Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/S7E5Siz4uTRzMwFM8FhPmBgEdIM.roa
File: S7E5Siz4uTRzMwFM8FhPmBgEdIM.roa (raw, json)
Hash identifier: o7bBnjuXPATR0rvHFL57ExTeXywj5cj/gjQKWbf2LII=
Subject key identifier: 4B:B1:39:4A:2C:F8:B9:34:73:33:01:4C:F0:58:4F:98:18:04:74:83
Certificate issuer: /CN=848d9800d69debae11b7f8161c3ce88181fde7b4
Certificate serial: 0191E11D99AD30FA19FADEA29AE39DD41C13
Authority key identifier: 84:8D:98:00:D6:9D:EB:AE:11:B7:F8:16:1C:3C:E8:81:81:FD:E7:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hI2YANad664Rt_gWHDzogYH957Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/S7E5Siz4uTRzMwFM8FhPmBgEdIM.roa
Signing time: Wed 11 Sep 2024 12:44:58 +0000
ROA not before: Wed 11 Sep 2024 12:44:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8245
IP address blocks: 185.237.169.0/24 maxlen: 24
185.237.170.0/24 maxlen: 24
185.237.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/hI2YANad664Rt_gWHDzogYH957Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/hI2YANad664Rt_gWHDzogYH957Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hI2YANad664Rt_gWHDzogYH957Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:1d:99:ad:30:fa:19:fa:de:a2:9a:e3:9d:d4:1c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=848d9800d69debae11b7f8161c3ce88181fde7b4
Validity
Not Before: Sep 11 12:44:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bb1394a2cf8b9347333014cf0584f9818047483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:61:08:42:14:51:f3:b3:22:ca:d4:79:80:
04:d1:77:62:91:b1:8d:24:c1:23:e1:0a:a6:55:12:
c7:18:57:11:54:18:ac:9c:38:13:04:1e:42:dc:f0:
23:d7:af:06:8b:97:ff:df:ab:57:ec:f2:3b:43:94:
23:a4:66:32:0a:1f:35:ae:d0:18:f0:08:ee:f5:4b:
a4:0e:ba:ce:10:25:18:8b:40:ca:1a:df:c5:92:18:
8c:26:5a:8e:0a:25:45:4c:2f:c9:f8:e6:52:f8:d1:
a2:56:ec:2d:38:b8:7c:61:28:7f:73:e0:f8:3b:d0:
49:55:17:59:d3:f0:d4:47:85:ec:ed:84:90:1f:12:
aa:c1:ac:b6:f4:cc:75:cd:77:35:b0:c1:38:d3:63:
5e:84:74:4b:2e:55:ab:b1:80:f8:56:d1:e2:0e:26:
de:73:70:c8:e8:2c:e0:bf:58:d9:2f:74:98:a1:7f:
47:b5:0c:fd:9a:23:0f:84:6b:be:66:b0:ba:93:4e:
4f:ba:36:2a:2b:ea:76:9b:0b:98:4c:24:6a:bc:03:
50:67:5e:f5:cf:72:4d:3c:73:91:e9:bb:f2:57:be:
91:b8:f7:ca:84:01:ff:8f:ef:07:de:ba:34:f2:6c:
bf:a2:86:0c:32:9d:7b:d3:3a:53:5d:ff:9f:0b:a7:
a3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B1:39:4A:2C:F8:B9:34:73:33:01:4C:F0:58:4F:98:18:04:74:83
X509v3 Authority Key Identifier:
keyid:84:8D:98:00:D6:9D:EB:AE:11:B7:F8:16:1C:3C:E8:81:81:FD:E7:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hI2YANad664Rt_gWHDzogYH957Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/S7E5Siz4uTRzMwFM8FhPmBgEdIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/hI2YANad664Rt_gWHDzogYH957Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.169.0-185.237.171.255
Signature Algorithm: sha256WithRSAEncryption
15:c3:c7:48:cc:71:22:87:b2:80:01:e8:4b:ae:9d:3a:00:48:
a3:66:ca:22:68:b1:8e:ca:41:06:6b:47:38:5e:0c:56:64:ff:
fc:ee:62:4b:01:25:42:c2:74:64:65:3a:03:c2:4d:13:4a:ba:
76:48:76:1d:1f:e4:d8:23:4d:27:15:31:43:f1:35:76:84:1f:
23:2e:91:33:ef:96:b9:23:e2:d7:eb:37:e2:de:9a:11:47:3c:
bf:a8:9f:fe:ed:77:0c:b7:27:03:7f:bb:16:61:c3:58:9e:7a:
2a:80:aa:ef:4f:b6:1b:91:9a:36:46:60:06:30:28:81:f2:2b:
95:b5:ff:10:71:ec:b7:ed:90:61:5a:1e:e5:ee:19:6f:cd:e8:
f1:79:de:c5:1c:a2:d9:9d:d0:6f:99:20:7c:2e:29:34:90:1b:
3b:9d:92:53:38:fb:82:78:f8:c7:a9:f5:a1:5a:e1:06:e7:40:
f7:cf:3a:cd:53:d8:66:fe:71:a1:1f:c8:ff:00:67:79:73:54:
f7:2f:06:74:05:5e:99:fa:9d:c2:5f:f4:13:0c:2a:1d:fd:1f:
0f:f9:9f:b1:5e:66:4a:ac:37:ef:d1:4f:6b:e7:7b:4a:5f:a4:
be:98:cb:bc:7d:86:b8:74:c1:67:c0:3b:c5:7f:91:38:87:3d:
32:07:4c:ee
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZHhHZmtMPoZ+t6imuOd1BwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OGQ5ODAwZDY5ZGViYWUxMWI3ZjgxNjFjM2NlODgxODFm
ZGU3YjQwHhcNMjQwOTExMTI0NDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIxMzk0YTJjZjhiOTM0NzMzMzAxNGNmMDU4NGY5ODE4MDQ3NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp05hCEIUUfOzIsrUeYAE0XdikbGN
JMEj4QqmVRLHGFcRVBisnDgTBB5C3PAj168Gi5f/36tX7PI7Q5QjpGYyCh81rtAY
8Aju9UukDrrOECUYi0DKGt/FkhiMJlqOCiVFTC/J+OZS+NGiVuwtOLh8YSh/c+D4
O9BJVRdZ0/DUR4Xs7YSQHxKqway29Mx1zXc1sME402NehHRLLlWrsYD4VtHiDibe
c3DI6Czgv1jZL3SYoX9HtQz9miMPhGu+ZrC6k05PujYqK+p2mwuYTCRqvANQZ171
z3JNPHOR6bvyV76RuPfKhAH/j+8H3ro08my/ooYMMp170zpTXf+fC6ejhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEuxOUos+Lk0czMBTPBYT5gYBHSDMB8GA1UdIwQY
MBaAFISNmADWneuuEbf4Fhw86IGB/ee0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEkyWUFOYWQ2NjRSdF9nV0hEem9nWUg5NTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zODcxMzYtM2M3MC00NjE5LTgzMjEt
M2Q5M2ZlNmQyMGFhLzEvUzdFNVNpejR1VFJ6TXdGTThGaFBtQmdFZElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zODcxMzYtM2M3MC00NjE5LTgzMjEtM2Q5M2ZlNmQyMGFh
LzEvaEkyWUFOYWQ2NjRSdF9nV0hEem9nWUg5NTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57akD
BAK57agwDQYJKoZIhvcNAQELBQADggEBABXDx0jMcSKHsoAB6EuunToASKNmyiJo
sY7KQQZrRzheDFZk//zuYksBJULCdGRlOgPCTRNKunZIdh0f5NgjTScVMUPxNXaE
HyMukTPvlrkj4tfrN+LemhFHPL+on/7tdwy3JwN/uxZhw1ieeiqAqu9PthuRmjZG
YAYwKIHyK5W1/xBx7LftkGFaHuXuGW/N6PF53sUcotmd0G+ZIHwuKTSQGzudklM4
+4J4+Mep9aFa4QbnQPfPOs1T2Gb+caEfyP8AZ3lzVPcvBnQFXpn6ncJf9BMMKh39
Hw/5n7FeZkqsN+/RT2vne0pfpL6Yy7x9hrh0wWfAO8V/kTiHPTIHTO4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:07 2024 by rpki-client on console-ams.rpki-client.org