Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/rXg68WxvBy1spNsKgcnSLnZS3vY.roa
File: rXg68WxvBy1spNsKgcnSLnZS3vY.roa (raw, json)
Hash identifier: Lhu4SxnpKdL4EoYxujZ/7DAC09daGR/flpY50oTSXrw=
Subject key identifier: AD:78:3A:F1:6C:6F:07:2D:6C:A4:DB:0A:81:C9:D2:2E:76:52:DE:F6
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 018CC801D9E1258C4D9B538E9009195F8C8A
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/rXg68WxvBy1spNsKgcnSLnZS3vY.roa
Signing time: Tue 02 Jan 2024 02:30:13 +0000
ROA not before: Tue 02 Jan 2024 02:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50796
IP address blocks: 37.32.56.0/21 maxlen: 24
194.180.116.0/22 maxlen: 24
185.3.196.0/22 maxlen: 24
192.166.204.0/22 maxlen: 24
178.22.0.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d9:e1:25:8c:4d:9b:53:8e:90:09:19:5f:8c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 2 02:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad783af16c6f072d6ca4db0a81c9d22e7652def6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:be:66:58:56:ab:f9:bc:01:3d:1d:9a:83:
12:0c:3e:75:5f:ce:83:62:48:5a:83:09:a1:7a:c0:
76:ce:22:9e:45:06:12:9c:f6:9f:45:03:84:ce:b9:
e9:eb:2f:a2:46:2a:92:a5:c0:72:ae:1c:eb:79:f8:
46:f6:e4:c8:f0:e6:46:9a:34:bd:4b:69:7e:5e:30:
f2:76:42:93:d4:71:8a:74:92:a1:b8:88:89:e5:00:
16:72:ef:4a:ff:2b:ba:f2:96:63:6c:13:ea:6a:7f:
a7:6f:88:3c:bd:18:5b:9d:f2:c2:c0:c4:26:7c:52:
9d:c1:f3:96:8d:c6:74:4e:18:08:cb:a0:56:3f:b8:
fa:bc:60:af:f4:d6:0e:cf:b8:17:6f:7a:5a:fb:fb:
fa:e4:6f:ce:4d:02:10:5b:b4:6e:e8:86:e4:2b:cd:
a7:43:96:0d:8d:96:67:9e:e5:83:c2:9d:95:69:42:
e4:f7:0f:2e:c5:ab:be:22:bf:1d:10:e0:c1:5e:c8:
18:f0:6d:75:fa:fc:d1:83:5f:7c:c8:22:95:8b:ef:
3a:68:6e:dc:85:2c:cb:58:83:c6:d2:b3:e1:cd:80:
a5:d0:ac:97:52:aa:32:35:51:31:e6:c3:78:14:cd:
e3:97:48:d3:67:8a:a2:b2:a6:15:48:93:21:76:15:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:78:3A:F1:6C:6F:07:2D:6C:A4:DB:0A:81:C9:D2:2E:76:52:DE:F6
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/rXg68WxvBy1spNsKgcnSLnZS3vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.56.0/21
178.22.0.0/21
185.3.196.0/22
192.166.204.0/22
194.180.116.0/22
Signature Algorithm: sha256WithRSAEncryption
16:ac:e0:55:f0:d8:a7:07:cf:3c:19:c5:8c:da:6f:5f:d5:1b:
74:68:92:b8:dc:b2:4f:60:a9:34:90:d2:7a:74:3c:68:0c:77:
8b:7f:82:81:b2:d9:24:92:9e:2b:4b:8f:ec:95:64:8f:7b:07:
aa:05:34:04:dd:a7:cd:1e:88:c4:0e:0b:a7:1c:8f:ca:e4:0d:
e0:f1:79:6b:fd:ab:5f:63:45:dd:bd:b1:56:c6:b7:b9:4a:90:
d5:46:40:78:38:dd:f9:9f:ce:87:ed:61:99:ee:fe:cd:54:f1:
44:2e:84:c5:6e:93:2c:f7:35:13:75:78:85:45:3d:b6:bf:81:
86:43:53:c9:fa:f4:63:f9:e2:98:f7:e3:2c:9e:18:4c:ab:1c:
7c:37:b6:2c:cc:f9:a4:ef:55:9d:7e:c5:49:f0:5c:29:b2:f1:
25:4d:94:79:20:17:66:60:e8:de:7b:5a:f1:13:e0:59:a3:6b:
3c:73:72:3b:3b:33:3d:5e:91:00:4c:6f:e6:27:39:e6:d2:8d:
b8:64:6a:e5:c6:38:d5:42:00:11:f5:b9:7a:41:38:73:0d:3c:
27:ca:cd:89:86:51:60:c6:78:a0:93:3c:b7:ad:77:5d:66:f1:
42:ab:51:53:89:84:39:ae:00:5a:bf:52:36:b9:cc:73:35:fa:
28:b1:1e:f2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAdnhJYxNm1OOkAkZX4yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc4M2FmMTZjNmYwNzJkNmNhNGRiMGE4MWM5ZDIyZTc2NTJkZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx2+ZlhWq/m8AT0dmoMSDD51X86D
YkhagwmhesB2ziKeRQYSnPafRQOEzrnp6y+iRiqSpcByrhzrefhG9uTI8OZGmjS9
S2l+XjDydkKT1HGKdJKhuIiJ5QAWcu9K/yu68pZjbBPqan+nb4g8vRhbnfLCwMQm
fFKdwfOWjcZ0ThgIy6BWP7j6vGCv9NYOz7gXb3pa+/v65G/OTQIQW7Ru6IbkK82n
Q5YNjZZnnuWDwp2VaULk9w8uxau+Ir8dEODBXsgY8G11+vzRg198yCKVi+86aG7c
hSzLWIPG0rPhzYCl0KyXUqoyNVEx5sN4FM3jl0jTZ4qisqYVSJMhdhXYCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK14OvFsbwctbKTbCoHJ0i52Ut72MB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvclhnNjhXeHZCeTFzcE5zS2djblNMblpTM3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJSA4AwQD
shYAAwQCuQPEAwQCwKbMAwQCwrR0MA0GCSqGSIb3DQEBCwUAA4IBAQAWrOBV8Nin
B888GcWM2m9f1Rt0aJK43LJPYKk0kNJ6dDxoDHeLf4KBstkkkp4rS4/slWSPeweq
BTQE3afNHojEDgunHI/K5A3g8Xlr/atfY0XdvbFWxre5SpDVRkB4ON35n86H7WGZ
7v7NVPFELoTFbpMs9zUTdXiFRT22v4GGQ1PJ+vRj+eKY9+MsnhhMqxx8N7YszPmk
71WdfsVJ8FwpsvElTZR5IBdmYOjee1rxE+BZo2s8c3I7OzM9XpEATG/mJznm0o24
ZGrlxjjVQgAR9bl6QThzDTwnys2JhlFgxnigkzy3rXddZvFCq1FTiYQ5rgBav1I2
ucxzNfoosR7y
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:41:11 2024 by rpki-client on console-fra.rpki-client.org