Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/JlTdFx8COn5QnhHKq2uAHvi8_88.roa
File: JlTdFx8COn5QnhHKq2uAHvi8_88.roa (raw, json)
Hash identifier: OIm1xQAtUAPi7l7mTtGuMoaddWxha0q1Mw7OswTPiRc=
Subject key identifier: 26:54:DD:17:1F:02:3A:7E:50:9E:11:CA:AB:6B:80:1E:F8:BC:FF:CF
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0193310DD3D9ED8E17B2E1BBC757EA44A5F5
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/JlTdFx8COn5QnhHKq2uAHvi8_88.roa
Signing time: Fri 15 Nov 2024 18:20:10 +0000
ROA not before: Fri 15 Nov 2024 18:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 37.32.42.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
178.239.156.0/24 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.172.0/22 maxlen: 24
185.124.175.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.243.49.0/24 maxlen: 24
185.243.50.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:31:0d:d3:d9:ed:8e:17:b2:e1:bb:c7:57:ea:44:a5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 15 18:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2654dd171f023a7e509e11caab6b801ef8bcffcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ab:d3:86:0d:5a:a9:b5:63:f3:cb:9a:c8:9c:
99:07:89:ea:fa:fe:d4:db:a9:47:61:11:ec:a6:25:
07:56:b6:04:22:7b:2b:99:24:c3:3c:fd:06:c0:35:
d5:dc:93:74:fc:5a:85:24:99:7f:4d:c5:90:45:ce:
1d:a7:b3:00:61:27:6f:5e:33:e2:67:dc:27:7d:bd:
48:9c:11:79:9e:cf:0d:cb:fb:7e:eb:83:24:ef:01:
6b:48:b3:28:b2:f1:ca:9b:eb:40:8c:9d:b6:55:58:
bc:6e:73:ea:eb:95:82:c4:99:6a:d1:ca:2d:8f:ae:
6f:7d:11:17:94:a2:9d:78:78:f6:c0:97:ca:5c:63:
78:12:33:e8:e6:f8:e2:e2:29:1f:04:94:69:28:3a:
47:3d:02:38:8c:2e:8d:e3:aa:d6:14:c7:c4:dc:f6:
77:69:3b:e6:4b:89:3e:9a:38:bf:27:c0:7e:42:76:
76:82:d7:fc:50:4d:ce:08:ef:c4:8e:f4:e8:e1:0d:
f0:a9:2d:09:b0:63:c2:5e:23:6a:02:08:56:e5:81:
6d:38:fa:06:14:ee:55:89:d1:5a:c5:76:9b:97:b3:
d6:af:a8:92:6a:27:17:2a:bf:6e:85:f5:50:ae:46:
1d:7b:3f:22:b5:bd:01:17:da:67:b1:8f:47:ca:7e:
4e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:54:DD:17:1F:02:3A:7E:50:9E:11:CA:AB:6B:80:1E:F8:BC:FF:CF
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/JlTdFx8COn5QnhHKq2uAHvi8_88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.42.0/24
37.32.44.0/23
178.239.156.0/24
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.212.48.0/24
185.243.49.0-185.243.50.255
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
a2:fc:90:48:c1:54:98:61:e0:41:b3:76:5a:2c:a8:c2:5d:96:
96:89:28:62:a0:82:3e:91:12:6d:c9:5d:fa:eb:94:45:52:78:
63:9d:4b:99:f2:ea:f9:7c:ee:61:93:33:45:68:05:22:4c:1a:
1f:23:e9:54:d8:ef:1a:0d:35:b5:27:6f:df:46:e2:d9:a7:69:
39:bf:6a:58:a2:f2:f6:60:ed:37:71:74:01:70:44:08:58:b5:
58:38:25:15:2f:af:22:a7:4f:17:41:fc:6a:23:80:9d:f0:b4:
5f:49:9f:5d:fe:77:8c:28:ef:bd:cf:09:14:cc:22:76:8a:2f:
0d:e2:6d:cf:6d:dd:b0:82:4a:b5:4d:b7:2b:20:4b:f2:a3:d0:
20:34:67:66:ba:1b:79:97:fd:7f:40:bd:80:60:64:00:71:ba:
b4:b3:f5:b5:34:c3:d4:f5:c3:12:c9:05:36:e7:29:4b:7c:c8:
1c:21:f0:3f:08:60:2c:12:4a:c6:cb:41:dd:24:35:3c:ac:02:
f0:67:a5:45:2d:d6:b3:9b:b8:3d:9c:27:ba:46:04:f9:a5:1b:
71:5a:bf:6e:2c:de:18:08:8f:32:e6:b2:ed:a1:dc:8f:3b:b3:
e0:38:bc:fc:9a:a5:d0:0d:28:31:ee:34:97:ad:7e:8b:61:44:
13:03:f2:dd
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZMxDdPZ7Y4XsuG7x1fqRKX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQxMTE1MTgyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjU0ZGQxNzFmMDIzYTdlNTA5ZTExY2FhYjZiODAxZWY4YmNmZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsavThg1aqbVj88uayJyZB4nq+v7U
26lHYRHspiUHVrYEInsrmSTDPP0GwDXV3JN0/FqFJJl/TcWQRc4dp7MAYSdvXjPi
Z9wnfb1InBF5ns8Ny/t+64Mk7wFrSLMosvHKm+tAjJ22VVi8bnPq65WCxJlq0cot
j65vfREXlKKdeHj2wJfKXGN4EjPo5vji4ikfBJRpKDpHPQI4jC6N46rWFMfE3PZ3
aTvmS4k+mji/J8B+QnZ2gtf8UE3OCO/EjvTo4Q3wqS0JsGPCXiNqAghW5YFtOPoG
FO5VidFaxXabl7PWr6iSaicXKr9uhfVQrkYdez8itb0BF9pnsY9Hyn5OfQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCZU3RcfAjp+UJ4RyqtrgB74vP/PMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvSmxUZEZ4OENPbjVRbmhIS3EydUFIdmk4Xzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAJSAqAwQB
JSAsAwQAsu+cAwQAsu+fAwQBuRoiAwQCuXysAwQAudQwMAwDBAC58zEDBAC58zIw
DQQCAAIwBwMFACoAcEAwDQYJKoZIhvcNAQELBQADggEBAKL8kEjBVJhh4EGzdlos
qMJdlpaJKGKggj6REm3JXfrrlEVSeGOdS5ny6vl87mGTM0VoBSJMGh8j6VTY7xoN
NbUnb99G4tmnaTm/alii8vZg7TdxdAFwRAhYtVg4JRUvryKnTxdB/GojgJ3wtF9J
n13+d4wo773PCRTMInaKLw3ibc9t3bCCSrVNtysgS/Kj0CA0Z2a6G3mX/X9AvYBg
ZABxurSz9bU0w9T1wxLJBTbnKUt8yBwh8D8IYCwSSsbLQd0kNTysAvBnpUUt1rOb
uD2cJ7pGBPmlG3Fav24s3hgIjzLmsu2h3I87s+A4vPyapdANKDHuNJetfothRBMD
8t0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:01 2024 by rpki-client on console-ams.rpki-client.org