Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/GxHPba52dpXgTrk9hfd0S_vV3Xo.roa
File: GxHPba52dpXgTrk9hfd0S_vV3Xo.roa (raw, json)
Hash identifier: NpkT2JCbEx6ITk/YEBjP7eSZHlG7CWAFWrbIZ8y374U=
Subject key identifier: 1B:11:CF:6D:AE:76:76:95:E0:4E:B9:3D:85:F7:74:4B:FB:D5:DD:7A
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 018CC79331204C39748E6ED850EDC34D0F01
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/GxHPba52dpXgTrk9hfd0S_vV3Xo.roa
Signing time: Tue 02 Jan 2024 00:29:21 +0000
ROA not before: Tue 02 Jan 2024 00:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60609
IP address blocks: 185.37.212.0/24 maxlen: 24
185.37.213.0/24 maxlen: 24
185.158.170.0/23 maxlen: 23
185.158.171.0/24 maxlen: 24
185.158.168.0/23 maxlen: 23
185.37.214.0/24 maxlen: 24
185.37.215.0/24 maxlen: 24
185.77.159.0/24 maxlen: 24
185.86.11.0/24 maxlen: 24
185.77.156.0/24 maxlen: 24
185.77.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 21:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:31:20:4c:39:74:8e:6e:d8:50:ed:c3:4d:0f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 00:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b11cf6dae767695e04eb93d85f7744bfbd5dd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7a:89:26:0a:fc:64:c8:fe:c4:b6:ef:52:80:
a3:ee:8e:d3:56:da:ec:45:d7:9f:bb:0a:bd:87:60:
6e:b8:cc:3c:f3:cd:9f:96:e4:b7:82:7c:e1:31:73:
60:a5:58:97:42:6f:fe:e1:9a:e3:f0:38:4e:34:83:
01:c3:24:27:33:21:56:bc:a1:92:d1:2a:1f:67:2e:
5c:6d:18:d1:02:6b:2b:aa:51:dd:29:62:a5:2c:11:
00:66:e0:c4:df:09:d1:cf:23:41:27:af:01:20:87:
de:c8:97:28:f6:f3:c5:42:23:41:85:0b:b9:1a:97:
18:50:4b:dc:d3:a8:66:66:9f:70:ee:d5:e3:0c:9a:
89:78:a1:a3:31:3d:1f:1f:df:da:88:58:b8:a7:19:
f7:d7:f7:44:0e:79:07:d5:eb:16:b2:eb:ab:48:c9:
70:22:a6:34:d1:3b:de:ca:02:46:e0:5c:2e:f6:0f:
73:20:d4:15:4a:66:19:21:80:0e:05:5f:12:60:65:
cc:3a:ea:f9:44:36:38:75:46:73:51:1a:b4:51:e1:
f7:2d:a5:1d:00:00:6c:d8:d1:d9:6c:e4:ba:33:13:
78:6f:e0:57:44:49:0a:c9:10:1a:27:bd:7b:14:f6:
72:97:68:e9:49:f5:94:74:57:07:51:b4:27:18:25:
dd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:11:CF:6D:AE:76:76:95:E0:4E:B9:3D:85:F7:74:4B:FB:D5:DD:7A
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/GxHPba52dpXgTrk9hfd0S_vV3Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.212.0/22
185.77.156.0/23
185.77.159.0/24
185.86.11.0/24
185.158.168.0/22
Signature Algorithm: sha256WithRSAEncryption
51:06:e4:de:c9:2e:15:d8:80:ff:44:42:eb:7a:eb:01:60:0f:
35:ba:d5:b5:f8:b4:6e:31:13:9f:40:05:3c:da:59:8e:2d:59:
d4:7c:09:20:69:cf:4e:2a:71:a2:02:0a:92:47:5c:b4:eb:b8:
74:7d:0e:e5:2d:fa:6b:f9:1d:e3:21:45:50:05:50:1a:32:03:
2e:bd:13:a2:9c:b7:d7:d7:11:79:ea:b3:46:4f:4f:29:6f:8e:
d4:b7:d5:53:2b:f4:55:3a:90:1c:7c:9f:e0:64:da:06:ef:b9:
3a:9d:1a:4c:8b:27:7a:d0:f9:3a:b7:eb:c7:be:0a:d9:f2:6e:
38:38:fb:76:04:e3:a7:e0:4d:8c:4d:f8:43:72:34:57:1c:f5:
d1:58:16:a1:a2:bd:23:ee:d8:0c:cd:7a:2d:ca:08:d0:68:a6:
68:71:ed:d7:18:52:00:ee:15:c7:08:94:97:d8:a1:78:cb:4a:
c5:b4:92:f5:9b:ee:fa:77:f2:d0:b4:db:b1:8f:5d:4b:7d:f0:
8c:2f:5b:07:db:98:01:62:f6:4e:e8:c9:2d:06:75:8e:a2:e5:
db:ed:3f:1d:5c:cf:52:a0:9c:e1:83:3e:bd:98:51:3a:48:bb:
44:9f:63:f2:e9:de:76:e3:31:e7:33:50:3d:d7:fd:6f:5f:ed:
b2:e9:23:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHkzEgTDl0jm7YUO3DTQ8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjQwMTAyMDAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjExY2Y2ZGFlNzY3Njk1ZTA0ZWI5M2Q4NWY3NzQ0YmZiZDVkZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3qJJgr8ZMj+xLbvUoCj7o7TVtrs
Rdefuwq9h2BuuMw8882fluS3gnzhMXNgpViXQm/+4Zrj8DhONIMBwyQnMyFWvKGS
0SofZy5cbRjRAmsrqlHdKWKlLBEAZuDE3wnRzyNBJ68BIIfeyJco9vPFQiNBhQu5
GpcYUEvc06hmZp9w7tXjDJqJeKGjMT0fH9/aiFi4pxn31/dEDnkH1esWsuurSMlw
IqY00TveygJG4Fwu9g9zINQVSmYZIYAOBV8SYGXMOur5RDY4dUZzURq0UeH3LaUd
AABs2NHZbOS6MxN4b+BXREkKyRAaJ717FPZyl2jpSfWUdFcHUbQnGCXdawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBsRz22udnaV4E65PYX3dEv71d16MB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvR3hIUGJhNTJkcFhnVHJrOWhmZDBTX3ZWM1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuSXUAwQB
uU2cAwQAuU2fAwQAuVYLAwQCuZ6oMA0GCSqGSIb3DQEBCwUAA4IBAQBRBuTeyS4V
2ID/RELreusBYA81utW1+LRuMROfQAU82lmOLVnUfAkgac9OKnGiAgqSR1y067h0
fQ7lLfpr+R3jIUVQBVAaMgMuvROinLfX1xF56rNGT08pb47Ut9VTK/RVOpAcfJ/g
ZNoG77k6nRpMiyd60Pk6t+vHvgrZ8m44OPt2BOOn4E2MTfhDcjRXHPXRWBahor0j
7tgMzXotygjQaKZoce3XGFIA7hXHCJSX2KF4y0rFtJL1m+76d/LQtNuxj11LffCM
L1sH25gBYvZO6MktBnWOouXb7T8dXM9SoJzhgz69mFE6SLtEn2Py6d524zHnM1A9
1/1vX+2y6SMK
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:24:24 2024 by rpki-client on console-ams.rpki-client.org