Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/pgQN5XRa0zvpKSQrl-IE-jf1yqA.roa
File: pgQN5XRa0zvpKSQrl-IE-jf1yqA.roa (raw, json)
Hash identifier: fYXC3eD70mjo8RSzzMrh+y+NAG8g1ATMY+LLJcobl3w=
Subject key identifier: A6:04:0D:E5:74:5A:D3:3B:E9:29:24:2B:97:E2:04:FA:37:F5:CA:A0
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018CC42479A96706E4865E090B66F76494C4
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/pgQN5XRa0zvpKSQrl-IE-jf1yqA.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196818
IP address blocks: 217.73.240.0/23 maxlen: 23
217.73.244.0/22 maxlen: 22
217.73.240.0/20 maxlen: 20
217.73.242.0/23 maxlen: 23
217.73.248.0/21 maxlen: 21
37.202.32.0/21 maxlen: 21
37.202.40.0/23 maxlen: 23
37.202.42.0/23 maxlen: 23
37.202.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:79:a9:67:06:e4:86:5e:09:0b:66:f7:64:94:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6040de5745ad33be929242b97e204fa37f5caa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:0d:3b:11:99:a9:32:24:69:fe:4c:32:f8:
c3:49:ee:5d:60:f1:2d:80:0c:8c:21:09:1f:df:57:
ca:db:e5:0f:3f:a7:80:4d:4e:04:d7:be:5c:9f:60:
65:c4:fc:37:72:d3:8b:4f:c2:70:63:90:8e:82:eb:
44:98:94:a2:fe:08:45:0f:76:4a:cc:e4:9f:0e:1d:
d7:e4:b2:04:2b:11:e7:8a:6e:63:c8:26:ab:47:04:
65:e6:a9:be:89:e6:93:41:6c:75:b1:84:a4:56:a4:
c5:5b:f3:21:8e:93:54:93:b9:01:a6:16:5b:78:d2:
37:88:ae:9b:77:81:25:ff:22:78:46:fe:bf:8e:ec:
93:cd:7c:7c:e9:e3:c1:aa:90:58:62:a7:ae:49:4b:
c6:18:70:17:91:b7:af:12:67:09:fd:86:8e:46:70:
45:7d:9e:f6:df:9e:19:12:38:53:e6:8c:e3:d9:2e:
aa:3e:e3:cb:11:2f:41:27:f9:d8:00:1b:f2:cd:17:
a9:eb:f9:00:eb:3b:ba:b7:eb:fd:c3:45:32:57:d3:
6e:06:7e:4a:3d:34:29:fc:e1:91:8a:72:c4:3a:9d:
50:32:85:0c:66:f3:cf:65:b9:bd:34:7f:38:d0:d6:
bf:03:00:eb:24:d4:43:31:f8:5d:a7:6b:d0:95:9b:
49:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:04:0D:E5:74:5A:D3:3B:E9:29:24:2B:97:E2:04:FA:37:F5:CA:A0
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/pgQN5XRa0zvpKSQrl-IE-jf1yqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.32.0-37.202.43.255
37.202.46.0/23
217.73.240.0/20
Signature Algorithm: sha256WithRSAEncryption
08:a6:a1:d4:53:40:b4:10:33:bf:ee:ea:5e:e9:0d:b2:1e:1a:
ad:a1:71:b9:27:1f:6c:6e:37:a4:02:ed:5c:04:48:11:6a:72:
bd:d9:c6:db:3f:f5:ec:b1:6f:71:c0:b9:97:5f:1b:05:36:2a:
6d:2f:77:ca:08:e8:8d:f5:aa:24:db:f7:60:4c:33:92:ef:ab:
75:5c:24:9d:bb:83:00:1e:c2:3f:3b:e9:58:3c:2e:67:ce:20:
8c:9c:89:f9:0f:ec:d8:1c:3b:b7:4c:5f:70:d4:10:d9:48:cd:
d0:ef:28:7e:9f:35:0f:d3:8c:18:c2:8d:0d:2e:2f:4b:86:c1:
c2:3d:ab:4b:c7:99:d0:b8:0d:22:07:75:97:ea:15:bd:73:75:
f2:93:bd:c3:0b:97:2b:b0:55:cb:54:41:5c:78:64:dc:79:c2:
25:6d:72:dd:52:10:13:6d:b4:6e:9c:db:31:7a:40:6b:40:42:
c0:e8:79:38:7a:0f:6f:03:3c:c1:26:b4:08:f5:6c:a8:cd:2c:
00:5e:d1:88:6c:d0:77:f8:9c:05:01:34:53:a6:4d:ab:ee:70:
66:61:5c:2d:31:1a:72:88:6c:2d:fa:7c:e6:8d:f7:29:51:d0:
61:aa:a0:f8:79:73:08:f0:20:28:de:c2:4b:22:86:34:4c:96:
31:94:25:34
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJHmpZwbkhl4JC2b3ZJTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA0MGRlNTc0NWFkMzNiZTkyOTI0MmI5N2UyMDRmYTM3ZjVjYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpsNOxGZqTIkaf5MMvjDSe5dYPEt
gAyMIQkf31fK2+UPP6eATU4E175cn2BlxPw3ctOLT8JwY5COgutEmJSi/ghFD3ZK
zOSfDh3X5LIEKxHnim5jyCarRwRl5qm+ieaTQWx1sYSkVqTFW/MhjpNUk7kBphZb
eNI3iK6bd4El/yJ4Rv6/juyTzXx86ePBqpBYYqeuSUvGGHAXkbevEmcJ/YaORnBF
fZ72354ZEjhT5ozj2S6qPuPLES9BJ/nYABvyzRep6/kA6zu6t+v9w0UyV9NuBn5K
PTQp/OGRinLEOp1QMoUMZvPPZbm9NH840Na/AwDrJNRDMfhdp2vQlZtJ4QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKYEDeV0WtM76SkkK5fiBPo39cqgMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvcGdRTjVYUmEwenZwS1NRcmwtSUUtamYxeXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUlyiAD
BAIlyigDBAElyi4DBATZSfAwDQYJKoZIhvcNAQELBQADggEBAAimodRTQLQQM7/u
6l7pDbIeGq2hcbknH2xuN6QC7VwESBFqcr3Zxts/9eyxb3HAuZdfGwU2Km0vd8oI
6I31qiTb92BMM5Lvq3VcJJ27gwAewj876Vg8LmfOIIycifkP7NgcO7dMX3DUENlI
zdDvKH6fNQ/TjBjCjQ0uL0uGwcI9q0vHmdC4DSIHdZfqFb1zdfKTvcMLlyuwVctU
QVx4ZNx5wiVtct1SEBNttG6c2zF6QGtAQsDoeTh6D28DPMEmtAj1bKjNLABe0Yhs
0Hf4nAUBNFOmTavucGZhXC0xGnKIbC36fOaN9ylR0GGqoPh5cwjwICjewksihjRM
ljGUJTQ=
-----END CERTIFICATE-----
Generated at Sun May 19 08:30:00 2024 by rpki-client on console-fra.rpki-client.org