Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/R_W93tbqvf0KFA7JwqifdVTDZp8.roa
File: R_W93tbqvf0KFA7JwqifdVTDZp8.roa (raw, json)
Hash identifier: LpjNyNmfS0pbUz63KYoqPoL+uBsO1mtyIbpp9xR2WIE=
Subject key identifier: 47:F5:BD:DE:D6:EA:BD:FD:0A:14:0E:C9:C2:A8:9F:75:54:C3:66:9F
Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial: 018E5ABE9C3312DF099D6D608587EF201170
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/R_W93tbqvf0KFA7JwqifdVTDZp8.roa
Signing time: Wed 20 Mar 2024 07:23:44 +0000
ROA not before: Wed 20 Mar 2024 07:23:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35378
IP address blocks: 37.123.200.0/21 maxlen: 21
77.91.0.0/18 maxlen: 18
89.150.50.0/24 maxlen: 24
95.171.96.0/19 maxlen: 19
176.241.72.0/21 maxlen: 21
185.14.112.0/22 maxlen: 22
194.164.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:be:9c:33:12:df:09:9d:6d:60:85:87:ef:20:11:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Validity
Not Before: Mar 20 07:23:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47f5bdded6eabdfd0a140ec9c2a89f7554c3669f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:91:6e:0e:36:6a:d1:66:9d:a3:8b:1b:4f:3a:
64:6f:e7:7f:40:d0:51:fc:ed:5e:64:32:3b:3c:38:
68:35:41:2e:48:2a:2f:97:4c:ca:11:43:55:70:3f:
37:fe:67:5e:7f:79:be:13:f8:0b:b3:0d:b9:7f:04:
1f:30:b1:e3:46:25:40:9e:34:74:3f:02:f4:f0:73:
99:c9:77:96:7e:c9:83:d1:3b:16:67:1f:b3:b2:6e:
ee:85:80:20:d9:bf:11:fd:5e:cc:aa:15:ac:b8:61:
4d:4f:cb:1e:a0:d8:d0:0c:08:d8:fd:71:22:3a:b6:
95:6a:28:46:59:a8:46:18:1b:3f:44:49:cf:4a:fe:
ed:15:74:17:dd:9d:a8:7a:b5:ee:e6:85:2c:08:25:
46:97:9b:54:52:55:8d:09:c5:f7:88:8e:a4:8c:01:
a0:bd:c6:d1:cb:3d:17:6d:48:66:fb:00:25:f6:70:
bf:33:40:b1:40:8d:62:77:d7:d0:32:2d:e8:36:7b:
fe:61:f8:5a:fd:4f:17:91:3c:23:c6:51:3c:88:ec:
52:c1:e1:4d:db:74:f6:55:c6:ba:29:7e:c3:57:41:
f0:1b:22:a6:3f:1f:d8:35:5f:7f:64:8a:0f:47:3e:
5a:53:7f:c0:d1:b5:e1:de:d6:04:3c:d2:db:39:5e:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F5:BD:DE:D6:EA:BD:FD:0A:14:0E:C9:C2:A8:9F:75:54:C3:66:9F
X509v3 Authority Key Identifier:
keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/R_W93tbqvf0KFA7JwqifdVTDZp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.200.0/21
77.91.0.0/18
89.150.50.0/24
95.171.96.0/19
176.241.72.0/21
185.14.112.0/22
194.164.13.0/24
Signature Algorithm: sha256WithRSAEncryption
14:e9:6d:99:6b:95:f9:bc:73:6b:46:02:ce:34:2e:76:b2:9a:
82:ab:f9:1b:da:69:96:09:c2:32:68:1a:59:e0:d2:09:6f:48:
80:53:f9:bc:e9:23:77:a6:65:4d:42:b8:11:5f:f4:7f:35:a7:
80:61:89:5a:0b:8a:09:bb:d2:b9:5a:8a:c7:9c:b0:3d:b1:10:
0d:13:68:9c:a5:eb:a4:8c:fc:6b:99:ee:af:0b:fe:b9:3a:1f:
ff:f2:3e:af:7f:b2:e6:17:3c:15:fc:d7:a3:52:d8:d9:f4:75:
98:a5:1f:47:5a:12:73:85:68:2e:5e:9f:af:c3:86:dc:2e:51:
49:84:fa:8e:e4:19:76:fa:03:d9:bb:3e:62:25:22:7c:a9:68:
38:45:c7:a5:fb:75:c2:2b:d4:be:f0:89:a9:88:73:23:03:43:
1c:c2:89:b3:0d:fb:58:d4:eb:ba:8d:10:51:35:bd:51:28:de:
72:60:41:f1:18:7e:54:03:8b:ae:22:68:b1:ac:42:79:d7:47:
58:54:f0:d1:a8:6d:f4:e9:ef:25:ba:f1:72:04:76:a1:d4:78:
e0:db:40:c8:65:6e:d2:4e:02:bc:a6:a5:d5:ee:45:31:99:92:
85:40:d0:60:c6:16:a6:6d:5b:66:d8:50:72:30:dc:3c:da:bc:
88:14:9b:16
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5avpwzEt8JnW1ghYfvIBFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMy
Y2Q4MDIwHhcNMjQwMzIwMDcyMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Y1YmRkZWQ2ZWFiZGZkMGExNDBlYzljMmE4OWY3NTU0YzM2NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypFuDjZq0Wado4sbTzpkb+d/QNBR
/O1eZDI7PDhoNUEuSCovl0zKEUNVcD83/mdef3m+E/gLsw25fwQfMLHjRiVAnjR0
PwL08HOZyXeWfsmD0TsWZx+zsm7uhYAg2b8R/V7MqhWsuGFNT8seoNjQDAjY/XEi
OraVaihGWahGGBs/REnPSv7tFXQX3Z2oerXu5oUsCCVGl5tUUlWNCcX3iI6kjAGg
vcbRyz0XbUhm+wAl9nC/M0CxQI1id9fQMi3oNnv+Yfha/U8XkTwjxlE8iOxSweFN
23T2Vca6KX7DV0HwGyKmPx/YNV9/ZIoPRz5aU3/A0bXh3tYEPNLbOV49DwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEf1vd7W6r39ChQOycKon3VUw2afMB8GA1UdIwQY
MBaAFCG/ueIZ4V/tpq3Sljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODIt
NzNmZDJjMDM1ZWI1LzEvUl9XOTN0YnF2ZjBLRkE3SndxaWZkVlREWnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1
LzEvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXvIAwQG
TVsAAwQAWZYyAwQFX6tgAwQDsPFIAwQCuQ5wAwQAwqQNMA0GCSqGSIb3DQEBCwUA
A4IBAQAU6W2Za5X5vHNrRgLONC52spqCq/kb2mmWCcIyaBpZ4NIJb0iAU/m86SN3
pmVNQrgRX/R/NaeAYYlaC4oJu9K5WorHnLA9sRANE2icpeukjPxrme6vC/65Oh//
8j6vf7LmFzwV/NejUtjZ9HWYpR9HWhJzhWguXp+vw4bcLlFJhPqO5Bl2+gPZuz5i
JSJ8qWg4Rcel+3XCK9S+8ImpiHMjA0McwomzDftY1Ou6jRBRNb1RKN5yYEHxGH5U
A4uuImixrEJ510dYVPDRqG306e8luvFyBHah1Hjg20DIZW7STgK8pqXV7kUxmZKF
QNBgxhambVtm2FByMNw82ryIFJsW
-----END CERTIFICATE-----
Generated at Thu May 23 08:29:57 2024 by rpki-client on console-fra.rpki-client.org