Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aM8ocR3q8EE7bdbXGv-dz1oPpSc.roa
File: aM8ocR3q8EE7bdbXGv-dz1oPpSc.roa (raw, json)
Hash identifier: dnMtZt2ON0ayr7vduG77kGmQK0ucTfTmT1qnf7SK3u8=
Subject key identifier: 68:CF:28:71:1D:EA:F0:41:3B:6D:D6:D7:1A:FF:9D:CF:5A:0F:A5:27
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D6544BC4CF795D1A5C7240FCCAC437
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aM8ocR3q8EE7bdbXGv-dz1oPpSc.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.153.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:54:4b:c4:cf:79:5d:1a:5c:72:40:fc:ca:c4:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68cf28711deaf0413b6dd6d71aff9dcf5a0fa527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:24:ca:49:00:05:82:42:b8:c5:17:6b:fa:e2:
f6:8c:ab:bb:2c:24:b9:3c:7c:25:e3:af:f2:eb:01:
b8:03:a7:e3:be:35:ec:11:44:55:95:22:05:9c:0c:
88:0c:c5:cf:9c:4b:e9:09:0e:ab:85:54:b2:3f:c9:
40:fe:27:72:0a:4f:4d:34:2a:4b:f8:20:d2:ba:5d:
a6:f4:35:fc:7e:8a:76:33:6b:5c:cc:a2:67:49:93:
59:87:94:d7:a2:2b:bb:d0:f1:26:0b:cb:88:b1:a4:
fb:49:a7:e3:ef:4d:6b:44:b7:a4:c2:a8:56:17:23:
a2:f1:ce:b4:ab:5a:5c:04:ae:fc:ee:ad:ed:cb:0e:
45:ab:72:7e:7a:7d:e9:72:82:0a:22:d3:3a:08:c8:
ca:a5:f0:f7:7d:9f:b5:b3:7a:51:06:dd:2a:c7:b9:
e1:f3:2f:8f:91:0b:8b:d9:2a:3d:ed:47:de:76:8f:
25:e8:80:87:23:4e:42:10:c0:65:cf:3b:9d:21:66:
0e:6c:14:9f:32:15:ad:16:8d:fc:37:4d:16:8d:6e:
36:d0:19:c6:b6:8e:1f:c5:59:0d:22:b4:2f:37:3e:
48:a2:55:79:5d:11:ef:a4:99:df:a2:26:cd:31:79:
cc:c9:cd:9b:a5:60:08:bb:4e:2f:8c:df:3f:3c:4d:
e5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CF:28:71:1D:EA:F0:41:3B:6D:D6:D7:1A:FF:9D:CF:5A:0F:A5:27
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/aM8ocR3q8EE7bdbXGv-dz1oPpSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0f:7e:10:c7:35:1b:bf:aa:e4:6c:78:67:32:a0:20:a1:fd:
57:9f:f9:c4:52:59:54:6b:09:5c:56:6a:44:91:9f:90:19:16:
97:6d:72:10:90:77:ad:97:8e:3f:a2:09:28:20:eb:a1:6c:64:
90:e8:04:38:b0:77:fc:29:9b:5c:88:11:4c:1b:8c:3c:15:98:
7c:25:35:95:0d:61:21:ad:b7:9c:b9:18:db:9a:5e:ab:2b:e5:
14:3b:13:79:d3:57:0b:af:d6:0c:1f:77:c3:df:fc:b7:03:34:
86:29:49:ae:52:84:a3:73:b0:68:8b:76:84:ab:2e:68:6a:4c:
8d:c7:61:fd:81:65:06:89:67:f0:30:a2:c2:0e:e6:a4:53:62:
73:0e:d1:35:13:a6:dc:42:78:b3:8b:c2:ab:a9:c4:3c:5f:ae:
ac:16:d8:44:47:73:9d:8b:83:a2:f6:26:03:88:0c:c4:8e:da:
4a:9e:99:3c:d2:9c:f5:7f:de:03:32:a2:2b:3e:8d:34:28:ae:
3d:14:15:2c:c4:f0:30:61:6b:ad:fc:3e:da:15:04:46:98:3d:
c9:d0:9d:65:89:e4:bf:4c:8f:31:4a:fa:bc:bf:31:06:cf:59:
25:e9:9a:eb:06:c9:68:48:10:93:29:2e:fa:f5:f0:26:22:cf:
f8:dc:af:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lRLxM95XRpcckD8ysQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNmMjg3MTFkZWFmMDQxM2I2ZGQ2ZDcxYWZmOWRjZjVhMGZhNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iTKSQAFgkK4xRdr+uL2jKu7LCS5
PHwl46/y6wG4A6fjvjXsEURVlSIFnAyIDMXPnEvpCQ6rhVSyP8lA/idyCk9NNCpL
+CDSul2m9DX8fop2M2tczKJnSZNZh5TXoiu70PEmC8uIsaT7Safj701rRLekwqhW
FyOi8c60q1pcBK787q3tyw5Fq3J+en3pcoIKItM6CMjKpfD3fZ+1s3pRBt0qx7nh
8y+PkQuL2So97Ufedo8l6ICHI05CEMBlzzudIWYObBSfMhWtFo38N00WjW420BnG
to4fxVkNIrQvNz5IolV5XRHvpJnfoibNMXnMyc2bpWAIu04vjN8/PE3lRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjPKHEd6vBBO23W1xr/nc9aD6UnMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvYU04b2NSM3E4RUU3YmRiWEd2LWR6MW9QcFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmEMA0G
CSqGSIb3DQEBCwUAA4IBAQCED34QxzUbv6rkbHhnMqAgof1Xn/nEUllUawlcVmpE
kZ+QGRaXbXIQkHetl44/ogkoIOuhbGSQ6AQ4sHf8KZtciBFMG4w8FZh8JTWVDWEh
rbecuRjbml6rK+UUOxN501cLr9YMH3fD3/y3AzSGKUmuUoSjc7Boi3aEqy5oakyN
x2H9gWUGiWfwMKLCDuakU2JzDtE1E6bcQnizi8KrqcQ8X66sFthER3Odi4Oi9iYD
iAzEjtpKnpk80pz1f94DMqIrPo00KK49FBUsxPAwYWut/D7aFQRGmD3J0J1lieS/
TI8xSvq8vzEGz1kl6ZrrBsloSBCTKS769fAmIs/43K+w
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:53:47 2025 by rpki-client