Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/m7Su4VCGLMeib3CNNxYrFM-H-Ac.roa
File: m7Su4VCGLMeib3CNNxYrFM-H-Ac.roa (raw, json)
Hash identifier: qi9mJCV3raDSQDabjZBNkES/cEZmcbuRpguoHav9pD0=
Subject key identifier: 9B:B4:AE:E1:50:86:2C:C7:A2:6F:70:8D:37:16:2B:14:CF:87:F8:07
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 018CC50123018D5688BE3FDEA16DE96B6809
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/m7Su4VCGLMeib3CNNxYrFM-H-Ac.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.26.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:23:01:8d:56:88:be:3f:de:a1:6d:e9:6b:68:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bb4aee150862cc7a26f708d37162b14cf87f807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:dd:e6:09:d8:cc:1d:f4:58:32:24:5b:ba:
5c:50:b3:d4:77:6c:8d:c0:ac:d1:09:a4:01:27:02:
e2:fa:2a:d1:ab:c9:83:9c:62:6d:ba:d9:25:b6:3a:
68:1a:8f:09:70:36:ee:96:ed:bb:69:e8:7b:aa:fb:
31:c7:c2:02:95:37:53:62:59:9a:86:d3:e8:57:6e:
44:32:7b:d6:34:24:43:a4:d3:c3:11:ed:f8:2a:2b:
04:f0:31:8f:18:4c:a7:aa:56:5e:7d:fb:32:f3:d6:
24:ae:bc:1c:2f:57:3a:fa:32:83:99:bd:62:c8:7e:
03:a4:71:51:c2:38:22:cf:c5:19:36:43:26:e7:5c:
83:14:38:10:13:77:6c:3d:01:25:50:e7:0f:4b:72:
a5:9f:46:d7:f3:2e:3b:73:05:cf:4a:7d:2d:ca:78:
4e:46:17:d8:86:b8:27:48:51:73:2d:50:70:77:63:
07:2d:16:e9:3e:00:38:11:03:fe:8e:68:8d:90:8e:
35:76:19:2d:08:4a:b5:cf:cb:41:61:ed:5f:44:a5:
b7:12:4b:91:42:78:03:75:8a:fe:c7:39:2b:32:9d:
67:99:ec:8b:f3:19:e6:45:8e:42:a4:47:6f:65:d5:
a9:c8:ab:1b:2f:ac:7b:ce:dd:ce:47:9b:44:1c:15:
fa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B4:AE:E1:50:86:2C:C7:A2:6F:70:8D:37:16:2B:14:CF:87:F8:07
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/m7Su4VCGLMeib3CNNxYrFM-H-Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/22
185.191.76.0/22
Signature Algorithm: sha256WithRSAEncryption
66:c8:15:85:98:18:73:a8:87:73:45:71:0f:e2:f5:bc:c0:78:
f2:c5:84:cc:50:f9:54:b2:b9:cb:99:4a:87:e3:2e:eb:7f:2b:
96:38:bc:46:5c:3f:54:e0:b6:9e:a1:af:71:b6:ff:03:ce:00:
b2:30:c0:9b:4a:29:33:3a:e2:97:8d:02:93:bd:c6:ff:5e:0d:
2f:4a:f6:fe:d7:3f:82:79:c4:db:19:58:2f:a4:63:50:51:d9:
a6:ff:25:55:b0:50:c7:17:c5:7a:3e:da:b1:37:bb:bc:33:22:
5c:a1:d9:b3:7f:15:61:8e:f2:57:e2:8f:4e:99:09:47:48:e8:
14:f2:b0:57:3b:7f:92:0a:de:6d:40:76:c5:3b:34:c8:81:18:
e8:b1:14:61:45:08:d7:ab:50:c9:ae:26:a1:68:75:1c:e8:00:
d3:d1:d5:b0:2e:90:54:89:79:86:e4:a4:6f:5c:e0:c2:a4:3d:
b6:a6:9e:b3:90:b1:b1:59:79:e4:4f:0f:cf:12:b3:e0:65:26:
65:2e:1f:0c:db:c9:ce:20:73:6b:7d:d0:80:3c:c2:1b:c5:c6:
16:ca:fa:2d:61:69:49:7c:85:c5:89:50:a4:f2:45:ea:61:6e:
83:0d:2f:35:2e:49:00:39:39:e0:c1:40:0c:cf:71:4d:c5:4d:
74:c2:66:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFASMBjVaIvj/eoW3pa2gJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI0YWVlMTUwODYyY2M3YTI2ZjcwOGQzNzE2MmIxNGNmODdmODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuebd5gnYzB30WDIkW7pcULPUd2yN
wKzRCaQBJwLi+irRq8mDnGJtutkltjpoGo8JcDbulu27aeh7qvsxx8IClTdTYlma
htPoV25EMnvWNCRDpNPDEe34KisE8DGPGEynqlZeffsy89YkrrwcL1c6+jKDmb1i
yH4DpHFRwjgiz8UZNkMm51yDFDgQE3dsPQElUOcPS3Kln0bX8y47cwXPSn0tynhO
RhfYhrgnSFFzLVBwd2MHLRbpPgA4EQP+jmiNkI41dhktCEq1z8tBYe1fRKW3EkuR
QngDdYr+xzkrMp1nmeyL8xnmRY5CpEdvZdWpyKsbL6x7zt3OR5tEHBX6PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJu0ruFQhizHom9wjTcWKxTPh/gHMB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvbTdTdTRWQ0dMTWVpYjNDTk54WXJGTS1ILUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYkYAwQC
ub9MMA0GCSqGSIb3DQEBCwUAA4IBAQBmyBWFmBhzqIdzRXEP4vW8wHjyxYTMUPlU
srnLmUqH4y7rfyuWOLxGXD9U4Laeoa9xtv8DzgCyMMCbSikzOuKXjQKTvcb/Xg0v
Svb+1z+CecTbGVgvpGNQUdmm/yVVsFDHF8V6PtqxN7u8MyJcodmzfxVhjvJX4o9O
mQlHSOgU8rBXO3+SCt5tQHbFOzTIgRjosRRhRQjXq1DJriahaHUc6ADT0dWwLpBU
iXmG5KRvXODCpD22pp6zkLGxWXnkTw/PErPgZSZlLh8M28nOIHNrfdCAPMIbxcYW
yvotYWlJfIXFiVCk8kXqYW6DDS81LkkAOTngwUAMz3FNxU10wmbY
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:25 2024 by rpki-client on console-ams.rpki-client.org