Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/ctw9YLzgRXMYSy67z80tOpXR-ZE.roa
File: ctw9YLzgRXMYSy67z80tOpXR-ZE.roa (raw, json)
Hash identifier: l7R3Okhlrh6EG/2/SZJd3elBbTyC4ZZbayDt5+8WIUU=
Subject key identifier: 72:DC:3D:60:BC:E0:45:73:18:4B:2E:BB:CF:CD:2D:3A:95:D1:F9:91
Certificate issuer: /CN=f39f96c20e10f76f03ed47815b7a6a5efdbe03d5
Certificate serial: 018CC424AAD75593AEE7CE9A4B2E3F92EB0C
Authority key identifier: F3:9F:96:C2:0E:10:F7:6F:03:ED:47:81:5B:7A:6A:5E:FD:BE:03:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/85-Wwg4Q928D7UeBW3pqXv2-A9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/ctw9YLzgRXMYSy67z80tOpXR-ZE.roa
Signing time: Mon 01 Jan 2024 08:29:46 +0000
ROA not before: Mon 01 Jan 2024 08:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49158
IP address blocks: 37.60.64.0/19 maxlen: 19
37.60.64.0/18 maxlen: 18
37.60.96.0/19 maxlen: 19
2a00:5bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/85-Wwg4Q928D7UeBW3pqXv2-A9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/85-Wwg4Q928D7UeBW3pqXv2-A9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/85-Wwg4Q928D7UeBW3pqXv2-A9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:aa:d7:55:93:ae:e7:ce:9a:4b:2e:3f:92:eb:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f39f96c20e10f76f03ed47815b7a6a5efdbe03d5
Validity
Not Before: Jan 1 08:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72dc3d60bce04573184b2ebbcfcd2d3a95d1f991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:3f:eb:41:b2:8a:3f:75:3f:72:cb:f3:cb:
7c:0d:18:c5:26:9d:43:4e:4d:46:ca:60:b8:c3:dc:
48:10:b8:00:ce:bd:7c:56:37:8f:d6:4e:ca:89:d9:
55:9b:ff:de:bf:7c:3c:e3:84:48:64:c5:22:3c:50:
b3:d8:00:9a:f9:f7:9a:35:1d:b3:bc:c9:0a:a9:f7:
4c:03:47:ac:f3:fa:cb:98:cf:ab:1b:e7:40:a7:4c:
d5:b4:ca:da:81:08:ea:5e:f0:18:5f:d1:23:55:d9:
6b:6c:47:b9:3e:eb:22:38:20:16:cb:f9:28:c7:e9:
af:8e:65:c6:96:29:d0:fb:4f:80:99:77:f3:42:73:
e3:76:38:6a:6a:ce:cd:41:6f:f1:39:f3:6b:bd:21:
f0:c3:75:8f:17:dc:1a:82:b7:db:5f:8b:68:35:1d:
54:7d:7e:7b:19:5d:95:7a:d5:4b:7b:97:9a:5a:cf:
b8:2d:02:8c:2e:2e:a9:c9:13:8f:20:8b:7d:db:25:
4b:13:13:a9:fc:b8:26:45:81:01:10:4f:61:10:a4:
7e:90:f0:db:dd:e6:d9:45:cc:01:ac:05:6a:3c:76:
8d:d2:54:7a:f7:8e:29:d9:f9:55:59:1c:f0:25:a0:
b3:77:c5:ec:be:fa:1a:dd:e2:10:a6:ba:ba:c3:56:
bc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DC:3D:60:BC:E0:45:73:18:4B:2E:BB:CF:CD:2D:3A:95:D1:F9:91
X509v3 Authority Key Identifier:
keyid:F3:9F:96:C2:0E:10:F7:6F:03:ED:47:81:5B:7A:6A:5E:FD:BE:03:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/85-Wwg4Q928D7UeBW3pqXv2-A9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/ctw9YLzgRXMYSy67z80tOpXR-ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/85-Wwg4Q928D7UeBW3pqXv2-A9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.64.0/18
IPv6:
2a00:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:11:58:2c:dd:29:7c:1a:af:e2:e6:2f:38:9e:79:43:26:00:
7c:1d:de:f7:2b:56:ba:92:62:20:3b:d0:bc:e9:bc:a5:62:32:
36:50:45:ff:71:6e:3b:26:4f:e5:d0:38:1c:81:fa:90:38:27:
d3:26:9c:1e:78:54:03:3a:56:93:e7:f4:45:bc:01:d6:f1:96:
25:bb:15:5c:7f:39:4c:a5:ce:47:d4:61:74:3f:53:7c:a2:89:
83:05:ba:7f:e9:26:ba:bc:e0:e1:5b:69:30:05:d6:c2:ef:62:
72:38:be:fd:92:ac:a2:2d:da:6d:cd:87:79:ea:24:a8:61:0e:
79:e2:e8:53:28:ad:45:57:2b:95:7a:f1:a0:2c:b1:96:b8:97:
91:99:00:c0:e6:97:36:d1:51:75:c6:69:be:16:bf:a8:05:0f:
27:03:74:4b:1a:23:a5:d3:a0:d7:eb:32:50:70:bf:d9:14:3e:
f9:c4:11:ea:e2:85:d5:37:d9:83:6d:5f:7e:6d:1e:67:f3:81:
f6:04:96:e0:0f:4b:93:cc:88:ae:5c:15:f3:88:65:b9:1f:07:
3a:e2:a9:aa:95:6f:af:58:ae:0c:01:b5:c9:64:80:e4:e1:cc:
76:d4:85:1a:cd:7e:49:eb:b9:47:eb:9b:2c:d5:c2:31:5c:99:
92:04:83:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJKrXVZOu586aSy4/kusMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOWY5NmMyMGUxMGY3NmYwM2VkNDc4MTViN2E2YTVlZmRi
ZTAzZDUwHhcNMjQwMTAxMDgyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRjM2Q2MGJjZTA0NTczMTg0YjJlYmJjZmNkMmQzYTk1ZDFmOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocQ/60Gyij91P3LL88t8DRjFJp1D
Tk1GymC4w9xIELgAzr18VjeP1k7KidlVm//ev3w844RIZMUiPFCz2ACa+feaNR2z
vMkKqfdMA0es8/rLmM+rG+dAp0zVtMragQjqXvAYX9EjVdlrbEe5PusiOCAWy/ko
x+mvjmXGlinQ+0+AmXfzQnPjdjhqas7NQW/xOfNrvSHww3WPF9wagrfbX4toNR1U
fX57GV2VetVLe5eaWs+4LQKMLi6pyROPIIt92yVLExOp/LgmRYEBEE9hEKR+kPDb
3ebZRcwBrAVqPHaN0lR6944p2flVWRzwJaCzd8Xsvvoa3eIQprq6w1a8SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHLcPWC84EVzGEsuu8/NLTqV0fmRMB8GA1UdIwQY
MBaAFPOflsIOEPdvA+1HgVt6al79vgPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODUtV3dnNFE5MjhEN1VlQlczcHFYdjItQTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8wYjQ1ZTktM2Y0YS00YmQ4LWJhYjkt
ZmI5MDgxYTE2MTM5LzEvY3R3OVlMemdSWE1ZU3k2N3o4MHRPcFhSLVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8wYjQ1ZTktM2Y0YS00YmQ4LWJhYjktZmI5MDgxYTE2MTM5
LzEvODUtV3dnNFE5MjhEN1VlQlczcHFYdjItQTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGJTxAMA0E
AgACMAcDBQAqAFvAMA0GCSqGSIb3DQEBCwUAA4IBAQAtEVgs3Sl8Gq/i5i84nnlD
JgB8Hd73K1a6kmIgO9C86bylYjI2UEX/cW47Jk/l0DgcgfqQOCfTJpweeFQDOlaT
5/RFvAHW8ZYluxVcfzlMpc5H1GF0P1N8oomDBbp/6Sa6vODhW2kwBdbC72JyOL79
kqyiLdptzYd56iSoYQ554uhTKK1FVyuVevGgLLGWuJeRmQDA5pc20VF1xmm+Fr+o
BQ8nA3RLGiOl06DX6zJQcL/ZFD75xBHq4oXVN9mDbV9+bR5n84H2BJbgD0uTzIiu
XBXziGW5Hwc64qmqlW+vWK4MAbXJZIDk4cx21IUazX5J67lH65ss1cIxXJmSBIMP
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:17 2024 by rpki-client on console-ams.rpki-client.org