Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/RFfxaapS_vQyrkmmZQLFY15hv-g.roa
File: RFfxaapS_vQyrkmmZQLFY15hv-g.roa (raw, json)
Hash identifier: DEUr0gAJ4rUsedletVyiNORU5Ow9A+cqDNsw8cJq7hY=
Subject key identifier: 44:57:F1:69:AA:52:FE:F4:32:AE:49:A6:65:02:C5:63:5E:61:BF:E8
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 018CC2DB0681F61490D0D0A712D03F999194
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/RFfxaapS_vQyrkmmZQLFY15hv-g.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60558
IP address blocks: 37.140.239.0/24 maxlen: 24
37.140.238.0/24 maxlen: 24
185.28.188.0/24 maxlen: 24
185.28.191.0/24 maxlen: 24
185.28.190.0/24 maxlen: 24
185.28.189.0/24 maxlen: 24
2a00:8860:100::/40 maxlen: 64
2a00:8861:100::/40 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 19:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:81:f6:14:90:d0:d0:a7:12:d0:3f:99:91:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4457f169aa52fef432ae49a66502c5635e61bfe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:ad:28:57:ce:5e:92:4e:9e:ba:f1:7a:5e:
a0:e5:6d:d4:bb:79:b9:13:41:20:53:b2:33:1b:62:
82:07:95:de:7d:4a:16:75:3d:2c:89:83:de:47:32:
94:a0:45:e6:97:06:1b:7b:a8:97:1e:a6:bc:e9:12:
f4:3c:82:ba:7c:f7:1d:6d:ab:6d:95:13:66:f6:df:
c3:6a:ea:cc:57:dd:51:64:aa:1c:6d:d1:51:e0:af:
b4:8e:85:86:7f:37:55:14:07:8c:76:10:73:01:ad:
35:06:ba:7b:ff:b9:07:75:4a:1d:c9:5e:82:e0:aa:
16:5e:a7:c3:ef:82:0d:9e:e6:d1:5e:5d:62:e1:f4:
ca:15:ed:43:51:45:ed:05:24:24:cb:9f:fa:1b:27:
ce:a9:dc:29:3d:97:b7:4c:8b:e2:89:38:df:38:fa:
13:60:04:c3:7c:bf:29:02:0e:f7:e2:8f:60:8e:39:
ef:4f:b3:d2:3d:59:77:ca:0e:f9:12:28:6c:3d:b9:
0d:a5:99:9e:de:04:ea:13:89:43:16:35:ee:e7:65:
09:5e:c1:af:bd:6c:89:ff:40:b4:fa:71:89:21:2b:
cd:1f:32:89:33:f6:dd:1b:ca:00:58:cb:60:93:0e:
05:ad:29:54:96:f5:59:c1:e4:68:46:d3:5a:9c:38:
f1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:57:F1:69:AA:52:FE:F4:32:AE:49:A6:65:02:C5:63:5E:61:BF:E8
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/RFfxaapS_vQyrkmmZQLFY15hv-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.238.0/23
185.28.188.0/22
IPv6:
2a00:8860:100::/40
2a00:8861:100::/40
Signature Algorithm: sha256WithRSAEncryption
43:74:db:0d:66:90:ee:96:bd:ae:ed:e1:db:ea:33:c8:9b:bb:
96:40:58:c0:4d:4e:e4:99:a1:62:7f:1c:eb:f5:8f:7d:24:55:
cc:6e:1f:8b:40:05:a6:19:32:23:e3:69:bb:a4:29:be:1e:75:
a3:b4:c7:f8:d8:97:11:5e:54:e5:9d:e6:41:ff:4d:04:1a:50:
be:f5:39:59:62:c0:c9:15:e1:17:99:39:bc:d7:ad:03:d5:2b:
e9:3c:5a:0f:c0:39:97:d9:66:c9:be:eb:a1:5b:ae:f1:f2:67:
38:91:52:d9:9c:df:e9:3a:3e:3f:92:1f:c7:cb:10:84:52:9f:
34:42:70:f7:59:ef:aa:e7:69:7b:b5:48:43:5b:09:0f:a3:da:
12:bb:83:3d:f6:eb:e4:94:47:ae:de:cc:21:fe:bf:09:e8:bc:
98:82:3a:22:c5:59:5b:d4:3c:39:09:09:b6:2e:31:7f:b6:e5:
cd:50:e7:b9:97:5f:e2:79:22:2b:eb:41:3a:d9:fc:4d:ae:38:
fd:d4:03:98:cc:7b:93:2d:9c:cb:8e:c8:e5:cd:f7:0b:9d:dd:
2b:b4:0d:27:24:34:7c:d6:06:5d:51:0e:11:cf:1d:eb:87:21:
1d:c1:ba:94:ba:ad:e9:a6:d3:11:e8:82:78:e8:c1:1b:da:e6:
ed:d0:b6:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzC2waB9hSQ0NCnEtA/mZGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU3ZjE2OWFhNTJmZWY0MzJhZTQ5YTY2NTAyYzU2MzVlNjFiZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw2tKFfOXpJOnrrxel6g5W3Uu3m5
E0EgU7IzG2KCB5XefUoWdT0siYPeRzKUoEXmlwYbe6iXHqa86RL0PIK6fPcdbatt
lRNm9t/DaurMV91RZKocbdFR4K+0joWGfzdVFAeMdhBzAa01Brp7/7kHdUodyV6C
4KoWXqfD74INnubRXl1i4fTKFe1DUUXtBSQky5/6GyfOqdwpPZe3TIviiTjfOPoT
YATDfL8pAg734o9gjjnvT7PSPVl3yg75EihsPbkNpZme3gTqE4lDFjXu52UJXsGv
vWyJ/0C0+nGJISvNHzKJM/bdG8oAWMtgkw4FrSlUlvVZweRoRtNanDjxJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFERX8WmqUv70Mq5JpmUCxWNeYb/oMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvUkZmeGFhcFNfdlF5cmttbVpRTEZZMTVodi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBJYzuAwQC
uRy8MBYEAgACMBADBgAqAIhgAQMGACoAiGEBMA0GCSqGSIb3DQEBCwUAA4IBAQBD
dNsNZpDulr2u7eHb6jPIm7uWQFjATU7kmaFifxzr9Y99JFXMbh+LQAWmGTIj42m7
pCm+HnWjtMf42JcRXlTlneZB/00EGlC+9TlZYsDJFeEXmTm8160D1SvpPFoPwDmX
2WbJvuuhW67x8mc4kVLZnN/pOj4/kh/HyxCEUp80QnD3We+q52l7tUhDWwkPo9oS
u4M99uvklEeu3swh/r8J6LyYgjoixVlb1Dw5CQm2LjF/tuXNUOe5l1/ieSIr60E6
2fxNrjj91AOYzHuTLZzLjsjlzfcLnd0rtA0nJDR81gZdUQ4Rzx3rhyEdwbqUuq3p
ptMR6IJ46MEb2ubt0LYf
-----END CERTIFICATE-----
Generated at Wed May 22 03:39:37 2024 by rpki-client on console-ams.rpki-client.org