Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/nrhTqG25YUU6xsAK8Z5GsgtqrGA.roa
File: nrhTqG25YUU6xsAK8Z5GsgtqrGA.roa (raw, json)
Hash identifier: cFPI+6+Oe1PQq9q+uUpOpUBFtvwk0UZ+3ljl5wiaXx8=
Subject key identifier: 9E:B8:53:A8:6D:B9:61:45:3A:C6:C0:0A:F1:9E:46:B2:0B:6A:AC:60
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 01924236ED379BE226BE39486584B837B1C2
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/nrhTqG25YUU6xsAK8Z5GsgtqrGA.roa
Signing time: Mon 30 Sep 2024 09:15:48 +0000
ROA not before: Mon 30 Sep 2024 09:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198770
IP address blocks: 37.18.74.0/24 maxlen: 24
37.18.75.0/24 maxlen: 24
37.18.76.0/24 maxlen: 24
37.18.77.0/24 maxlen: 24
37.230.152.0/24 maxlen: 24
37.230.153.0/24 maxlen: 24
37.230.154.0/24 maxlen: 24
37.230.155.0/24 maxlen: 24
37.230.248.0/24 maxlen: 24
62.113.60.0/24 maxlen: 24
62.113.61.0/24 maxlen: 24
62.113.62.0/24 maxlen: 24
62.113.63.0/24 maxlen: 24
85.92.116.0/24 maxlen: 24
85.92.117.0/24 maxlen: 24
85.92.118.0/24 maxlen: 24
128.0.66.0/24 maxlen: 24
128.0.67.0/24 maxlen: 24
141.101.204.0/24 maxlen: 24
141.101.228.0/24 maxlen: 24
141.101.231.0/24 maxlen: 24
178.170.225.0/24 maxlen: 24
2a0d:b1c0:c0::/44 maxlen: 44
2a0d:b1c0:d0::/44 maxlen: 44
2a0d:b1c0:500::/44 maxlen: 48
2a0d:b1c0:aaaa::/48 maxlen: 48
2a0d:b1c0:abc0::/44 maxlen: 44
2a0d:b1c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:36:ed:37:9b:e2:26:be:39:48:65:84:b8:37:b1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Sep 30 09:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eb853a86db961453ac6c00af19e46b20b6aac60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fb:ab:a9:f9:71:14:78:6d:a5:c7:d9:30:ec:
f4:13:fa:43:1d:3c:6c:b0:6c:a8:9a:3d:ef:47:47:
96:03:24:fc:5d:48:3c:85:82:72:ba:c5:ba:dd:74:
49:6b:6a:11:6f:28:05:24:17:b7:57:cd:5f:b3:29:
0b:9d:02:b1:31:3d:2a:38:ad:00:44:f8:d9:fa:51:
41:f1:54:45:ff:aa:2c:5c:4f:b9:85:d6:20:7e:3d:
81:77:2c:4a:fc:9d:5e:a0:c0:2f:8a:df:6e:2c:06:
41:d7:39:c0:7b:12:57:3d:1b:60:92:26:95:b7:a7:
e2:e9:dc:0a:6f:2a:3c:d7:82:d2:f6:ca:52:b2:ab:
d1:ba:db:08:1b:6a:d9:eb:1e:61:4f:b6:e7:51:35:
5d:c4:df:f0:43:54:f1:44:f4:e6:9d:99:b9:e2:28:
43:ec:27:1c:22:4b:80:7a:e2:09:80:2a:60:8f:82:
5b:5d:d8:f1:83:04:d0:87:0b:f0:d4:52:b7:6c:eb:
f5:cc:ee:ac:e7:f8:b6:6f:48:19:8e:fa:fb:87:d1:
04:c9:db:9e:3e:de:2b:a5:f4:0d:62:26:ac:de:ed:
c3:85:29:ac:d4:63:0b:6c:c0:9f:38:d7:6f:31:6f:
98:48:7e:01:60:58:d3:f4:a9:62:d7:88:3e:c8:1a:
26:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B8:53:A8:6D:B9:61:45:3A:C6:C0:0A:F1:9E:46:B2:0B:6A:AC:60
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/nrhTqG25YUU6xsAK8Z5GsgtqrGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.74.0-37.18.77.255
37.230.152.0/22
37.230.248.0/24
62.113.60.0/22
85.92.116.0-85.92.118.255
128.0.66.0/23
141.101.204.0/24
141.101.228.0/24
141.101.231.0/24
178.170.225.0/24
IPv6:
2a0d:b1c0:c0::/43
2a0d:b1c0:500::/44
2a0d:b1c0:aaaa::/48
2a0d:b1c0:abc0::/44
2a0d:b1c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
5e:1d:55:65:de:7b:4d:87:dc:5e:c8:d8:70:dd:c7:1a:27:72:
31:e4:9e:d1:be:54:4b:7a:32:c6:08:48:5d:d8:19:9d:08:fc:
8f:75:14:88:5e:f2:32:6b:26:37:c4:6e:ff:c9:a1:79:ed:c5:
dc:d3:27:17:91:d3:23:20:6a:9b:d5:c6:04:a2:e4:c6:40:85:
bb:19:61:3a:f3:fa:c2:50:18:3d:09:77:0e:9a:3d:eb:00:03:
22:07:97:0c:67:b5:55:b0:d9:85:c4:a5:5c:dc:d4:56:f8:2e:
11:8c:eb:9f:5e:59:fc:1f:71:4b:fc:94:eb:2c:38:82:d2:c3:
78:73:1f:fd:1c:da:4b:19:76:0f:b8:be:ed:68:0c:5b:97:62:
53:57:9d:9c:64:a2:bb:51:86:9e:40:ef:f7:44:2e:98:75:d7:
db:a1:c8:24:f7:5c:63:da:7b:69:09:d9:36:ae:76:02:dd:90:
93:50:70:f2:36:9f:e8:c4:33:e0:7d:22:52:f4:10:14:00:a8:
5f:4c:09:c2:e9:a4:30:ff:68:d1:83:59:e1:fa:0b:7a:bc:2d:
f4:05:5b:85:34:9d:da:65:ce:e8:98:c5:f3:13:ed:f4:65:46:
4f:34:a9:b8:62:6c:4b:e6:83:5b:33:8f:24:e8:5d:a6:b6:28:
75:9a:1a:33
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZJCNu03m+ImvjlIZYS4N7HCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjQwOTMwMDkxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWI4NTNhODZkYjk2MTQ1M2FjNmMwMGFmMTllNDZiMjBiNmFhYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/urqflxFHhtpcfZMOz0E/pDHTxs
sGyomj3vR0eWAyT8XUg8hYJyusW63XRJa2oRbygFJBe3V81fsykLnQKxMT0qOK0A
RPjZ+lFB8VRF/6osXE+5hdYgfj2BdyxK/J1eoMAvit9uLAZB1znAexJXPRtgkiaV
t6fi6dwKbyo814LS9spSsqvRutsIG2rZ6x5hT7bnUTVdxN/wQ1TxRPTmnZm54ihD
7CccIkuAeuIJgCpgj4JbXdjxgwTQhwvw1FK3bOv1zO6s5/i2b0gZjvr7h9EEydue
Pt4rpfQNYias3u3DhSms1GMLbMCfONdvMW+YSH4BYFjT9Kli14g+yBomvwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJ64U6htuWFFOsbACvGeRrILaqxgMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvbnJoVHFHMjVZVVU2eHNBSzhaNUdzZ3RxckdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBSBAIAATBMMAwDBAEl
EkoDBAElEkwDBAIl5pgDBAAl5vgDBAI+cTwwDAMEAlVcdAMEAFVcdgMEAYAAQgME
AI1lzAMEAI1l5AMEAI1l5wMEALKq4TAzBAIAAjAtAwcFKg2xwADAAwcEKg2xwAUA
AwcAKg2xwKqqAwcEKg2xwKvAAwcAKg2xwP//MA0GCSqGSIb3DQEBCwUAA4IBAQBe
HVVl3ntNh9xeyNhw3ccaJ3Ix5J7RvlRLejLGCEhd2BmdCPyPdRSIXvIyayY3xG7/
yaF57cXc0ycXkdMjIGqb1cYEouTGQIW7GWE68/rCUBg9CXcOmj3rAAMiB5cMZ7VV
sNmFxKVc3NRW+C4RjOufXln8H3FL/JTrLDiC0sN4cx/9HNpLGXYPuL7taAxbl2JT
V52cZKK7UYaeQO/3RC6Yddfbocgk91xj2ntpCdk2rnYC3ZCTUHDyNp/oxDPgfSJS
9BAUAKhfTAnC6aQw/2jRg1nh+gt6vC30BVuFNJ3aZc7omMXzE+30ZUZPNKm4YmxL
5oNbM48k6F2mtih1mhoz
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:00:16 2024 by rpki-client on console-fra.rpki-client.org