Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/0Figpd9XoRAJbNw7nusuy20Ad1E.roa
File: 0Figpd9XoRAJbNw7nusuy20Ad1E.roa (raw, json)
Hash identifier: I9zaSTUqGMwklxt6F9ye7akELaC43mjoVIvFyNNef2w=
Subject key identifier: D0:58:A0:A5:DF:57:A1:10:09:6C:DC:3B:9E:EB:2E:CB:6D:00:77:51
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 018EA789BAA0BA0EF0F1741E212AB7EEADBE
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/0Figpd9XoRAJbNw7nusuy20Ad1E.roa
Signing time: Thu 04 Apr 2024 05:16:44 +0000
ROA not before: Thu 04 Apr 2024 05:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47172
IP address blocks: 37.218.240.0/21 maxlen: 24
37.218.240.0/24 maxlen: 24
37.218.242.0/24 maxlen: 24
37.218.243.0/24 maxlen: 24
37.218.245.0/24 maxlen: 24
37.218.246.0/24 maxlen: 24
37.218.247.0/24 maxlen: 24
185.88.140.0/22 maxlen: 24
185.200.104.0/22 maxlen: 24
185.200.104.0/24 maxlen: 24
185.200.106.0/24 maxlen: 24
185.200.107.0/24 maxlen: 24
193.29.139.0/24 maxlen: 24
195.190.28.0/24 maxlen: 24
213.108.104.0/21 maxlen: 24
2a00:c6c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:89:ba:a0:ba:0e:f0:f1:74:1e:21:2a:b7:ee:ad:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Apr 4 05:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d058a0a5df57a110096cdc3b9eeb2ecb6d007751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:42:9e:ed:c6:26:75:a3:15:b9:a9:e4:1d:
aa:2a:1a:ab:a6:e3:b9:be:6b:c9:d3:42:65:c2:c3:
7d:6a:87:d4:ae:55:f7:b2:8f:b9:13:3c:d2:eb:a3:
87:cf:bf:9b:e3:93:92:53:d6:f2:ea:ed:96:8f:9e:
d9:07:77:4e:ad:4b:81:6f:19:e9:f7:ca:be:aa:e0:
3a:ae:12:f1:d9:8b:ec:c5:7d:dd:99:59:2d:99:af:
b2:dc:d9:f8:11:17:22:8f:75:07:d4:f2:42:1a:be:
c9:51:f5:6c:45:f2:28:32:94:90:29:05:93:c8:a2:
eb:ab:58:c0:54:ac:c4:5e:9f:ed:8e:ea:59:43:c8:
64:76:20:31:b6:bd:52:74:01:4b:06:bf:89:27:02:
ea:94:0e:d0:28:eb:ac:36:a1:31:0d:8c:18:ed:45:
b0:e6:49:d9:c4:05:87:b9:57:60:aa:7f:f4:66:de:
55:df:b5:7f:93:75:0e:e4:e0:4d:7a:a2:51:c8:e2:
4f:79:26:5c:03:b8:c9:46:21:f2:ee:2c:fa:dc:ce:
fe:23:07:34:38:bc:4a:8a:2d:90:f8:07:2a:04:5d:
e5:88:7f:a2:df:6f:f5:7b:0f:34:b2:3d:f3:3e:ed:
04:f1:19:d2:c7:8e:71:39:68:56:1e:03:51:67:ba:
17:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:58:A0:A5:DF:57:A1:10:09:6C:DC:3B:9E:EB:2E:CB:6D:00:77:51
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/0Figpd9XoRAJbNw7nusuy20Ad1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.240.0/21
185.88.140.0/22
185.200.104.0/22
193.29.139.0/24
195.190.28.0/24
213.108.104.0/21
IPv6:
2a00:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
16:b5:06:f7:b3:9c:71:44:37:26:bc:72:6e:34:41:60:07:39:
16:24:38:30:ae:54:21:d6:ee:31:b7:3e:8e:1f:c5:e4:ec:42:
8f:0e:3f:b7:92:6a:c0:28:d1:ff:bc:a0:f1:5f:45:66:6b:90:
2a:8c:fb:57:18:17:98:2e:95:a1:56:0b:1c:99:b6:b9:4c:c8:
42:e2:26:cb:a2:d5:1d:0d:3b:d6:03:9b:9e:48:2b:91:f2:d2:
f4:17:8d:18:fa:62:62:88:98:d1:2d:df:eb:4b:ab:dd:1f:9f:
70:a7:d8:5e:48:f8:92:3e:eb:49:a7:29:7a:b4:08:ba:0d:64:
22:58:02:2b:31:02:00:72:e6:03:27:82:15:d5:fe:e2:6a:40:
40:6a:64:d2:1a:f7:45:5b:33:0f:a6:10:4c:64:13:93:ae:4c:
d6:45:9f:29:66:98:20:52:98:b7:a8:fd:7a:53:0e:f5:53:31:
15:e9:ff:85:22:0c:13:24:6b:8c:3f:5f:8e:84:9b:cb:72:ea:
8d:a9:df:51:4f:ed:51:c0:62:bd:c1:82:85:d9:7e:41:50:45:
33:6a:59:f7:38:75:74:0d:84:68:cc:2b:39:c6:de:1f:aa:10:
a0:ea:5d:33:a2:3d:6b:36:29:fc:42:1c:df:93:c6:24:e7:fd:
4e:b8:7f:ca
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY6nibqgug7w8XQeISq37q2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjQwNDA0MDUxNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU4YTBhNWRmNTdhMTEwMDk2Y2RjM2I5ZWViMmVjYjZkMDA3NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2VCnu3GJnWjFbmp5B2qKhqrpuO5
vmvJ00JlwsN9aofUrlX3so+5EzzS66OHz7+b45OSU9by6u2Wj57ZB3dOrUuBbxnp
98q+quA6rhLx2YvsxX3dmVktma+y3Nn4ERcij3UH1PJCGr7JUfVsRfIoMpSQKQWT
yKLrq1jAVKzEXp/tjupZQ8hkdiAxtr1SdAFLBr+JJwLqlA7QKOusNqExDYwY7UWw
5knZxAWHuVdgqn/0Zt5V37V/k3UO5OBNeqJRyOJPeSZcA7jJRiHy7iz63M7+Iwc0
OLxKii2Q+AcqBF3liH+i32/1ew80sj3zPu0E8RnSx45xOWhWHgNRZ7oXyQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNBYoKXfV6EQCWzcO57rLsttAHdRMB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvMEZpZ3BkOVhvUkFKYk53N251c3V5MjBBZDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDJdrwAwQC
uViMAwQCuchoAwQAwR2LAwQAw74cAwQD1WxoMA8EAgACMAkDBwAqAMbAAAAwDQYJ
KoZIhvcNAQELBQADggEBABa1BveznHFENya8cm40QWAHORYkODCuVCHW7jG3Po4f
xeTsQo8OP7eSasAo0f+8oPFfRWZrkCqM+1cYF5gulaFWCxyZtrlMyELiJsui1R0N
O9YDm55IK5Hy0vQXjRj6YmKImNEt3+tLq90fn3Cn2F5I+JI+60mnKXq0CLoNZCJY
AisxAgBy5gMnghXV/uJqQEBqZNIa90VbMw+mEExkE5OuTNZFnylmmCBSmLeo/XpT
DvVTMRXp/4UiDBMka4w/X46Em8ty6o2p31FP7VHAYr3BgoXZfkFQRTNqWfc4dXQN
hGjMKznG3h+qEKDqXTOiPWs2KfxCHN+TxiTn/U64f8o=
-----END CERTIFICATE-----
Generated at Sun May 12 04:26:56 2024 by rpki-client on console-ams.rpki-client.org