Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/0TM9mD4d3i9_usfL7sG8oFLV6kM.roa
File: 0TM9mD4d3i9_usfL7sG8oFLV6kM.roa (raw, json)
Hash identifier: NYvegVlAG20IySzGYVZ8xAZ8PtimNfyCKX4/4NtSECo=
Subject key identifier: D1:33:3D:98:3E:1D:DE:2F:7F:BA:C7:CB:EE:C1:BC:A0:52:D5:EA:43
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 01906E2F0C2220382264CF0447A26202EAAA
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/0TM9mD4d3i9_usfL7sG8oFLV6kM.roa
Signing time: Mon 01 Jul 2024 12:04:55 +0000
ROA not before: Mon 01 Jul 2024 12:04:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
194.104.149.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:2f:0c:22:20:38:22:64:cf:04:47:a2:62:02:ea:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jul 1 12:04:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1333d983e1dde2f7fbac7cbeec1bca052d5ea43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:a4:d4:29:0e:3d:ae:fc:96:c8:81:0c:70:
3b:59:64:16:c1:18:d7:5b:9e:44:87:f9:42:98:d6:
a0:d9:79:e5:57:ef:43:c5:19:77:93:50:52:2a:45:
eb:f8:2e:5b:58:fd:2c:51:39:9d:93:36:12:ca:07:
15:b4:02:e8:81:ac:1e:4e:3a:4e:bf:2a:4c:c3:ec:
8b:fd:5c:34:c6:41:64:36:e4:03:2f:00:ad:b7:1e:
c6:2e:5b:59:08:4c:ce:65:f5:27:2f:3a:be:9e:97:
0b:c4:c3:89:45:a1:f9:46:52:ed:20:f7:a9:c2:83:
73:f1:75:b4:12:93:da:45:de:50:47:f6:af:12:07:
a3:19:78:d2:ad:6e:af:b2:a4:02:e7:03:19:aa:65:
5f:bc:15:79:fe:e5:7e:08:af:62:d8:e3:33:9c:9d:
c2:e2:02:bd:c0:bd:ab:59:eb:0e:d2:6e:3f:4e:5a:
76:3d:97:1f:05:43:2b:40:9f:d5:a4:12:cc:62:31:
f6:15:99:a8:1d:7e:60:4a:cb:cb:d8:13:46:1c:53:
97:f2:4c:fe:ba:eb:e0:aa:60:7c:12:64:4b:c5:6b:
a3:11:56:fb:4d:20:90:ef:2d:74:d9:54:d4:7f:fe:
70:1f:f3:6d:e6:a4:d4:02:94:b0:9f:f9:9d:ef:3b:
9f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:33:3D:98:3E:1D:DE:2F:7F:BA:C7:CB:EE:C1:BC:A0:52:D5:EA:43
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/0TM9mD4d3i9_usfL7sG8oFLV6kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
4f:4f:11:49:db:7c:61:0a:51:dd:84:e8:d7:0b:c7:75:46:ba:
5e:e6:f8:c5:6b:9a:c7:05:a4:88:2c:c6:71:0c:04:e7:79:ab:
79:3d:26:87:3a:39:8a:24:4d:a4:40:f9:41:8f:61:79:c8:56:
dc:06:02:87:b0:1d:d1:fc:1d:00:0e:75:78:d1:24:76:ad:ca:
ab:1d:e5:3d:29:00:1f:df:af:d1:37:6c:6a:b5:28:69:df:6f:
9d:ec:2b:00:91:98:55:22:4e:7f:0e:f7:b9:3d:14:00:a3:39:
1a:69:13:fd:43:12:e4:e8:a2:64:73:85:6f:57:46:0c:60:08:
44:55:ba:80:79:b6:4f:c5:a9:7d:e2:d0:6d:a7:cf:10:79:ed:
49:07:e3:22:02:05:0e:5e:cf:5c:d0:7a:85:ae:e2:17:7b:86:
91:18:a8:4f:5b:7e:2d:31:46:10:55:1e:4b:a4:64:02:eb:ec:
56:ac:ef:78:2a:bd:c6:32:5d:6d:b8:5e:ca:1b:b2:08:9c:26:
44:eb:80:bb:02:b2:07:63:90:26:dc:0b:78:b9:ba:a4:35:65:
40:dc:a0:5c:23:0a:ae:33:97:9d:02:35:5d:9e:5d:ba:72:ef:
48:84:4b:9f:fc:9a:6b:73:b5:ac:7f:2e:54:33:bf:c6:b4:f6:
0a:c1:60:5e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZBuLwwiIDgiZM8ER6JiAuqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjQwNzAxMTIwNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMzM2Q5ODNlMWRkZTJmN2ZiYWM3Y2JlZWMxYmNhMDUyZDVlYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIKk1CkOPa78lsiBDHA7WWQWwRjX
W55Eh/lCmNag2XnlV+9DxRl3k1BSKkXr+C5bWP0sUTmdkzYSygcVtALogaweTjpO
vypMw+yL/Vw0xkFkNuQDLwCttx7GLltZCEzOZfUnLzq+npcLxMOJRaH5RlLtIPep
woNz8XW0EpPaRd5QR/avEgejGXjSrW6vsqQC5wMZqmVfvBV5/uV+CK9i2OMznJ3C
4gK9wL2rWesO0m4/Tlp2PZcfBUMrQJ/VpBLMYjH2FZmoHX5gSsvL2BNGHFOX8kz+
uuvgqmB8EmRLxWujEVb7TSCQ7y102VTUf/5wH/Nt5qTUApSwn/md7zufywIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNEzPZg+Hd4vf7rHy+7BvKBS1epDMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvMFRNOW1ENGQzaTlfdXNmTDdzRzhvRkxWNmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEB
CwUAA4IBAQBPTxFJ23xhClHdhOjXC8d1Rrpe5vjFa5rHBaSILMZxDATneat5PSaH
OjmKJE2kQPlBj2F5yFbcBgKHsB3R/B0ADnV40SR2rcqrHeU9KQAf36/RN2xqtShp
32+d7CsAkZhVIk5/Dve5PRQAozkaaRP9QxLk6KJkc4VvV0YMYAhEVbqAebZPxal9
4tBtp88Qee1JB+MiAgUOXs9c0HqFruIXe4aRGKhPW34tMUYQVR5LpGQC6+xWrO94
Kr3GMl1tuF7KG7IInCZE64C7ArIHY5Am3At4ubqkNWVA3KBcIwquM5edAjVdnl26
cu9IhEuf/Jprc7Wsfy5UM7/GtPYKwWBe
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:02 2024 by rpki-client on console-fra.rpki-client.org