Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/9lTT0rmSAXNh6pI1sy9hUULy3tw.roa
File: 9lTT0rmSAXNh6pI1sy9hUULy3tw.roa (raw, json)
Hash identifier: BRyAdpR0YLLK9uYHXQG8vQmq4EE5r8ozlviun4mFfRc=
Subject key identifier: F6:54:D3:D2:B9:92:01:73:61:EA:92:35:B3:2F:61:51:42:F2:DE:DC
Certificate issuer: /CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Certificate serial: 018CC86EF398A1631E51FF30476D1B557012
Authority key identifier: 31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/9lTT0rmSAXNh6pI1sy9hUULy3tw.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57763
IP address blocks: 91.224.66.0/23 maxlen: 23
185.63.0.0/22 maxlen: 22
185.63.0.0/24 maxlen: 24
185.63.1.0/24 maxlen: 24
185.63.2.0/24 maxlen: 24
185.63.3.0/24 maxlen: 24
37.75.136.0/21 maxlen: 21
37.75.136.0/22 maxlen: 22
37.75.140.0/24 maxlen: 24
37.75.141.0/24 maxlen: 24
37.75.142.0/23 maxlen: 23
2a01:5741::/32 maxlen: 32
2a01:5741::/48 maxlen: 48
2001:67c:2074::/48 maxlen: 48
2a01:5740::/32 maxlen: 32
2a01:5740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/MZIbb_GsRJuj5_iSzwgy0c631GQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/MZIbb_GsRJuj5_iSzwgy0c631GQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f3:98:a1:63:1e:51:ff:30:47:6d:1b:55:70:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f654d3d2b992017361ea9235b32f615142f2dedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:79:04:3a:93:99:e4:af:3b:5d:2b:fe:f4:
71:96:78:7f:90:27:40:bd:e8:60:a0:13:e8:d4:33:
13:c1:4f:3d:91:41:bf:78:26:b8:c9:3d:56:b3:3a:
7f:91:9c:9a:52:3f:8d:97:0b:ff:72:af:a0:b9:58:
f0:8f:e2:b8:0d:8a:66:7d:d7:40:2a:25:0e:ef:88:
63:ce:29:b0:76:f3:49:88:c8:b9:24:0e:51:7a:af:
c6:0a:e2:53:26:44:a5:6e:bc:a0:36:70:68:da:fe:
4a:66:34:fb:86:eb:b2:5d:aa:cd:81:9f:55:b4:61:
00:57:5d:31:61:6f:df:d5:ba:6c:fa:da:fa:70:04:
8c:3f:e3:0f:7c:e0:b8:80:92:f0:60:1a:53:97:9d:
4c:41:d3:aa:a0:e7:cf:b3:6e:b6:db:a3:a6:d0:90:
39:5d:fe:aa:00:95:40:d4:3b:c8:ee:37:ba:83:26:
4d:36:97:c6:e6:9d:e9:ff:33:25:ef:23:fc:de:9a:
78:06:95:7a:34:60:50:d7:14:23:b4:df:07:d6:9b:
c1:84:6e:92:3a:3c:ab:60:eb:1a:06:83:db:24:6c:
c5:16:3a:08:45:e1:c4:24:35:fc:c4:0f:a8:e5:82:
72:af:f7:58:05:68:d1:ac:0e:39:4b:c5:d3:c8:82:
89:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:54:D3:D2:B9:92:01:73:61:EA:92:35:B3:2F:61:51:42:F2:DE:DC
X509v3 Authority Key Identifier:
keyid:31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/9lTT0rmSAXNh6pI1sy9hUULy3tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/MZIbb_GsRJuj5_iSzwgy0c631GQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.136.0/21
91.224.66.0/23
185.63.0.0/22
IPv6:
2001:67c:2074::/48
2a01:5740::/31
Signature Algorithm: sha256WithRSAEncryption
38:cb:4b:eb:9b:69:8d:d5:02:87:15:cd:dd:b2:72:a8:9d:80:
78:8e:4e:73:23:5d:70:88:50:1d:70:01:dc:f5:75:91:96:b2:
5c:dc:44:00:cc:49:58:66:7b:af:a3:fb:dd:79:4a:d6:c8:ee:
86:48:e5:8d:aa:e7:43:1d:f4:26:72:87:48:ab:6b:39:a8:97:
64:cf:54:ee:7a:93:03:3c:7e:af:41:63:44:ce:b0:01:05:76:
6d:c7:44:d9:dc:22:f7:1d:39:6b:ad:86:ea:ca:14:75:a1:ce:
48:38:d9:21:6a:37:40:87:56:6d:e3:e9:6c:e5:24:79:18:fe:
94:34:ef:b6:23:f1:a5:7b:35:49:0e:f9:9f:16:74:e9:c5:5f:
ec:d2:20:04:c7:48:2b:43:fa:4b:ec:b1:81:5a:03:62:20:21:
7a:37:fe:d4:e2:36:01:0f:8b:e7:31:7f:30:17:56:e7:0c:35:
18:96:99:ee:a4:ed:f5:79:ec:55:6a:f6:ba:23:c5:0c:b2:2b:
28:a6:60:bf:aa:e0:fd:c5:b6:42:ff:f5:66:06:b9:46:d3:58:
e9:78:e3:01:43:b0:40:6a:2d:d8:84:69:bf:26:c5:ff:2e:ff:
e7:2c:e9:4c:e1:3a:4e:00:e7:fe:35:60:5b:55:fd:11:33:31:
e0:2d:fd:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIbvOYoWMeUf8wR20bVXASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOTIxYjZmZjFhYzQ0OWJhM2U3Zjg5MmNmMDgzMmQxY2Vi
N2Q0NjQwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU0ZDNkMmI5OTIwMTczNjFlYTkyMzViMzJmNjE1MTQyZjJkZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiV5BDqTmeSvO10r/vRxlnh/kCdA
vehgoBPo1DMTwU89kUG/eCa4yT1Wszp/kZyaUj+Nlwv/cq+guVjwj+K4DYpmfddA
KiUO74hjzimwdvNJiMi5JA5Req/GCuJTJkSlbrygNnBo2v5KZjT7huuyXarNgZ9V
tGEAV10xYW/f1bps+tr6cASMP+MPfOC4gJLwYBpTl51MQdOqoOfPs26226Om0JA5
Xf6qAJVA1DvI7je6gyZNNpfG5p3p/zMl7yP83pp4BpV6NGBQ1xQjtN8H1pvBhG6S
OjyrYOsaBoPbJGzFFjoIReHEJDX8xA+o5YJyr/dYBWjRrA45S8XTyIKJFwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPZU09K5kgFzYeqSNbMvYVFC8t7cMB8GA1UdIwQY
MBaAFDGSG2/xrESbo+f4ks8IMtHOt9RkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMt
OWQ3YTg4NzJiNDU0LzEvOWxUVDBybVNBWE5oNnBJMXN5OWhVVUx5M3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMtOWQ3YTg4NzJiNDU0
LzEvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDJUuIAwQB
W+BCAwQCuT8AMBYEAgACMBADBwAgAQZ8IHQDBQEqAVdAMA0GCSqGSIb3DQEBCwUA
A4IBAQA4y0vrm2mN1QKHFc3dsnKonYB4jk5zI11wiFAdcAHc9XWRlrJc3EQAzElY
Znuvo/vdeUrWyO6GSOWNqudDHfQmcodIq2s5qJdkz1TuepMDPH6vQWNEzrABBXZt
x0TZ3CL3HTlrrYbqyhR1oc5IONkhajdAh1Zt4+ls5SR5GP6UNO+2I/GlezVJDvmf
FnTpxV/s0iAEx0grQ/pL7LGBWgNiICF6N/7U4jYBD4vnMX8wF1bnDDUYlpnupO31
eexVava6I8UMsisopmC/quD9xbZC//VmBrlG01jpeOMBQ7BAai3YhGm/JsX/Lv/n
LOlM4TpOAOf+NWBbVf0RMzHgLf36
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:34 2024 by rpki-client on console-ams.rpki-client.org