Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MTHCrmEEzXlB20dHmHlArbrDXLg.roa
File: MTHCrmEEzXlB20dHmHlArbrDXLg.roa (raw, json)
Hash identifier: AHUdhVWc3NjvsyTUn/ObFij3ueUrch9LCn6c2FAGgUg=
Subject key identifier: 31:31:C2:AE:61:04:CD:79:41:DB:47:47:98:79:40:AD:BA:C3:5C:B8
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 018CC5003475D4141497D36B67EBB9DD1530
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MTHCrmEEzXlB20dHmHlArbrDXLg.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199234
IP address blocks: 37.131.166.0/24 maxlen: 24
37.131.161.0/24 maxlen: 24
37.131.162.0/23 maxlen: 23
37.131.170.0/23 maxlen: 23
37.131.167.0/24 maxlen: 24
37.131.172.0/22 maxlen: 22
2a00:10a0:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:34:75:d4:14:14:97:d3:6b:67:eb:b9:dd:15:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3131c2ae6104cd7941db4747987940adbac35cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cf:68:fc:10:87:ec:15:75:fa:91:c4:cf:a8:
14:4d:9d:46:de:bf:47:15:0a:7d:c2:c4:91:d4:5d:
0b:9a:fb:e2:ad:15:48:4f:52:c9:9d:ec:d4:9e:98:
b7:06:c9:9b:65:96:bd:34:82:95:d8:0e:b2:18:44:
1c:aa:98:bd:2f:8f:ee:1b:dd:ac:0f:59:bb:c7:7c:
ec:06:fa:9c:bd:87:a1:db:b4:b2:f5:37:b2:b4:58:
3c:53:5f:c7:53:ac:f5:df:c5:3b:fe:ed:7f:7a:37:
b4:56:52:7b:67:44:41:a9:be:e9:00:c2:5d:d7:83:
7e:53:43:5c:7c:10:9e:e2:d9:24:43:6a:2b:32:16:
5a:4c:10:0b:03:55:53:f4:67:ca:73:82:b8:3c:04:
bc:8d:56:c3:d9:38:06:5c:ce:52:de:ac:ea:a5:36:
c3:63:8d:96:31:55:80:9d:f0:63:25:2f:44:fc:0b:
ca:25:6b:96:2c:63:3d:24:93:14:7d:8e:a0:00:a4:
d5:11:97:ee:d2:dc:37:30:25:5e:2c:45:7c:e3:10:
de:c2:88:1c:5d:16:74:1b:d6:19:7f:9f:9e:3a:76:
49:0f:59:08:6c:36:1d:43:16:e7:91:52:97:48:16:
9c:4c:56:2d:08:0d:13:eb:e5:6a:5f:77:2d:c7:2e:
63:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:31:C2:AE:61:04:CD:79:41:DB:47:47:98:79:40:AD:BA:C3:5C:B8
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MTHCrmEEzXlB20dHmHlArbrDXLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.161.0-37.131.163.255
37.131.166.0/23
37.131.170.0-37.131.175.255
IPv6:
2a00:10a0:6::/48
Signature Algorithm: sha256WithRSAEncryption
a1:b3:33:9b:d3:61:14:03:cb:ee:ec:c3:95:40:72:2a:ce:02:
f5:e7:ca:50:8a:1f:8d:72:19:2e:71:37:5c:60:3c:81:fa:89:
ac:fc:36:bd:e5:8d:ca:fa:f0:a8:ff:bb:cf:5e:85:da:c5:12:
46:88:df:47:b2:f5:a2:82:5a:c3:20:dd:4b:ad:76:c4:db:49:
5a:62:f1:d5:98:20:d9:09:cb:9f:ec:cd:02:06:d1:b7:48:c1:
e4:fd:06:61:56:7f:bb:c8:d4:2e:4d:04:9a:86:9c:fd:97:71:
61:7a:40:e0:1c:60:60:56:5a:59:8c:6b:ff:9f:f3:f9:2e:03:
b6:12:c1:6d:9a:03:96:52:f2:e3:dc:8b:fe:3c:3d:a3:d8:3e:
f1:08:a4:67:50:77:65:05:bf:eb:71:ff:04:93:2d:a5:93:80:
c8:e9:26:3f:a0:23:06:b6:04:a9:8c:6c:8a:d2:7d:d3:6e:bb:
5a:64:6b:f9:4e:e2:b7:12:01:22:3f:a9:17:30:37:2b:5d:05:
04:6b:b2:b5:b1:ac:ae:b9:00:63:3f:dc:bb:40:5d:21:42:e8:
9b:7d:b9:1b:f1:ee:c9:17:3b:80:64:06:98:54:a7:85:1e:25:
65:d3:af:70:7a:4f:6e:22:5e:bf:b6:fe:57:52:14:92:a4:23:
a2:22:7e:97
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFADR11BQUl9NrZ+u53RUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMxYzJhZTYxMDRjZDc5NDFkYjQ3NDc5ODc5NDBhZGJhYzM1Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg89o/BCH7BV1+pHEz6gUTZ1G3r9H
FQp9wsSR1F0LmvvirRVIT1LJnezUnpi3BsmbZZa9NIKV2A6yGEQcqpi9L4/uG92s
D1m7x3zsBvqcvYeh27Sy9TeytFg8U1/HU6z138U7/u1/eje0VlJ7Z0RBqb7pAMJd
14N+U0NcfBCe4tkkQ2orMhZaTBALA1VT9GfKc4K4PAS8jVbD2TgGXM5S3qzqpTbD
Y42WMVWAnfBjJS9E/AvKJWuWLGM9JJMUfY6gAKTVEZfu0tw3MCVeLEV84xDewogc
XRZ0G9YZf5+eOnZJD1kIbDYdQxbnkVKXSBacTFYtCA0T6+VqX3ctxy5jbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDExwq5hBM15QdtHR5h5QK26w1y4MB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvTVRIQ3JtRUV6WGxCMjBkSG1IbEFyYnJEWExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAAlg6ED
BAIlg6ADBAElg6YwDAMEASWDqgMEBCWDoDAPBAIAAjAJAwcAKgAQoAAGMA0GCSqG
SIb3DQEBCwUAA4IBAQChszOb02EUA8vu7MOVQHIqzgL158pQih+NchkucTdcYDyB
+oms/Da95Y3K+vCo/7vPXoXaxRJGiN9HsvWiglrDIN1LrXbE20laYvHVmCDZCcuf
7M0CBtG3SMHk/QZhVn+7yNQuTQSahpz9l3FhekDgHGBgVlpZjGv/n/P5LgO2EsFt
mgOWUvLj3Iv+PD2j2D7xCKRnUHdlBb/rcf8Eky2lk4DI6SY/oCMGtgSpjGyK0n3T
brtaZGv5TuK3EgEiP6kXMDcrXQUEa7K1sayuuQBjP9y7QF0hQuibfbkb8e7JFzuA
ZAaYVKeFHiVl069wek9uIl6/tv5XUhSSpCOiIn6X
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:16:11 2024 by rpki-client on console-fra.rpki-client.org