Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9w9Dwqm4Zpd-vyRF71adnWWdKVs.roa
File: 9w9Dwqm4Zpd-vyRF71adnWWdKVs.roa (raw, json)
Hash identifier: biIu/mym2V8MIy23AsHwbJ4dJNIFK/oXOMxxqhDLWpM=
Subject key identifier: F7:0F:43:C2:A9:B8:66:97:7E:BF:24:45:EF:56:9D:9D:65:9D:29:5B
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 01928F213825FDD6B5A29C59AE70A9863DB7
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9w9Dwqm4Zpd-vyRF71adnWWdKVs.roa
Signing time: Tue 15 Oct 2024 07:42:51 +0000
ROA not before: Tue 15 Oct 2024 07:42:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:21:38:25:fd:d6:b5:a2:9c:59:ae:70:a9:86:3d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 15 07:42:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70f43c2a9b866977ebf2445ef569d9d659d295b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:f0:87:71:d9:f8:f9:8f:79:78:5a:63:7a:
03:23:05:65:46:45:82:23:07:00:d3:21:34:28:65:
cc:d6:c1:46:03:16:58:7e:e1:b6:20:ed:70:7e:76:
fb:c1:e2:8d:3b:84:df:43:74:0e:aa:66:38:b1:1a:
4c:1b:db:b1:ab:e6:3e:a1:36:c6:a3:c6:73:1c:3b:
5c:3a:3e:71:42:0f:35:d6:76:1b:09:07:b7:0c:cb:
f8:42:64:80:f4:9a:27:06:84:85:81:76:b1:3e:73:
ad:d3:11:ad:58:78:2e:d4:94:fc:f3:d5:11:c6:ac:
07:59:8f:e3:34:f1:03:8c:ad:08:ee:1d:ca:29:55:
48:44:17:ce:37:bf:79:3d:fb:e1:36:59:66:7e:96:
38:26:41:25:a0:88:5d:28:da:11:9b:ab:96:86:ac:
3f:5f:c1:29:6f:fd:c1:2c:78:e5:66:87:02:1f:2c:
22:a7:b7:04:31:f0:71:3a:cf:37:56:a9:88:90:2f:
4d:b3:5c:0e:7e:81:69:69:86:c3:86:f1:be:e8:61:
dc:8d:ff:1c:d5:b7:83:d8:ae:e1:d1:01:77:18:c1:
94:45:53:12:31:14:d2:6e:a6:61:2c:98:0c:0f:b7:
ba:a5:22:36:44:39:46:f3:9f:15:76:61:98:a9:a1:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0F:43:C2:A9:B8:66:97:7E:BF:24:45:EF:56:9D:9D:65:9D:29:5B
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9w9Dwqm4Zpd-vyRF71adnWWdKVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a5:e3:d1:ba:d7:8b:77:41:09:47:cb:7a:da:93:27:3e:aa:
d5:fd:47:c8:e6:7b:b0:44:f0:73:ab:53:8b:82:45:0e:fe:d7:
0e:6a:08:b2:cd:3f:d6:ba:a6:53:b9:0a:6c:99:b6:9e:ca:35:
1b:e4:f2:f7:56:c3:71:1e:67:43:ba:ea:eb:e1:72:b0:15:3b:
65:fa:b6:89:fc:75:ef:ac:a6:89:2e:46:c7:8d:0f:b9:2f:b1:
75:e6:24:f9:32:27:10:b1:40:6e:0e:2e:cb:71:63:8e:a5:4e:
88:63:cf:58:37:db:3f:ea:8f:93:24:09:67:d2:9d:b0:88:2b:
6d:5c:cd:5c:c3:10:1f:4a:d0:5f:62:2a:cb:34:84:52:35:1d:
71:46:37:bd:51:78:7b:38:09:8e:47:a4:47:47:eb:bb:0c:64:
a5:e4:dc:11:a5:eb:c3:fd:c5:79:ed:04:75:ea:fe:a3:75:f5:
08:51:54:f1:0f:9a:05:f3:30:1b:15:06:70:1c:de:bf:99:2c:
ca:b7:6f:fe:55:c4:dc:83:cd:3a:1d:dc:d5:ad:c6:ce:c1:00:
02:26:49:ac:2c:18:21:14:4f:6e:b3:60:dd:77:30:f8:90:e0:
2a:ae:d1:bd:82:de:1c:68:ad:0b:e9:71:b9:53:52:56:a3:ab:
ca:c5:d9:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKPITgl/da1opxZrnCphj23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQxMDE1MDc0MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBmNDNjMmE5Yjg2Njk3N2ViZjI0NDVlZjU2OWQ5ZDY1OWQyOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk3wh3HZ+PmPeXhaY3oDIwVlRkWC
IwcA0yE0KGXM1sFGAxZYfuG2IO1wfnb7weKNO4TfQ3QOqmY4sRpMG9uxq+Y+oTbG
o8ZzHDtcOj5xQg811nYbCQe3DMv4QmSA9JonBoSFgXaxPnOt0xGtWHgu1JT889UR
xqwHWY/jNPEDjK0I7h3KKVVIRBfON795PfvhNllmfpY4JkEloIhdKNoRm6uWhqw/
X8Epb/3BLHjlZocCHywip7cEMfBxOs83VqmIkC9Ns1wOfoFpaYbDhvG+6GHcjf8c
1beD2K7h0QF3GMGURVMSMRTSbqZhLJgMD7e6pSI2RDlG858VdmGYqaGqiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPcPQ8KpuGaXfr8kRe9WnZ1lnSlbMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvOXc5RHdxbTRacGQtdnlSRjcxYWRuV1dkS1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQC
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQBdpePRuteLd0EJR8t6
2pMnPqrV/UfI5nuwRPBzq1OLgkUO/tcOagiyzT/WuqZTuQpsmbaeyjUb5PL3VsNx
HmdDuurr4XKwFTtl+raJ/HXvrKaJLkbHjQ+5L7F15iT5MicQsUBuDi7LcWOOpU6I
Y89YN9s/6o+TJAln0p2wiCttXM1cwxAfStBfYirLNIRSNR1xRje9UXh7OAmOR6RH
R+u7DGSl5NwRpevD/cV57QR16v6jdfUIUVTxD5oF8zAbFQZwHN6/mSzKt2/+VcTc
g806HdzVrcbOwQACJkmsLBghFE9us2DddzD4kOAqrtG9gt4caK0L6XG5U1JWo6vK
xdn0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:33 2024 by rpki-client on console-fra.rpki-client.org