Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/AqmhTMhYX1IC2o8Hrxnbe1BqDnM.roa
File: AqmhTMhYX1IC2o8Hrxnbe1BqDnM.roa (raw, json)
Hash identifier: qD+8u9c2T3V004pnO+CwWaYty7xXRGpTPV8uEjLGQwc=
Subject key identifier: 02:A9:A1:4C:C8:58:5F:52:02:DA:8F:07:AF:19:DB:7B:50:6A:0E:73
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 01935AD41A46E6209DC2ACC3C80333D3CB23
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/AqmhTMhYX1IC2o8Hrxnbe1BqDnM.roa
Signing time: Sat 23 Nov 2024 21:01:09 +0000
ROA not before: Sat 23 Nov 2024 21:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57172
IP address blocks: 37.123.208.0/23 maxlen: 23
37.123.208.0/24 maxlen: 24
109.202.96.0/21 maxlen: 21
109.202.96.0/24 maxlen: 24
109.202.97.0/24 maxlen: 24
109.232.224.0/21 maxlen: 21
109.232.226.0/24 maxlen: 24
188.95.48.0/21 maxlen: 21
188.95.50.0/24 maxlen: 24
188.95.54.0/24 maxlen: 24
188.95.55.0/24 maxlen: 24
213.152.160.0/19 maxlen: 19
213.152.182.0/24 maxlen: 24
2a00:1678::/32 maxlen: 32
2a00:1678:be1::/48 maxlen: 48
2a00:1678:be2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5a:d4:1a:46:e6:20:9d:c2:ac:c3:c8:03:33:d3:cb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Nov 23 21:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a9a14cc8585f5202da8f07af19db7b506a0e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:f3:c2:77:09:76:4a:d7:31:2d:73:77:18:
eb:6b:08:ed:e5:85:27:e0:06:b3:25:75:11:43:6f:
00:2f:b1:a7:fd:fc:89:38:72:a5:36:93:27:7c:cf:
fc:95:7c:dd:a8:dd:7c:31:a6:55:fc:2f:d3:0c:18:
7a:ed:73:df:d4:cf:12:87:77:e9:c6:f5:27:50:1f:
e5:fb:01:7e:ce:f6:a8:96:79:a1:1a:76:2a:9a:40:
4d:de:a8:c2:e3:92:f4:b9:90:7c:2a:a7:49:14:4a:
d9:de:2e:a7:30:5b:19:7b:58:2f:9f:8b:d7:c8:00:
09:50:66:d6:9d:86:94:1b:37:17:7c:66:64:4a:00:
00:e2:cb:25:9b:8e:5a:2a:2d:43:ed:d9:6b:b9:ba:
79:5e:de:17:26:5a:94:ce:f4:42:96:41:ea:dd:82:
ba:6c:46:4c:30:a3:5d:b4:65:d0:5c:e0:9a:2a:8c:
7f:78:8c:c8:51:9a:a4:9f:2f:9b:53:c1:c9:82:62:
c0:ac:69:99:a2:22:61:aa:b9:f1:1a:05:15:42:b5:
1c:ea:56:0f:fe:bd:99:7b:24:ee:41:3b:26:8b:b3:
81:d1:4e:ff:bd:ec:06:87:b7:82:b6:cc:e8:7c:15:
eb:e6:65:e7:b3:d6:58:d7:ac:2e:25:7f:dd:88:49:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A9:A1:4C:C8:58:5F:52:02:DA:8F:07:AF:19:DB:7B:50:6A:0E:73
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/AqmhTMhYX1IC2o8Hrxnbe1BqDnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.208.0/23
109.202.96.0/21
109.232.224.0/21
188.95.48.0/21
213.152.160.0/19
IPv6:
2a00:1678::/32
Signature Algorithm: sha256WithRSAEncryption
6d:52:28:6d:2e:dd:29:91:14:42:d6:ad:21:40:8d:16:55:86:
0b:a7:62:cc:b7:a6:95:cd:0a:03:b9:d7:73:b0:cf:89:0c:2c:
0d:06:49:7d:a7:08:33:cc:86:45:61:69:8d:76:2e:09:71:ce:
0b:30:d1:dc:c1:46:b0:7a:37:82:37:44:30:d7:a0:1d:f8:4b:
c6:6e:2f:b1:57:19:02:47:c7:21:40:bf:1a:d5:ac:2a:a8:23:
3a:2c:25:18:33:50:4b:c1:a4:c1:c3:4a:31:24:8f:5a:63:0d:
cf:a8:dd:4a:5d:bd:c5:35:31:ba:8c:82:b5:60:3a:4c:78:7e:
a0:1d:d7:55:14:a0:86:43:df:2f:91:64:ca:9c:e2:f3:0d:73:
26:ba:b0:48:d0:64:e8:cb:33:8b:91:32:b8:ef:d1:fb:cb:32:
90:5a:73:3c:92:71:60:fd:d8:aa:d8:d5:d4:ec:02:6e:d7:f9:
1f:94:7d:9d:52:c2:e3:83:e2:b5:58:39:dd:80:be:e2:01:5f:
0b:58:73:c1:e5:c8:a4:1f:83:9c:2a:77:6c:4d:88:11:ed:aa:
18:0f:f6:0e:59:54:24:fa:25:bd:b2:e5:d5:84:c1:0a:d5:c3:
59:4e:72:b6:35:64:1b:21:31:cb:1e:b6:34:ae:9a:1e:d1:a4:
66:a8:9a:9d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNa1BpG5iCdwqzDyAMz08sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjQxMTIzMjEwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE5YTE0Y2M4NTg1ZjUyMDJkYThmMDdhZjE5ZGI3YjUwNmEwZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWnzwncJdkrXMS1zdxjrawjt5YUn
4AazJXURQ28AL7Gn/fyJOHKlNpMnfM/8lXzdqN18MaZV/C/TDBh67XPf1M8Sh3fp
xvUnUB/l+wF+zvaolnmhGnYqmkBN3qjC45L0uZB8KqdJFErZ3i6nMFsZe1gvn4vX
yAAJUGbWnYaUGzcXfGZkSgAA4sslm45aKi1D7dlrubp5Xt4XJlqUzvRClkHq3YK6
bEZMMKNdtGXQXOCaKox/eIzIUZqkny+bU8HJgmLArGmZoiJhqrnxGgUVQrUc6lYP
/r2ZeyTuQTsmi7OB0U7/vewGh7eCtszofBXr5mXns9ZY16wuJX/diElI3QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAKpoUzIWF9SAtqPB68Z23tQag5zMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvQXFtaFRNaFlYMUlDMm84SHJ4bmJlMUJxRG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBJXvQAwQD
bcpgAwQDbejgAwQDvF8wAwQF1ZigMA0EAgACMAcDBQAqABZ4MA0GCSqGSIb3DQEB
CwUAA4IBAQBtUihtLt0pkRRC1q0hQI0WVYYLp2LMt6aVzQoDuddzsM+JDCwNBkl9
pwgzzIZFYWmNdi4Jcc4LMNHcwUawejeCN0Qw16Ad+EvGbi+xVxkCR8chQL8a1awq
qCM6LCUYM1BLwaTBw0oxJI9aYw3PqN1KXb3FNTG6jIK1YDpMeH6gHddVFKCGQ98v
kWTKnOLzDXMmurBI0GToyzOLkTK479H7yzKQWnM8knFg/diq2NXU7AJu1/kflH2d
UsLjg+K1WDndgL7iAV8LWHPB5cikH4OcKndsTYgR7aoYD/YOWVQk+iW9suXVhMEK
1cNZTnK2NWQbITHLHrY0rpoe0aRmqJqd
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:55:18 2024 by rpki-client on console-ams.rpki-client.org