Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vHsuzpBtSPnoAvmxYYr0WOweq_M.roa
File: vHsuzpBtSPnoAvmxYYr0WOweq_M.roa (raw, json)
Hash identifier: d1+gnQ0Xlfur6cy1zn4BHRKv6VpITNLIGEeECYWqHjQ=
Subject key identifier: BC:7B:2E:CE:90:6D:48:F9:E8:02:F9:B1:61:8A:F4:58:EC:1E:AB:F3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0192B28CFCC2254EDF48F4954CD4CDE7DB98
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vHsuzpBtSPnoAvmxYYr0WOweq_M.roa
Signing time: Tue 22 Oct 2024 04:47:16 +0000
ROA not before: Tue 22 Oct 2024 04:47:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214024
IP address blocks: 37.202.220.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b2:8c:fc:c2:25:4e:df:48:f4:95:4c:d4:cd:e7:db:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 22 04:47:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc7b2ece906d48f9e802f9b1618af458ec1eabf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:80:03:cf:45:65:d9:5e:08:e0:67:3c:e7:
63:99:86:e5:27:fa:cf:c6:fe:fc:e9:83:76:a6:8d:
71:40:ca:8a:6d:3b:24:b8:1e:38:91:dd:f0:3c:f5:
c9:2f:70:d7:37:fe:d0:2e:1c:0c:35:8b:ae:4d:40:
11:4c:48:d0:41:8d:c1:bf:71:0f:c3:2b:bf:88:98:
d2:13:3e:74:6c:7e:c3:29:18:a0:6e:02:ae:93:2b:
fb:36:42:3d:bf:08:b6:26:48:c0:04:37:89:fe:a9:
aa:a6:71:8b:b3:78:9d:b3:29:23:fa:cc:79:99:d4:
86:ce:a4:b9:72:5e:9a:58:5d:e7:6d:75:95:ed:fb:
b6:24:d6:d3:a5:f6:a9:2d:77:e1:a6:8a:f4:d2:fa:
9e:fc:66:b1:e6:6b:15:28:0a:44:f0:e3:04:2f:95:
f0:8a:fa:35:53:7b:4c:cd:77:02:d6:b7:a4:d8:45:
ce:f7:aa:c8:e1:e6:7d:d2:9f:03:aa:20:3a:44:e5:
58:b9:b4:e8:13:0d:d6:f6:0d:bd:aa:16:74:39:9d:
a9:2b:f8:73:50:13:60:48:03:74:80:b5:87:00:b9:
04:5c:57:bd:0f:47:02:c9:0d:f6:d3:a2:ef:08:c4:
d9:9d:ba:6a:34:93:48:02:2a:97:a3:7a:d2:5e:70:
ae:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:7B:2E:CE:90:6D:48:F9:E8:02:F9:B1:61:8A:F4:58:EC:1E:AB:F3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vHsuzpBtSPnoAvmxYYr0WOweq_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/23
Signature Algorithm: sha256WithRSAEncryption
69:6c:6b:d0:a0:88:c8:56:20:d3:57:7b:56:63:20:bb:16:5a:
ee:83:36:d3:74:d6:6f:23:fb:69:dc:d8:4e:10:19:9a:f3:ee:
70:9c:35:04:96:b0:4e:c5:da:88:c7:1a:ff:d7:7d:0d:55:e6:
47:c7:85:97:01:83:9b:00:19:67:cd:8e:ff:7f:90:89:a0:30:
58:28:82:97:a0:07:85:ec:27:c0:04:7a:87:f0:ea:a7:ad:84:
8f:5c:dc:af:e7:89:6a:16:b8:cc:8f:04:0a:10:5e:28:56:c9:
bf:56:a4:20:e8:b6:70:31:b5:82:97:b5:b0:8d:4c:be:0f:5a:
cf:ea:00:65:44:f0:b9:52:a5:bd:e2:ae:3a:6c:16:dd:b7:c8:
a6:38:76:5c:80:09:a2:6b:90:d9:c1:be:6d:90:87:a7:4d:c0:
17:31:2d:be:5d:03:31:ac:36:e0:c2:55:41:ee:68:16:76:47:
e6:70:d2:cc:81:ff:5b:f4:54:9c:01:c9:81:de:fd:7d:a5:22:
24:c2:5e:8d:29:3d:7f:39:ac:b6:b2:22:dd:da:c3:78:e0:b9:
68:f3:02:11:74:b3:68:b5:e3:81:88:7c:4c:d5:88:7e:c2:67:
ae:bf:f7:00:05:63:d9:38:04:7b:74:37:eb:82:2b:f4:28:9f:
9d:f1:0b:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKyjPzCJU7fSPSVTNTN59uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMDIyMDQ0NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzdiMmVjZTkwNmQ0OGY5ZTgwMmY5YjE2MThhZjQ1OGVjMWVhYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9WAA89FZdleCOBnPOdjmYblJ/rP
xv786YN2po1xQMqKbTskuB44kd3wPPXJL3DXN/7QLhwMNYuuTUARTEjQQY3Bv3EP
wyu/iJjSEz50bH7DKRigbgKukyv7NkI9vwi2JkjABDeJ/qmqpnGLs3idsykj+sx5
mdSGzqS5cl6aWF3nbXWV7fu2JNbTpfapLXfhpor00vqe/Gax5msVKApE8OMEL5Xw
ivo1U3tMzXcC1rek2EXO96rI4eZ90p8DqiA6ROVYubToEw3W9g29qhZ0OZ2pK/hz
UBNgSAN0gLWHALkEXFe9D0cCyQ3206LvCMTZnbpqNJNIAiqXo3rSXnCucwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLx7Ls6QbUj56AL5sWGK9FjsHqvzMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdkhzdXpwQnRTUG5vQXZteFlZcjBXT3dlcV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJcrcMA0G
CSqGSIb3DQEBCwUAA4IBAQBpbGvQoIjIViDTV3tWYyC7FlrugzbTdNZvI/tp3NhO
EBma8+5wnDUElrBOxdqIxxr/130NVeZHx4WXAYObABlnzY7/f5CJoDBYKIKXoAeF
7CfABHqH8OqnrYSPXNyv54lqFrjMjwQKEF4oVsm/VqQg6LZwMbWCl7WwjUy+D1rP
6gBlRPC5UqW94q46bBbdt8imOHZcgAmia5DZwb5tkIenTcAXMS2+XQMxrDbgwlVB
7mgWdkfmcNLMgf9b9FScAcmB3v19pSIkwl6NKT1/Oay2siLd2sN44Llo8wIRdLNo
teOBiHxM1Yh+wmeuv/cABWPZOAR7dDfrgiv0KJ+d8Quq
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:48 2024 by rpki-client on console-ams.rpki-client.org