Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/B_i3KyTIbQJzQB2bw8vw1GRDXLA.roa
File: B_i3KyTIbQJzQB2bw8vw1GRDXLA.roa (raw, json)
Hash identifier: 1RTITM13iOT/YFDBRHU9+aCwpCdKIaaDOo3GimHOyZ8=
Subject key identifier: 07:F8:B7:2B:24:C8:6D:02:73:40:1D:9B:C3:CB:F0:D4:64:43:5C:B0
Certificate issuer: /CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Certificate serial: 018CC64B4CBEC6B0C33D80B5491EBECB6CB8
Authority key identifier: D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/B_i3KyTIbQJzQB2bw8vw1GRDXLA.roa
Signing time: Mon 01 Jan 2024 18:31:12 +0000
ROA not before: Mon 01 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25151
IP address blocks: 37.46.136.0/21 maxlen: 24
109.235.72.0/21 maxlen: 24
85.158.200.0/21 maxlen: 24
185.54.112.0/22 maxlen: 24
93.94.224.0/21 maxlen: 24
2a01:518::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/1iMp2NflQZU-Eg_QX2bMbrqwaE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/1iMp2NflQZU-Eg_QX2bMbrqwaE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4c:be:c6:b0:c3:3d:80:b5:49:1e:be:cb:6c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Validity
Not Before: Jan 1 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07f8b72b24c86d0273401d9bc3cbf0d464435cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:cd:6b:d2:d5:0e:a6:97:16:f2:8a:27:53:
9a:c7:e5:29:42:69:64:e8:db:ca:42:cd:ee:33:43:
e9:19:3a:6f:62:a5:4b:bc:3e:13:7d:d7:7f:a2:bb:
cd:67:90:bd:af:af:c0:21:b4:d1:77:c7:4d:da:0c:
07:ff:6d:aa:a2:50:11:11:53:61:0d:cc:08:e1:39:
c1:b1:7a:bc:07:0f:0a:98:9d:78:48:e8:13:ac:1c:
ea:86:dd:63:7f:b3:a0:18:92:06:6b:79:45:b3:93:
c8:bd:a2:e0:a4:bd:9f:1c:db:19:4d:ad:b4:12:9c:
6c:66:f7:64:b1:20:fb:2b:42:8d:91:5b:37:a5:56:
16:32:7f:9f:cc:7a:b0:b9:fb:89:09:79:91:60:41:
0d:6d:d6:b4:0e:0f:14:6d:49:24:d5:22:99:15:85:
a6:f7:94:1c:6a:28:2f:fa:c1:21:be:39:2f:85:b0:
e1:56:d6:60:66:d6:53:9a:76:59:5e:fa:3c:45:46:
88:98:0b:c1:71:7e:1d:a7:53:df:d4:3f:b3:37:34:
75:d7:eb:af:c4:3f:69:36:bd:ec:6f:95:0b:84:46:
16:c4:75:8b:b8:e0:e7:ba:ef:9b:14:65:0f:1c:b1:
76:ed:7f:e2:03:5c:4b:5d:68:4b:4b:8c:fc:f6:23:
24:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F8:B7:2B:24:C8:6D:02:73:40:1D:9B:C3:CB:F0:D4:64:43:5C:B0
X509v3 Authority Key Identifier:
keyid:D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/B_i3KyTIbQJzQB2bw8vw1GRDXLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/1iMp2NflQZU-Eg_QX2bMbrqwaE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.136.0/21
85.158.200.0/21
93.94.224.0/21
109.235.72.0/21
185.54.112.0/22
IPv6:
2a01:518::/32
Signature Algorithm: sha256WithRSAEncryption
4a:6d:f6:a9:13:98:26:49:65:f9:28:33:b1:73:f9:88:56:c4:
80:5b:e6:1a:12:19:04:25:a2:9c:fe:c7:e0:79:30:5e:e3:d7:
7a:59:2d:ed:18:42:b8:fa:e0:bf:44:60:0c:66:68:5f:bf:08:
60:70:03:d5:52:5f:93:1a:ce:32:3e:df:c4:4c:ce:bc:d7:d6:
08:21:4d:05:78:14:4c:e7:1b:c4:92:ec:80:09:01:23:80:3b:
72:cf:a1:14:df:d9:f2:55:6f:eb:aa:83:17:7e:50:b2:05:be:
b1:93:e9:2a:29:4d:88:b1:fa:b0:0a:2d:14:66:9c:ee:5b:ba:
66:70:4d:11:3e:96:8f:69:df:57:03:cf:5b:ee:48:95:d0:dc:
0a:d6:17:ad:68:e2:1e:bf:5e:a6:99:d2:83:5c:e2:f1:4a:aa:
99:88:8f:99:dc:45:ca:5a:66:b0:11:de:54:33:a1:b6:cf:a2:
34:ff:74:07:6e:21:ee:d0:71:cb:e0:73:84:24:ca:0b:79:bc:
a3:ac:e3:91:3f:56:08:fe:ee:07:4c:e1:16:32:84:7a:46:b3:
4b:62:6b:ad:bd:8d:6a:e8:a0:50:59:28:94:da:55:4f:36:d0:
ec:cc:cd:5c:5a:00:71:08:d8:b5:45:09:de:2b:7e:c5:6a:26:
86:6b:36:91
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGS0y+xrDDPYC1SR6+y2y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MjMyOWQ4ZDdlNTQxOTUzZTEyMGZkMDVmNjZjYzZlYmFi
MDY4NGQwHhcNMjQwMTAxMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y4YjcyYjI0Yzg2ZDAyNzM0MDFkOWJjM2NiZjBkNDY0NDM1Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4zNa9LVDqaXFvKKJ1Oax+UpQmlk
6NvKQs3uM0PpGTpvYqVLvD4Tfdd/orvNZ5C9r6/AIbTRd8dN2gwH/22qolAREVNh
DcwI4TnBsXq8Bw8KmJ14SOgTrBzqht1jf7OgGJIGa3lFs5PIvaLgpL2fHNsZTa20
EpxsZvdksSD7K0KNkVs3pVYWMn+fzHqwufuJCXmRYEENbda0Dg8UbUkk1SKZFYWm
95Qcaigv+sEhvjkvhbDhVtZgZtZTmnZZXvo8RUaImAvBcX4dp1Pf1D+zNzR11+uv
xD9pNr3sb5ULhEYWxHWLuODnuu+bFGUPHLF27X/iA1xLXWhLS4z89iMkuQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAf4tyskyG0Cc0Adm8PL8NRkQ1ywMB8GA1UdIwQY
MBaAFNYjKdjX5UGVPhIP0F9mzG66sGhNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWlNcDJOZmxRWlUtRWdfUVgyYk1icnF3YUUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lODUxODAtMTkxMC00YzQyLWExZjUt
NzMyMDJmMGUxZDAzLzEvQl9pM0t5VEliUUp6UUIyYnc4dncxR1JEWExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lODUxODAtMTkxMC00YzQyLWExZjUtNzMyMDJmMGUxZDAz
LzEvMWlNcDJOZmxRWlUtRWdfUVgyYk1icnF3YUUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJS6IAwQD
VZ7IAwQDXV7gAwQDbetIAwQCuTZwMA0EAgACMAcDBQAqAQUYMA0GCSqGSIb3DQEB
CwUAA4IBAQBKbfapE5gmSWX5KDOxc/mIVsSAW+YaEhkEJaKc/sfgeTBe49d6WS3t
GEK4+uC/RGAMZmhfvwhgcAPVUl+TGs4yPt/ETM6819YIIU0FeBRM5xvEkuyACQEj
gDtyz6EU39nyVW/rqoMXflCyBb6xk+kqKU2IsfqwCi0UZpzuW7pmcE0RPpaPad9X
A89b7kiV0NwK1hetaOIev16mmdKDXOLxSqqZiI+Z3EXKWmawEd5UM6G2z6I0/3QH
biHu0HHL4HOEJMoLebyjrOORP1YI/u4HTOEWMoR6RrNLYmutvY1q6KBQWSiU2lVP
NtDszM1cWgBxCNi1RQneK37FaiaGazaR
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:15 2024 by rpki-client on console-ams.rpki-client.org