc17Pf4qPOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 20:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:96:d6:4f:52:ba:a7:ca:40:0b:ce:33:66:5a:e2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b466ac0a49255283cd53066971cd7b3dfe2a3ce8
Validity
Not Before: Mar 22 14:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4aec58e2bff405fc4468238ccf9fec3d6148361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:88:5f:f6:9f:1f:dc:0b:8d:8a:4a:8f:ce:ad:
cc:9e:84:2f:34:2f:a7:e0:49:8a:d3:35:0d:70:ba:
bf:49:5c:d5:5f:32:b1:76:61:3c:7b:44:19:e6:6d:
59:41:78:5b:7b:30:fe:fb:3f:a2:b7:93:bc:9e:09:
2f:70:7e:64:14:7d:0e:09:6e:df:42:44:24:cf:a6:
4c:64:43:61:27:93:35:9a:07:44:5b:3f:48:3a:12:
f5:8b:37:fb:fd:cb:a3:53:bd:b8:76:c3:1e:52:98:
91:a5:e2:fd:89:b4:86:20:3e:35:8d:d1:08:27:17:
f9:5b:1c:af:a0:6a:48:02:48:f0:d6:d7:be:70:3d:
27:90:0b:c4:77:f9:14:5d:0a:8a:a4:03:ff:5b:67:
b3:a8:ca:49:4b:9b:8e:bd:92:d9:e2:98:41:30:75:
ef:3a:91:67:94:8a:46:e9:8f:74:41:7b:f9:c4:dd:
7e:85:09:b1:48:1c:c9:a8:8c:18:3c:c4:39:7c:15:
bb:93:b4:d0:2f:e8:a5:f7:b9:c8:90:35:4b:f8:ac:
1d:18:ea:f4:3d:1d:72:3e:42:b3:ed:50:4f:01:5e:
11:42:dc:bb:35:4d:0f:f5:21:c1:79:a6:9b:0a:9a:
55:2c:3e:cf:0b:3e:4c:87:1d:a2:0a:a8:0e:f8:c2:
7c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AE:C5:8E:2B:FF:40:5F:C4:46:82:38:CC:F9:FE:C3:D6:14:83:61
X509v3 Authority Key Identifier:
keyid:B4:66:AC:0A:49:25:52:83:CD:53:06:69:71:CD:7B:3D:FE:2A:3C:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGasCkklUoPNUwZpcc17Pf4qPOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/1K7Fjiv_QF_ERoI4zPn-w9YUg2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/133b52-7a66-41ab-aeee-c9b470dc240b/1/tGasCkklUoPNUwZpcc17Pf4qPOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.44.0/22
91.151.240.0/20
91.228.232.0-91.228.234.255
95.166.0.0/18
98.96.160.0/20
134.19.192.0/21
134.65.128.0/19
176.20.128.0/18
185.16.160.0/22
185.122.192.0/22
199.15.232.0/21
IPv6:
2a04:200::/29
Signature Algorithm: sha256WithRSAEncryption
50:e9:00:25:b0:fc:4d:2d:b5:a6:b4:de:2d:db:08:13:4e:16:
d8:a9:0f:bb:d9:b5:27:56:70:00:7a:b3:31:fd:44:02:f3:8f:
86:67:bf:e6:a7:04:4e:84:ac:3a:37:4a:61:6a:d3:ac:c6:a5:
8e:21:a4:43:c3:23:71:98:fc:5a:cc:38:1a:bd:5a:fb:cf:28:
c2:70:cc:92:dd:99:9a:85:5d:a4:5f:27:7f:3e:47:ed:fc:87:
16:b5:32:d2:5d:63:8a:c5:d6:0d:39:eb:33:17:a3:4e:cd:71:
42:ca:82:58:65:68:a0:64:b5:04:23:e0:86:5a:76:a5:14:0d:
d7:5a:90:8e:7d:8d:16:fd:f9:f3:1e:c5:0e:21:7c:6c:07:76:
e4:4f:60:1f:98:30:05:ae:2f:4b:b8:90:ea:aa:90:b5:b6:91:
f2:99:7a:12:9b:f0:e2:57:ab:85:f0:fd:9a:98:e2:9e:e5:b4:
9a:c6:33:c0:4c:23:00:25:73:29:0a:5f:5c:10:8a:a5:67:15:
83:38:3c:81:81:ee:fe:b1:cc:a6:fa:ed:2c:52:8d:be:dd:cc:
a7:5c:a9:c0:c7:7a:1e:6f:0b:ed:6c:44:0d:16:00:6f:2a:82:
36:6e:a8:73:59:d3:45:21:27:38:b9:5a:bc:41:62:9a:59:89:
d0:75:5d:ef
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY5mltZPUrqnykALzjNmWuIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjZhYzBhNDkyNTUyODNjZDUzMDY2OTcxY2Q3YjNkZmUy
YTNjZTgwHhcNMjQwMzIyMTQzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFlYzU4ZTJiZmY0MDVmYzQ0NjgyMzhjY2Y5ZmVjM2Q2MTQ4MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ihf9p8f3AuNikqPzq3MnoQvNC+n
4EmK0zUNcLq/SVzVXzKxdmE8e0QZ5m1ZQXhbezD++z+it5O8ngkvcH5kFH0OCW7f
QkQkz6ZMZENhJ5M1mgdEWz9IOhL1izf7/cujU724dsMeUpiRpeL9ibSGID41jdEI
Jxf5WxyvoGpIAkjw1te+cD0nkAvEd/kUXQqKpAP/W2ezqMpJS5uOvZLZ4phBMHXv
OpFnlIpG6Y90QXv5xN1+hQmxSBzJqIwYPMQ5fBW7k7TQL+il97nIkDVL+KwdGOr0
PR1yPkKz7VBPAV4RQty7NU0P9SHBeaabCppVLD7PCz5Mhx2iCqgO+MJ85QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFNSuxY4r/0BfxEaCOMz5/sPWFINhMB8GA1UdIwQY
MBaAFLRmrApJJVKDzVMGaXHNez3+KjzoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdhc0Nra2xVb1BOVXdacGNjMTdQZjRxUE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8xMzNiNTItN2E2Ni00MWFiLWFlZWUt
YzliNDcwZGMyNDBiLzEvMUs3Rmppdl9RRl9FUm9JNHpQbi13OVlVZzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8xMzNiNTItN2E2Ni00MWFiLWFlZWUtYzliNDcwZGMyNDBi
LzEvdEdhc0Nra2xVb1BOVXdacGNjMTdQZjRxUE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQCJRksAwQE
W5fwMAwDBANb5OgDBABb5OoDBAZfpgADBARiYKADBAOGE8ADBAWGQYADBAawFIAD
BAK5EKADBAK5esADBAPHD+gwDQQCAAIwBwMFAyoEAgAwDQYJKoZIhvcNAQELBQAD
ggEBAFDpACWw/E0ttaa03i3bCBNOFtipD7vZtSdWcAB6szH9RALzj4Znv+anBE6E
rDo3SmFq06zGpY4hpEPDI3GY/FrMOBq9WvvPKMJwzJLdmZqFXaRfJ38+R+38hxa1
MtJdY4rF1g056zMXo07NcULKglhlaKBktQQj4IZadqUUDddakI59jRb9+fMexQ4h
fGwHduRPYB+YMAWuL0u4kOqqkLW2kfKZehKb8OJXq4Xw/ZqY4p7ltJrGM8BMIwAl
cykKX1wQiqVnFYM4PIGB7v6xzKb67SxSjb7dzKdcqcDHeh5vC+1sRA0WAG8qgjZu
qHNZ00UhJzi5WrxBYppZidB1Xe8=
-----END CERTIFICATE-----
Generated at Fri Jun 28 04:08:05 2024 by rpki-client on console-ams.rpki-client.org