Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dNBmc_qw5-3u02SXDDzaHlVr3gg.roa
File: dNBmc_qw5-3u02SXDDzaHlVr3gg.roa (raw, json)
Hash identifier: iXNGG8azXruCxloBkHf6GJUbVCuBAN1KFz+JhIqUC4c=
Subject key identifier: 74:D0:66:73:FA:B0:E7:ED:EE:D3:64:97:0C:3C:DA:1E:55:6B:DE:08
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0192FCE4BB471D30A12566F4CC8AB33893C8
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dNBmc_qw5-3u02SXDDzaHlVr3gg.roa
Signing time: Tue 05 Nov 2024 15:15:01 +0000
ROA not before: Tue 05 Nov 2024 15:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200197
IP address blocks: 37.230.131.0/24 maxlen: 24
37.230.170.0/24 maxlen: 24
37.230.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:e4:bb:47:1d:30:a1:25:66:f4:cc:8a:b3:38:93:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Nov 5 15:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74d06673fab0e7edeed364970c3cda1e556bde08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:94:b8:cb:48:aa:99:a1:95:52:2a:b1:29:cd:
bd:a9:12:40:29:48:25:69:57:fd:53:92:3e:cf:78:
4e:d5:ea:4b:af:4a:fd:d4:43:06:02:68:a9:5e:78:
06:fa:e3:9f:6b:3f:f1:ed:88:16:79:12:d7:2c:66:
76:f3:1c:78:29:1a:2b:22:c1:cb:68:fe:61:2f:3c:
66:3f:2a:01:79:74:4b:cb:0d:b2:9f:d0:d1:76:27:
45:1c:7f:47:c5:00:cf:ff:04:32:e3:bb:bd:72:a7:
1c:f4:7d:98:34:90:65:ab:34:e6:dd:ac:82:ec:3d:
72:8f:a4:92:29:65:30:69:03:4b:05:77:a3:ac:c9:
31:01:c4:f1:7c:54:6a:40:01:31:df:15:71:8d:c3:
21:fb:76:11:80:5b:c4:48:50:79:d5:b3:59:42:93:
6e:25:95:e3:5f:28:b4:56:fc:9f:15:9f:70:1b:50:
a3:4c:9e:7c:7c:5c:a4:22:39:9d:e8:f1:24:22:52:
c7:0e:d1:36:44:58:1e:66:74:76:55:82:7a:1a:d5:
1c:ac:59:35:73:12:23:46:21:ea:cc:9e:70:16:b7:
d0:1c:65:e2:dc:c8:34:cf:00:82:51:db:b2:df:0b:
39:a6:71:6f:49:21:33:76:74:ad:dd:b7:47:e6:df:
fc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D0:66:73:FA:B0:E7:ED:EE:D3:64:97:0C:3C:DA:1E:55:6B:DE:08
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/dNBmc_qw5-3u02SXDDzaHlVr3gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.131.0/24
37.230.170.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:ef:bd:06:e8:35:7e:5d:c9:86:f5:27:4a:f1:a3:1c:08:ef:
e3:5c:b7:78:2d:ad:e3:f0:18:49:55:27:48:4b:cd:e6:ff:be:
ab:0b:b4:2f:cb:d5:e2:8f:a5:d5:57:3d:56:f0:1b:91:4b:a9:
5b:31:de:0a:ab:39:35:92:ab:94:1a:2b:d8:f0:d4:67:a6:3f:
48:38:26:e3:4b:22:e7:ef:66:d1:b1:52:9c:71:88:56:ef:05:
29:f1:ad:d5:89:d3:97:a5:c7:31:87:1f:7e:1f:40:c0:8f:32:
64:a6:44:35:8d:6f:6a:20:34:9f:02:0d:c3:df:39:78:d2:e5:
2a:6b:f0:84:be:d6:cf:80:b1:e2:34:3b:21:36:ff:c3:cd:a1:
31:37:5a:49:5b:88:48:da:00:15:ad:c8:32:1c:a5:de:ff:53:
c9:d6:f2:42:85:84:73:c9:a9:4a:c8:e8:ff:38:38:50:f2:c1:
52:e2:42:8c:f7:73:7c:33:c4:06:2d:b8:4a:3a:e9:e4:00:db:
98:fd:40:53:9f:38:58:2e:2b:15:1c:ea:15:e3:9a:ad:3e:11:
b8:2b:74:d6:44:bd:14:22:e4:2d:82:33:bf:0e:cd:f9:fd:0c:
5f:4d:98:9e:74:7f:13:f8:30:e3:55:f8:87:2e:ff:62:1c:de:
40:d0:a9:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZL85LtHHTChJWb0zIqzOJPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQxMTA1MTUxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQwNjY3M2ZhYjBlN2VkZWVkMzY0OTcwYzNjZGExZTU1NmJkZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5S4y0iqmaGVUiqxKc29qRJAKUgl
aVf9U5I+z3hO1epLr0r91EMGAmipXngG+uOfaz/x7YgWeRLXLGZ28xx4KRorIsHL
aP5hLzxmPyoBeXRLyw2yn9DRdidFHH9HxQDP/wQy47u9cqcc9H2YNJBlqzTm3ayC
7D1yj6SSKWUwaQNLBXejrMkxAcTxfFRqQAEx3xVxjcMh+3YRgFvESFB51bNZQpNu
JZXjXyi0VvyfFZ9wG1CjTJ58fFykIjmd6PEkIlLHDtE2RFgeZnR2VYJ6GtUcrFk1
cxIjRiHqzJ5wFrfQHGXi3Mg0zwCCUduy3ws5pnFvSSEzdnSt3bdH5t/83wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTQZnP6sOft7tNklww82h5Va94IMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvZE5CbWNfcXc1LTN1MDJTWEREemFIbFZyM2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJeaDAwQB
JeaqMA0GCSqGSIb3DQEBCwUAA4IBAQA7770G6DV+XcmG9SdK8aMcCO/jXLd4La3j
8BhJVSdIS83m/76rC7Qvy9Xij6XVVz1W8BuRS6lbMd4Kqzk1kquUGivY8NRnpj9I
OCbjSyLn72bRsVKccYhW7wUp8a3VidOXpccxhx9+H0DAjzJkpkQ1jW9qIDSfAg3D
3zl40uUqa/CEvtbPgLHiNDshNv/DzaExN1pJW4hI2gAVrcgyHKXe/1PJ1vJChYRz
yalKyOj/ODhQ8sFS4kKM93N8M8QGLbhKOunkANuY/UBTnzhYLisVHOoV45qtPhG4
K3TWRL0UIuQtgjO/Ds35/QxfTZiedH8T+DDjVfiHLv9iHN5A0KkR
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:12 2024 by rpki-client on console-ams.rpki-client.org