Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/l_7bems0RuE2e8mhxtmyOZwHEoc.roa
File: l_7bems0RuE2e8mhxtmyOZwHEoc.roa (raw, json)
Hash identifier: pizoxsP6RyYy2W/tMuupGLTJWz5K9sjozt+TwXKZ4pY=
Subject key identifier: 97:FE:DB:7A:6B:34:46:E1:36:7B:C9:A1:C6:D9:B2:39:9C:07:12:87
Certificate issuer: /CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Certificate serial: 018CC348ED8F6CF6AF037457F527E7F4C440
Authority key identifier: 9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/l_7bems0RuE2e8mhxtmyOZwHEoc.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48926
IP address blocks: 37.143.112.0/21 maxlen: 21
185.75.116.0/22 maxlen: 22
178.248.248.0/21 maxlen: 21
94.142.232.0/21 maxlen: 21
2a03:a900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ed:8f:6c:f6:af:03:74:57:f5:27:e7:f4:c4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b8151ae164a5b782b103de7f7c8a8948932aebf
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97fedb7a6b3446e1367bc9a1c6d9b2399c071287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:12:f9:78:72:52:16:15:7f:94:13:db:8c:c9:
8a:c4:6e:c8:cf:72:87:70:58:ec:88:6c:64:84:c8:
b1:8b:c9:c3:2a:4c:ee:e7:08:c1:bd:1f:04:b9:d1:
38:37:d2:5e:2a:2e:05:54:94:30:00:fc:1a:82:96:
98:e6:59:27:32:60:96:df:eb:17:0d:8c:98:73:61:
2d:7d:21:1f:1d:55:ed:47:f7:65:cf:f7:99:37:51:
8c:6c:c9:96:f3:a6:a9:d9:36:3d:3b:e5:c9:e1:66:
cc:00:20:b5:ca:8a:af:d5:fa:aa:d5:0d:1f:0b:8c:
4a:0b:7e:e8:36:ae:6a:fa:8e:51:5d:f7:9a:8b:15:
70:a1:13:1b:63:19:99:80:c6:a1:cd:d2:27:83:e4:
b2:cd:62:58:bc:0d:4c:52:0e:f7:45:cd:de:ea:e4:
95:98:c0:8a:f6:c4:e0:d8:1e:b7:d1:45:04:e3:24:
b4:62:2c:4b:9a:53:50:a2:f8:2b:f7:99:5b:f4:a0:
8f:b0:25:0e:eb:32:ee:c8:e4:2a:8d:15:d9:62:82:
43:26:60:01:73:88:53:c0:a1:0b:a6:d6:fc:97:85:
0b:0f:c0:4d:e2:2c:9c:99:2c:26:29:23:ab:9e:26:
ee:a8:37:3f:51:f2:74:d0:01:d2:1a:30:a6:d7:fb:
4a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FE:DB:7A:6B:34:46:E1:36:7B:C9:A1:C6:D9:B2:39:9C:07:12:87
X509v3 Authority Key Identifier:
keyid:9B:81:51:AE:16:4A:5B:78:2B:10:3D:E7:F7:C8:A8:94:89:32:AE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4FRrhZKW3grED3n98iolIkyrr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/l_7bems0RuE2e8mhxtmyOZwHEoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6b6d1f-5421-48b9-b7eb-da1fe9ebee8e/1/m4FRrhZKW3grED3n98iolIkyrr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.112.0/21
94.142.232.0/21
178.248.248.0/21
185.75.116.0/22
IPv6:
2a03:a900::/32
Signature Algorithm: sha256WithRSAEncryption
5c:1d:15:69:98:8a:8f:fa:27:9a:dd:21:1f:2c:99:29:7b:03:
1c:2f:eb:54:c7:02:c9:c0:18:60:cf:fc:49:4b:eb:57:ee:9f:
6c:50:21:7e:fe:cf:8e:2b:da:5f:f9:72:69:32:14:55:38:2f:
19:d9:a5:e3:96:61:28:39:bf:0f:ec:87:02:99:44:aa:aa:8d:
92:19:8f:17:61:c6:7c:32:00:d8:1d:65:dd:0c:c8:53:67:d0:
48:35:68:c7:56:3d:35:f6:1a:f4:21:34:ca:2c:98:0f:50:df:
d2:a0:3f:e1:cb:0e:7e:2e:56:7c:14:e5:0d:65:32:a7:dd:ec:
ab:d6:f6:68:37:8e:84:c4:4e:b4:bf:71:8e:09:ee:45:33:f0:
15:c7:6b:95:80:16:f5:5f:c9:4a:ed:d5:56:b2:28:d5:59:68:
7c:8f:3a:fe:fb:cb:34:71:13:38:19:54:35:a2:7e:58:5c:12:
0f:c6:1d:f3:3b:e0:70:50:e2:95:50:7c:22:2a:78:b1:17:40:
5b:f7:51:1b:3c:eb:82:56:ff:65:60:b1:d7:44:ea:7f:e5:fb:
b7:11:f9:19:6c:b2:4d:31:6e:7f:82:4b:4d:f6:96:12:71:7e:
6e:0f:3b:e7:f1:0f:93:4c:b8:91:ee:40:4f:35:fe:d3:99:0a:
ab:c0:c5:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSO2PbPavA3RX9Sfn9MRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODE1MWFlMTY0YTViNzgyYjEwM2RlN2Y3YzhhODk0ODkz
MmFlYmYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ZlZGI3YTZiMzQ0NmUxMzY3YmM5YTFjNmQ5YjIzOTljMDcxMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBL5eHJSFhV/lBPbjMmKxG7Iz3KH
cFjsiGxkhMixi8nDKkzu5wjBvR8EudE4N9JeKi4FVJQwAPwagpaY5lknMmCW3+sX
DYyYc2EtfSEfHVXtR/dlz/eZN1GMbMmW86ap2TY9O+XJ4WbMACC1yoqv1fqq1Q0f
C4xKC37oNq5q+o5RXfeaixVwoRMbYxmZgMahzdIng+SyzWJYvA1MUg73Rc3e6uSV
mMCK9sTg2B630UUE4yS0YixLmlNQovgr95lb9KCPsCUO6zLuyOQqjRXZYoJDJmAB
c4hTwKELptb8l4ULD8BN4iycmSwmKSOrnibuqDc/UfJ00AHSGjCm1/tK4QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJf+23prNEbhNnvJocbZsjmcBxKHMB8GA1UdIwQY
MBaAFJuBUa4WSlt4KxA95/fIqJSJMq6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWIt
ZGExZmU5ZWJlZThlLzEvbF83YmVtczBSdUUyZThtaHh0bXlPWndIRW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82YjZkMWYtNTQyMS00OGI5LWI3ZWItZGExZmU5ZWJlZThl
LzEvbTRGUnJoWktXM2dyRUQzbjk4aW9sSWt5cnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJY9wAwQD
Xo7oAwQDsvj4AwQCuUt0MA0EAgACMAcDBQAqA6kAMA0GCSqGSIb3DQEBCwUAA4IB
AQBcHRVpmIqP+iea3SEfLJkpewMcL+tUxwLJwBhgz/xJS+tX7p9sUCF+/s+OK9pf
+XJpMhRVOC8Z2aXjlmEoOb8P7IcCmUSqqo2SGY8XYcZ8MgDYHWXdDMhTZ9BINWjH
Vj019hr0ITTKLJgPUN/SoD/hyw5+LlZ8FOUNZTKn3eyr1vZoN46ExE60v3GOCe5F
M/AVx2uVgBb1X8lK7dVWsijVWWh8jzr++8s0cRM4GVQ1on5YXBIPxh3zO+BwUOKV
UHwiKnixF0Bb91EbPOuCVv9lYLHXROp/5fu3EfkZbLJNMW5/gktN9pYScX5uDzvn
8Q+TTLiR7kBPNf7TmQqrwMXV
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:00 2024 by rpki-client on console-ams.rpki-client.org