Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foUnRQGRFOBBdoXTXNHha51LdHg.roa
File: foUnRQGRFOBBdoXTXNHha51LdHg.roa (raw, json)
Hash identifier: D7atninC5neEy5jdyN3SxhSozvFEJCKdS5CQwRps4eE=
Subject key identifier: 7E:85:27:45:01:91:14:E0:41:76:85:D3:5C:D1:E1:6B:9D:4B:74:78
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01933A5DDC35DBEEDBA26B8B6C19ADB418EA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foUnRQGRFOBBdoXTXNHha51LdHg.roa
Signing time: Sun 17 Nov 2024 13:44:09 +0000
ROA not before: Sun 17 Nov 2024 13:44:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.206.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:5d:dc:35:db:ee:db:a2:6b:8b:6c:19:ad:b4:18:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Nov 17 13:44:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e852745019114e0417685d35cd1e16b9d4b7478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2f:b0:85:85:fa:f6:61:64:97:0b:29:82:45:
bc:28:f4:03:5a:17:69:be:b1:f6:18:26:2b:0c:c4:
aa:05:5e:22:11:8e:19:d2:fd:d4:ae:a0:39:f6:29:
34:e7:d1:5d:63:89:70:4e:b9:78:4e:8c:59:88:b6:
44:ee:f0:07:a4:45:9b:bb:1b:8e:b0:8e:1f:0b:a6:
85:8d:36:0e:7a:0c:a7:26:bf:21:90:45:fb:e6:2d:
23:6e:ff:6c:e4:a0:69:9a:f8:6f:f1:9d:f6:5f:1a:
e6:3b:b7:2c:7d:d0:d4:f1:70:10:c1:9e:a2:d7:79:
7e:3b:d5:fa:49:aa:13:22:15:39:a7:06:bc:d9:18:
d2:91:9d:52:d0:84:82:7c:27:6b:90:38:0a:3b:b2:
c3:4b:63:12:e6:e9:4f:14:d0:b2:e7:ad:3f:a3:42:
42:e6:a6:83:34:26:b5:04:60:fa:40:73:b9:a0:fd:
d4:b2:c0:e5:77:8e:10:e8:92:79:d6:c6:54:d3:f9:
3b:35:47:bd:17:ce:65:2b:d9:d5:ad:27:f0:6e:dc:
5e:72:9a:6d:8e:f4:41:57:9e:be:40:95:8b:10:a9:
fc:47:f0:ef:ad:d7:84:45:b0:12:4c:16:50:24:fa:
17:9c:cd:d3:90:9f:f9:af:41:48:03:e3:77:df:48:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:85:27:45:01:91:14:E0:41:76:85:D3:5C:D1:E1:6B:9D:4B:74:78
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foUnRQGRFOBBdoXTXNHha51LdHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0-37.202.206.255
37.202.208.0-37.202.210.255
37.202.212.0/23
Signature Algorithm: sha256WithRSAEncryption
53:bf:88:ba:cf:4f:f6:17:ef:f9:22:49:a5:83:77:03:c9:87:
34:26:12:b5:fc:5f:03:e3:27:49:b6:02:51:a0:c7:af:72:3c:
41:c7:a4:cf:3d:91:d9:45:a3:82:27:4a:1a:08:58:14:e5:2b:
e4:30:47:c0:bb:28:2c:61:46:88:af:01:ef:50:f4:68:2f:4d:
43:28:46:77:35:06:fd:29:e0:d6:69:ab:32:83:f0:2c:e1:6f:
df:1c:99:7f:41:e2:95:cd:70:10:84:b4:01:86:ec:42:a5:58:
ff:a2:b6:99:aa:42:f0:83:fd:f3:b6:a5:be:b3:55:d2:e7:da:
e6:42:ec:9e:d3:50:37:5b:9a:6e:fa:aa:5c:46:de:bb:fa:32:
4e:cc:7e:72:2b:3c:cb:cf:bc:34:8a:53:04:49:22:d1:65:08:
8b:6d:30:bf:8e:ed:97:65:48:5a:c5:a4:9a:26:d1:d7:71:8a:
32:f7:1d:0b:3e:02:72:9a:fb:ee:95:0e:1b:66:fa:75:9b:b0:
0e:bd:07:7e:83:20:2f:8f:be:26:75:30:c6:56:f0:d2:74:dd:
cb:04:d9:f8:ab:36:0d:42:eb:22:68:75:c5:15:e7:0d:ed:f6:
c8:ed:8a:26:77:33:6c:d3:e6:6a:42:18:23:80:2f:4c:e1:aa:
a5:e4:51:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZM6Xdw12+7bomuLbBmttBjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMTE3MTM0NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg1Mjc0NTAxOTExNGUwNDE3Njg1ZDM1Y2QxZTE2YjlkNGI3NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy+whYX69mFklwspgkW8KPQDWhdp
vrH2GCYrDMSqBV4iEY4Z0v3UrqA59ik059FdY4lwTrl4ToxZiLZE7vAHpEWbuxuO
sI4fC6aFjTYOegynJr8hkEX75i0jbv9s5KBpmvhv8Z32XxrmO7csfdDU8XAQwZ6i
13l+O9X6SaoTIhU5pwa82RjSkZ1S0ISCfCdrkDgKO7LDS2MS5ulPFNCy560/o0JC
5qaDNCa1BGD6QHO5oP3UssDld44Q6JJ51sZU0/k7NUe9F85lK9nVrSfwbtxecppt
jvRBV56+QJWLEKn8R/DvrdeERbASTBZQJPoXnM3TkJ/5r0FIA+N330jMcQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH6FJ0UBkRTgQXaF01zR4WudS3R4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZm9VblJRR1JGT0JCZG9YVFhOSGhhNTFMZEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAlys0D
BAAlys4wDAMEBCXK0AMEACXK0gMEASXK1DANBgkqhkiG9w0BAQsFAAOCAQEAU7+I
us9P9hfv+SJJpYN3A8mHNCYStfxfA+MnSbYCUaDHr3I8Qcekzz2R2UWjgidKGghY
FOUr5DBHwLsoLGFGiK8B71D0aC9NQyhGdzUG/Sng1mmrMoPwLOFv3xyZf0Hilc1w
EIS0AYbsQqVY/6K2mapC8IP987alvrNV0ufa5kLsntNQN1uabvqqXEbeu/oyTsx+
cis8y8+8NIpTBEki0WUIi20wv47tl2VIWsWkmibR13GKMvcdCz4Ccpr77pUOG2b6
dZuwDr0HfoMgL4++JnUwxlbw0nTdywTZ+Ks2DULrImh1xRXnDe32yO2KJnczbNPm
akIYI4AvTOGqpeRRog==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:55 2024 by rpki-client on console-fra.rpki-client.org