Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hc9Vs4C9h2EJPgc_YggmI2MbtgU.roa
File: hc9Vs4C9h2EJPgc_YggmI2MbtgU.roa (raw, json)
Hash identifier: RTtHWqUPG7vTr/WOLASQOjgqKxOko65y6Uoc4+jEUL8=
Subject key identifier: 85:CF:55:B3:80:BD:87:61:09:3E:07:3F:62:08:26:23:63:1B:B6:05
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01935331739BB158FECE881D32684848EE2E
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hc9Vs4C9h2EJPgc_YggmI2MbtgU.roa
Signing time: Fri 22 Nov 2024 09:26:10 +0000
ROA not before: Fri 22 Nov 2024 09:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206385
IP address blocks: 37.18.41.0/24 maxlen: 24
37.230.136.0/24 maxlen: 24
178.170.253.0/24 maxlen: 24
185.2.33.0/24 maxlen: 24
188.72.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:31:73:9b:b1:58:fe:ce:88:1d:32:68:48:48:ee:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Nov 22 09:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85cf55b380bd8761093e073f62082623631bb605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1c:d4:77:1e:0b:ab:a1:50:94:ff:c4:db:41:
25:4d:20:9f:11:60:16:91:f9:8a:05:0b:70:35:07:
3e:fc:e7:aa:61:1c:0a:e2:b5:77:3b:84:07:b2:b6:
8b:a6:84:ab:b0:72:c2:73:63:53:a6:07:89:f9:3b:
0d:75:0c:3f:f3:87:b7:83:a1:ba:14:c6:52:2e:28:
cf:d0:5a:b4:aa:d7:c4:8b:9f:d2:9a:f6:3c:a1:41:
5f:b2:33:7e:25:ce:86:95:85:b3:42:f5:cc:3a:c8:
62:c5:cb:48:e8:e1:03:1f:b3:a9:e7:67:ce:47:14:
dd:04:70:b1:f3:22:d8:a4:6d:b0:47:f2:b7:0c:aa:
96:e1:df:98:dc:c7:db:cc:de:ca:f7:39:67:c6:ce:
4b:f5:8a:52:c3:26:58:61:b2:a0:06:c7:e4:c4:3a:
73:57:fe:7b:d4:44:0b:c9:ed:e0:f5:c0:19:bb:df:
0f:e0:b1:2d:f1:de:0a:06:c4:be:af:41:4f:07:51:
ae:25:e3:17:09:a9:ab:2e:89:09:0e:3a:81:17:54:
90:c6:40:c5:ab:d0:53:16:de:c4:f9:ed:4d:d8:82:
13:17:11:71:32:92:7a:a1:05:21:19:33:3c:ed:b8:
bf:2a:77:34:a2:5a:dd:77:f1:28:3e:17:98:40:c9:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CF:55:B3:80:BD:87:61:09:3E:07:3F:62:08:26:23:63:1B:B6:05
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hc9Vs4C9h2EJPgc_YggmI2MbtgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.41.0/24
37.230.136.0/24
178.170.253.0/24
185.2.33.0/24
188.72.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:d7:3e:a0:ef:7e:96:4a:d2:1c:49:e9:37:99:9a:9b:aa:cf:
d9:36:c3:5e:18:97:aa:67:b8:e3:ef:bf:da:d4:1a:80:6f:88:
66:47:f5:53:a9:81:5b:46:a2:ca:05:47:10:55:3a:d2:2f:8f:
a9:58:40:34:01:f5:c9:2b:74:7a:f5:56:72:91:e7:6f:0c:39:
11:02:a1:da:6b:e3:c2:58:20:11:16:5e:c9:91:9f:54:d8:38:
47:79:ad:1f:e0:1a:20:5c:c3:53:df:0a:8b:96:13:1d:a3:ad:
59:dc:69:57:b2:27:8e:61:a2:25:9d:f1:d2:00:81:34:23:4a:
8d:52:59:0b:53:0e:54:04:48:8f:61:19:6a:48:f3:36:00:04:
8b:41:16:73:54:bc:5a:f5:bb:35:e3:43:6f:6e:bd:1f:28:7a:
b7:92:00:0a:6a:89:a4:9f:b7:f5:cf:05:68:b1:e9:2f:79:02:
ae:89:e8:37:df:cd:05:4c:c2:a2:49:77:8c:47:8a:4b:24:40:
13:56:44:5d:72:93:ce:a5:af:e8:1c:a7:13:dc:17:ae:18:58:
a3:de:e5:c6:84:72:3e:63:11:ed:4b:15:a3:ab:cb:dd:8e:c4:
c3:63:08:fe:10:4b:88:30:dc:43:dd:d1:71:02:2b:ba:4a:d0:
97:a9:5e:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNTMXObsVj+zogdMmhISO4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQxMTIyMDkyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNmNTViMzgwYmQ4NzYxMDkzZTA3M2Y2MjA4MjYyMzYzMWJiNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BzUdx4Lq6FQlP/E20ElTSCfEWAW
kfmKBQtwNQc+/OeqYRwK4rV3O4QHsraLpoSrsHLCc2NTpgeJ+TsNdQw/84e3g6G6
FMZSLijP0Fq0qtfEi5/SmvY8oUFfsjN+Jc6GlYWzQvXMOshixctI6OEDH7Op52fO
RxTdBHCx8yLYpG2wR/K3DKqW4d+Y3MfbzN7K9zlnxs5L9YpSwyZYYbKgBsfkxDpz
V/571EQLye3g9cAZu98P4LEt8d4KBsS+r0FPB1GuJeMXCamrLokJDjqBF1SQxkDF
q9BTFt7E+e1N2IITFxFxMpJ6oQUhGTM87bi/Knc0olrdd/EoPheYQMlxSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIXPVbOAvYdhCT4HP2IIJiNjG7YFMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvaGM5VnM0QzloMkVKUGdjX1lnZ21JMk1idGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJRIpAwQA
JeaIAwQAsqr9AwQAuQIhAwQAvEhIMA0GCSqGSIb3DQEBCwUAA4IBAQCn1z6g736W
StIcSek3mZqbqs/ZNsNeGJeqZ7jj77/a1BqAb4hmR/VTqYFbRqLKBUcQVTrSL4+p
WEA0AfXJK3R69VZykedvDDkRAqHaa+PCWCARFl7JkZ9U2DhHea0f4BogXMNT3wqL
lhMdo61Z3GlXsieOYaIlnfHSAIE0I0qNUlkLUw5UBEiPYRlqSPM2AASLQRZzVLxa
9bs140Nvbr0fKHq3kgAKaomkn7f1zwVosekveQKuieg3380FTMKiSXeMR4pLJEAT
VkRdcpPOpa/oHKcT3BeuGFij3uXGhHI+YxHtSxWjq8vdjsTDYwj+EEuIMNxD3dFx
Aiu6StCXqV5c
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:35 2024 by rpki-client on console-fra.rpki-client.org