Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/S2686P4b87MQy1aQ6QOC1omFJUY.roa
File: S2686P4b87MQy1aQ6QOC1omFJUY.roa (raw, json)
Hash identifier: zPAN2SN0UgJEwxHEzXpIHS8pW3PCcOCvw0hNoYbrNmE=
Subject key identifier: 4B:6E:BC:E8:FE:1B:F3:B3:10:CB:56:90:E9:03:82:D6:89:85:25:46
Certificate issuer: /CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Certificate serial: 018CCA29CE5C11607E947BA46FC6C5DF3ACB
Authority key identifier: 33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/S2686P4b87MQy1aQ6QOC1omFJUY.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 37.19.96.0/21 maxlen: 21
37.19.97.0/24 maxlen: 24
37.19.98.0/24 maxlen: 24
37.19.99.0/24 maxlen: 24
37.19.100.0/24 maxlen: 24
185.109.163.0/24 maxlen: 24
37.203.192.0/24 maxlen: 24
37.203.192.0/22 maxlen: 22
37.203.192.0/21 maxlen: 21
37.203.193.0/24 maxlen: 24
37.203.194.0/24 maxlen: 24
37.203.195.0/24 maxlen: 24
37.203.196.0/24 maxlen: 24
37.203.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/M29qyC9vKOPT5bZkdVlNgxjnWrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/M29qyC9vKOPT5bZkdVlNgxjnWrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ce:5c:11:60:7e:94:7b:a4:6f:c6:c5:df:3a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b6ebce8fe1bf3b310cb5690e90382d689852546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:48:9b:1d:a0:a0:31:8f:d3:35:71:9b:36:
1b:9e:2c:fd:ae:42:e6:0b:c9:c4:db:48:a8:40:5d:
4f:1b:0f:bb:4a:6b:f3:08:df:7b:96:a6:85:19:45:
d2:9f:22:3a:0f:d8:6b:9d:7d:e6:c8:1d:2f:57:c5:
05:62:59:f6:81:c7:e8:50:4f:3c:f3:26:3e:62:63:
70:bb:83:bf:17:d4:36:06:bc:b9:cc:2a:77:28:ec:
79:49:3d:9d:1f:af:34:19:a5:b5:08:d0:9b:01:1b:
9f:06:5d:94:51:30:88:14:47:4a:6e:47:2f:22:28:
e8:da:1a:d7:d4:4f:5c:46:8b:a6:48:80:fd:86:fc:
c0:8b:c6:12:2f:b3:a7:92:59:40:8b:36:7f:bb:23:
83:56:85:5c:95:d6:f6:45:71:51:21:9a:42:91:36:
2e:c2:60:a4:9b:74:dc:c1:67:bf:b8:ce:fa:6b:0d:
b5:14:17:1b:78:e9:2e:45:a7:8d:ce:b7:0e:5e:10:
a1:f0:ac:7d:fa:6c:8c:b2:39:70:21:08:dd:51:78:
60:bd:77:42:5d:77:dc:b6:98:4a:e0:db:1e:aa:a1:
f6:73:88:8c:2e:ce:bf:e9:3c:c8:54:a9:c2:05:e3:
76:59:16:4a:d8:7d:7f:c8:db:ce:b5:22:f2:ac:88:
ee:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6E:BC:E8:FE:1B:F3:B3:10:CB:56:90:E9:03:82:D6:89:85:25:46
X509v3 Authority Key Identifier:
keyid:33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/S2686P4b87MQy1aQ6QOC1omFJUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/M29qyC9vKOPT5bZkdVlNgxjnWrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.109.163.0/24
Signature Algorithm: sha256WithRSAEncryption
99:99:e3:cd:a5:94:2b:7a:c2:99:1e:5d:29:45:d3:84:7b:5f:
3e:fa:0f:99:53:61:45:96:29:85:19:90:65:f1:30:2f:e2:92:
8b:2a:f0:87:cd:f2:7a:3d:4f:7b:d7:df:ba:9e:cd:b6:3b:ca:
77:31:85:ae:ba:bd:d1:aa:7c:d2:4a:ff:12:1c:a1:f7:06:35:
77:96:93:05:05:96:74:cc:0e:e9:d5:71:ca:90:a1:17:98:26:
33:b3:f6:f8:ed:18:03:36:4a:87:80:19:b4:c2:24:a0:76:91:
76:68:d5:fd:3f:36:83:8f:c3:60:88:c2:cb:f7:41:4f:3a:0d:
a3:e7:cc:14:6e:7a:5f:1d:77:9b:dd:4c:9b:27:48:3a:ef:d9:
92:e3:ee:ee:8b:a2:df:c7:19:3c:c0:dc:45:7a:32:1a:79:c4:
0a:bb:be:c3:a7:10:5e:3f:47:14:ac:60:b5:a5:99:e7:42:08:
31:0c:fb:4b:c0:fc:80:c9:e2:d4:62:07:80:6b:2c:dc:c0:76:
65:6b:04:2b:4f:8e:ef:71:6c:74:da:f2:73:b2:bc:11:ca:91:
6c:87:dc:ac:08:c7:fb:8f:05:ce:19:02:1b:99:c4:d4:91:2c:
77:4e:de:3b:a4:6c:15:a4:de:47:7e:aa:6a:47:18:aa:b8:e3:
c3:2c:7a:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKc5cEWB+lHukb8bF3zrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNmY2YWM4MmY2ZjI4ZTNkM2U1YjY2NDc1NTk0ZDgzMThl
NzVhYjMwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZlYmNlOGZlMWJmM2IzMTBjYjU2OTBlOTAzODJkNjg5ODUyNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+9Imx2goDGP0zVxmzYbniz9rkLm
C8nE20ioQF1PGw+7SmvzCN97lqaFGUXSnyI6D9hrnX3myB0vV8UFYln2gcfoUE88
8yY+YmNwu4O/F9Q2Bry5zCp3KOx5ST2dH680GaW1CNCbARufBl2UUTCIFEdKbkcv
Iijo2hrX1E9cRoumSID9hvzAi8YSL7OnkllAizZ/uyODVoVcldb2RXFRIZpCkTYu
wmCkm3TcwWe/uM76aw21FBcbeOkuRaeNzrcOXhCh8Kx9+myMsjlwIQjdUXhgvXdC
XXfctphK4NseqqH2c4iMLs6/6TzIVKnCBeN2WRZK2H1/yNvOtSLyrIjuLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEtuvOj+G/OzEMtWkOkDgtaJhSVGMB8GA1UdIwQY
MBaAFDNvasgvbyjj0+W2ZHVZTYMY51qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAt
Y2NiMDE2YWUxNTEzLzEvUzI2ODZQNGI4N01ReTFhUTZRT0Mxb21GSlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAtY2NiMDE2YWUxNTEz
LzEvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJRNgAwQD
JcvAAwQAuW2jMA0GCSqGSIb3DQEBCwUAA4IBAQCZmePNpZQresKZHl0pRdOEe18+
+g+ZU2FFlimFGZBl8TAv4pKLKvCHzfJ6PU9719+6ns22O8p3MYWuur3RqnzSSv8S
HKH3BjV3lpMFBZZ0zA7p1XHKkKEXmCYzs/b47RgDNkqHgBm0wiSgdpF2aNX9PzaD
j8NgiMLL90FPOg2j58wUbnpfHXeb3UybJ0g679mS4+7ui6Lfxxk8wNxFejIaecQK
u77DpxBeP0cUrGC1pZnnQggxDPtLwPyAyeLUYgeAayzcwHZlawQrT47vcWx02vJz
srwRypFsh9ysCMf7jwXOGQIbmcTUkSx3Tt47pGwVpN5HfqpqRxiquOPDLHpA
-----END CERTIFICATE-----
Generated at Mon May 13 08:55:40 2024 by rpki-client on console-fra.rpki-client.org