Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IBCHpEAaDo8UsDeVSqm2ZfRDizI.roa
File: IBCHpEAaDo8UsDeVSqm2ZfRDizI.roa (raw, json)
Hash identifier: oPL908vcpf9ZovLdJRzIunXy1JNsHRdNw280ujvFocc=
Subject key identifier: 20:10:87:A4:40:1A:0E:8F:14:B0:37:95:4A:A9:B6:65:F4:43:8B:32
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019039C4FD3D3E9E51F3D820900EBA0679D9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IBCHpEAaDo8UsDeVSqm2ZfRDizI.roa
Signing time: Fri 21 Jun 2024 07:48:49 +0000
ROA not before: Fri 21 Jun 2024 07:48:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 37.46.149.0/24 maxlen: 24
45.141.26.0/23 maxlen: 24
89.38.101.0/24 maxlen: 24
185.241.210.0/24 maxlen: 24
188.212.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:c4:fd:3d:3e:9e:51:f3:d8:20:90:0e:ba:06:79:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 21 07:48:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=201087a4401a0e8f14b037954aa9b665f4438b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3b:70:70:4f:f1:b4:5b:18:ef:4a:26:43:a9:
e6:f2:f3:96:ca:2b:6c:e8:74:d3:94:01:24:04:17:
9f:b1:6f:bc:8a:3a:37:a1:82:4c:13:a9:48:e2:dd:
1e:32:b2:88:2e:37:45:04:72:9e:b3:8f:7e:80:22:
3b:d5:98:21:5c:a1:45:4f:d7:24:ba:fa:c3:48:b0:
b9:cb:f9:f5:30:d4:d4:c7:b2:5a:14:ed:23:93:60:
cf:1a:35:f1:07:c7:11:ae:58:93:c6:8a:19:e8:20:
ff:ad:dd:f4:60:de:bc:44:5e:a7:0f:f7:c9:d8:8c:
0e:cc:ca:5a:48:1f:75:45:3c:81:e4:02:4c:0c:51:
b8:f9:17:83:6b:54:f9:20:b2:45:a9:fe:31:83:c1:
7a:20:a4:21:1e:e2:4a:3c:2c:0e:a4:8b:17:aa:d2:
b1:26:69:17:5b:01:1f:9e:a4:72:d2:e8:9f:21:6a:
12:d8:57:d1:f1:ad:5f:b3:cc:c1:56:97:58:cd:ff:
07:86:c0:bf:6f:78:b2:13:8d:54:b0:b7:78:49:6e:
72:5d:5b:8e:f2:ee:b9:46:67:1e:d5:22:69:70:a2:
0f:d4:bd:8c:6d:c7:a0:89:c2:2a:46:37:05:3b:85:
e5:45:f0:91:78:ea:63:08:78:6a:6d:1a:54:d2:2b:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:10:87:A4:40:1A:0E:8F:14:B0:37:95:4A:A9:B6:65:F4:43:8B:32
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IBCHpEAaDo8UsDeVSqm2ZfRDizI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.149.0/24
45.141.26.0/23
89.38.101.0/24
185.241.210.0/24
188.212.158.0/23
Signature Algorithm: sha256WithRSAEncryption
51:d1:e9:97:8e:5b:5c:86:00:78:2b:c4:99:6c:1c:4d:e9:7f:
6b:20:2b:e8:39:de:65:9f:58:64:a1:c0:c3:c5:f6:6f:d9:3f:
da:92:b5:0f:ee:a5:d3:95:ad:73:f9:99:1d:91:cd:e5:fd:ab:
9a:19:61:2d:d0:bd:ec:39:d2:e5:b3:00:b7:32:a1:10:83:5c:
96:fc:27:e7:41:bc:cd:36:61:85:fe:a5:10:22:56:1f:bc:1e:
f1:74:e7:26:48:60:06:7f:be:ac:e9:b0:3f:9e:95:84:05:fb:
cf:0d:48:d3:01:0d:6c:cc:19:e0:c8:f4:b6:8c:bd:d8:fb:66:
b1:0d:2e:b0:d0:4a:92:a0:6c:86:b4:1a:e5:45:68:86:fa:c2:
b3:fe:d9:03:41:55:b8:d4:c3:ea:b0:82:cb:d0:68:5f:7d:64:
cf:90:1b:be:48:cf:76:c9:32:c2:3a:e6:47:30:7c:fb:82:d8:
f2:74:88:58:57:4b:e3:68:cb:12:7d:4d:f3:2a:3a:8b:21:ad:
bd:de:bc:90:30:a5:76:5e:ea:1a:34:b1:b1:e8:fe:91:16:a1:
04:86:85:a0:7b:12:38:21:08:4f:a5:65:89:2c:f2:0e:a4:d4:
08:08:eb:27:42:72:47:8b:50:9f:88:6e:5b:74:08:9f:02:7e:
4a:f1:0b:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZA5xP09Pp5R89ggkA66BnnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNjIxMDc0ODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDEwODdhNDQwMWEwZThmMTRiMDM3OTU0YWE5YjY2NWY0NDM4YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyztwcE/xtFsY70omQ6nm8vOWyits
6HTTlAEkBBefsW+8ijo3oYJME6lI4t0eMrKILjdFBHKes49+gCI71ZghXKFFT9ck
uvrDSLC5y/n1MNTUx7JaFO0jk2DPGjXxB8cRrliTxooZ6CD/rd30YN68RF6nD/fJ
2IwOzMpaSB91RTyB5AJMDFG4+ReDa1T5ILJFqf4xg8F6IKQhHuJKPCwOpIsXqtKx
JmkXWwEfnqRy0uifIWoS2FfR8a1fs8zBVpdYzf8HhsC/b3iyE41UsLd4SW5yXVuO
8u65Rmce1SJpcKIP1L2MbcegicIqRjcFO4XlRfCReOpjCHhqbRpU0iur9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCAQh6RAGg6PFLA3lUqptmX0Q4syMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSUJDSHBFQWFEbzhVc0RlVlNxbTJaZlJEaXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJS6VAwQB
LY0aAwQAWSZlAwQAufHSAwQBvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQBR0emXjltc
hgB4K8SZbBxN6X9rICvoOd5ln1hkocDDxfZv2T/akrUP7qXTla1z+Zkdkc3l/aua
GWEt0L3sOdLlswC3MqEQg1yW/CfnQbzNNmGF/qUQIlYfvB7xdOcmSGAGf76s6bA/
npWEBfvPDUjTAQ1szBngyPS2jL3Y+2axDS6w0EqSoGyGtBrlRWiG+sKz/tkDQVW4
1MPqsILL0GhffWTPkBu+SM92yTLCOuZHMHz7gtjydIhYV0vjaMsSfU3zKjqLIa29
3ryQMKV2XuoaNLGx6P6RFqEEhoWgexI4IQhPpWWJLPIOpNQICOsnQnJHi1CfiG5b
dAifAn5K8Qs6
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:10 2024 by rpki-client on console-ams.rpki-client.org