Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/zljv4YRSmAjqoeWCwMV8aifWOPg.roa
File: zljv4YRSmAjqoeWCwMV8aifWOPg.roa (raw, json)
Hash identifier: r5kULGEo3KVejAFR8njlXKluxUnAXhZvzyRUiVyuj3s=
Subject key identifier: CE:58:EF:E1:84:52:98:08:EA:A1:E5:82:C0:C5:7C:6A:27:D6:38:F8
Certificate issuer: /CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Certificate serial: 018CC5DC3B40CE0842DC6B20140A69372B28
Authority key identifier: 26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/zljv4YRSmAjqoeWCwMV8aifWOPg.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205868
IP address blocks: 37.130.140.0/22 maxlen: 24
2a00:7380:feed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3b:40:ce:08:42:dc:6b:20:14:0a:69:37:2b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce58efe184529808eaa1e582c0c57c6a27d638f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:44:49:16:7b:56:ac:59:e5:19:dd:08:1f:9c:
9a:f9:29:e7:c6:01:61:04:1c:08:79:06:ae:22:ff:
e1:3f:5a:64:8f:31:14:ee:ca:6a:e7:c6:ce:54:a0:
90:4e:29:45:77:2f:e3:96:89:29:6d:fe:55:49:83:
ed:06:50:2a:c7:08:28:fb:e7:62:d9:74:61:bd:8b:
78:ca:24:d0:dc:10:af:1b:3b:28:9b:79:68:3a:f0:
99:76:c3:9b:34:fe:61:4c:48:90:36:92:2d:cb:0e:
e9:b0:40:2b:34:52:cb:21:89:fc:3e:46:71:e8:e8:
71:da:cd:b1:04:13:fe:f7:46:98:aa:63:2e:44:be:
45:e5:a3:b4:77:54:02:9b:2d:14:27:b9:c0:17:a2:
67:0a:7e:7c:76:ef:02:fa:65:db:3f:05:51:6c:93:
86:44:e2:23:d7:27:f1:40:df:1f:24:0e:86:d1:3c:
4c:2c:85:02:43:13:23:d8:38:a6:04:5c:06:36:1c:
9e:55:39:73:f4:80:52:be:3c:14:85:87:e7:86:92:
a0:cd:3c:c0:a6:75:8e:f0:de:e6:4e:a1:04:37:e5:
06:f1:05:19:5c:60:18:83:93:8b:bc:26:f4:ae:76:
20:d3:7e:fe:3d:64:27:92:8d:ac:45:0a:2a:96:da:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:58:EF:E1:84:52:98:08:EA:A1:E5:82:C0:C5:7C:6A:27:D6:38:F8
X509v3 Authority Key Identifier:
keyid:26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/zljv4YRSmAjqoeWCwMV8aifWOPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.140.0/22
IPv6:
2a00:7380:feed::/48
Signature Algorithm: sha256WithRSAEncryption
34:52:47:42:4b:da:0d:fb:6d:31:e6:7c:b1:40:ab:d2:44:4f:
0d:50:24:e1:5d:e3:6b:25:68:32:ed:01:24:75:1f:23:6b:42:
14:bc:18:ed:e1:f0:fd:50:83:4c:75:36:bf:a6:22:b2:fc:79:
f9:46:3f:ce:1b:f4:39:dc:be:5f:72:56:14:1d:87:91:92:e2:
25:ea:33:5a:bb:61:25:94:c2:18:3a:33:a7:88:2f:22:36:66:
03:0d:f4:90:70:24:5e:b7:dc:19:ae:29:37:ad:3d:c9:71:a6:
29:89:c6:aa:0c:6a:aa:f4:eb:03:04:cb:ec:db:8d:9e:87:66:
28:2c:cc:99:b2:43:fb:84:bb:6c:50:ad:81:a6:22:74:22:45:
a8:6d:ae:69:06:ee:40:7e:e5:79:74:3e:ca:39:17:65:17:61:
64:04:59:de:a7:df:f0:b5:02:81:0f:b5:f6:10:05:d0:71:7c:
19:43:27:a1:36:28:f1:cd:95:b4:c9:23:38:76:7c:38:18:9d:
ca:49:2b:6b:b4:d4:b2:02:ae:8c:ae:0f:a9:e0:c2:3e:b6:32:
bc:61:f8:4a:4e:d9:0e:bc:69:2b:3a:7b:d7:89:2c:83:ec:ac:
5e:95:b2:35:f5:81:23:b9:50:95:ac:66:a7:3f:85:56:a9:4e:
84:ba:2b:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3DtAzghC3GsgFAppNysoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODhlZjM3M2Y4ZjAwZTAxYzI1Y2Y5MjRiNGYyZThlYzZh
MjE5ZDEwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU4ZWZlMTg0NTI5ODA4ZWFhMWU1ODJjMGM1N2M2YTI3ZDYzOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkRJFntWrFnlGd0IH5ya+SnnxgFh
BBwIeQauIv/hP1pkjzEU7spq58bOVKCQTilFdy/jlokpbf5VSYPtBlAqxwgo++di
2XRhvYt4yiTQ3BCvGzsom3loOvCZdsObNP5hTEiQNpItyw7psEArNFLLIYn8PkZx
6Ohx2s2xBBP+90aYqmMuRL5F5aO0d1QCmy0UJ7nAF6JnCn58du8C+mXbPwVRbJOG
ROIj1yfxQN8fJA6G0TxMLIUCQxMj2DimBFwGNhyeVTlz9IBSvjwUhYfnhpKgzTzA
pnWO8N7mTqEEN+UG8QUZXGAYg5OLvCb0rnYg037+PWQnko2sRQoqltrClwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM5Y7+GEUpgI6qHlgsDFfGon1jj4MB8GA1UdIwQY
MBaAFCaI7zc/jwDgHCXPkktPLo7GohnRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAt
N2Y3OGEzYmFhN2MxLzEvemxqdjRZUlNtQWpxb2VXQ3dNVjhhaWZXT1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAtN2Y3OGEzYmFhN2Mx
LzEvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCJYKMMA8E
AgACMAkDBwAqAHOA/u0wDQYJKoZIhvcNAQELBQADggEBADRSR0JL2g37bTHmfLFA
q9JETw1QJOFd42slaDLtASR1HyNrQhS8GO3h8P1Qg0x1Nr+mIrL8eflGP84b9Dnc
vl9yVhQdh5GS4iXqM1q7YSWUwhg6M6eILyI2ZgMN9JBwJF633BmuKTetPclxpimJ
xqoMaqr06wMEy+zbjZ6HZigszJmyQ/uEu2xQrYGmInQiRahtrmkG7kB+5Xl0Pso5
F2UXYWQEWd6n3/C1AoEPtfYQBdBxfBlDJ6E2KPHNlbTJIzh2fDgYncpJK2u01LIC
royuD6ngwj62Mrxh+EpO2Q68aSs6e9eJLIPsrF6VsjX1gSO5UJWsZqc/hVapToS6
KzI=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:28:38 2024 by rpki-client on console-ams.rpki-client.org