Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/4Uq3VtO-mxySdJn2WGTOIsxqANQ.roa
File: 4Uq3VtO-mxySdJn2WGTOIsxqANQ.roa (raw, json)
Hash identifier: AKHnus5zRe6jC+0qwi6gd1X43zoWRPCQPnhLKHKGrKg=
Subject key identifier: E1:4A:B7:56:D3:BE:9B:1C:92:74:99:F6:58:64:CE:22:CC:6A:00:D4
Certificate issuer: /CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Certificate serial: 018CC94AB18EE09EC179CCF741B3786BF6D1
Authority key identifier: E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/4Uq3VtO-mxySdJn2WGTOIsxqANQ.roa
Signing time: Tue 02 Jan 2024 08:29:24 +0000
ROA not before: Tue 02 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51324
IP address blocks: 185.37.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/45Dy7gpwvK7-AZWj2LN300KXqUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/45Dy7gpwvK7-AZWj2LN300KXqUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b1:8e:e0:9e:c1:79:cc:f7:41:b3:78:6b:f6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e390f2ee0a70bcaefe0195a3d8b377d34297a943
Validity
Not Before: Jan 2 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e14ab756d3be9b1c927499f65864ce22cc6a00d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:03:b1:1b:e4:8e:89:ee:70:5b:63:a5:70:ee:
42:04:67:49:70:a7:8d:55:3c:59:c7:f1:34:b0:21:
72:ac:19:b6:82:40:c0:b9:3f:15:95:7a:83:6f:8f:
0e:5a:50:26:43:e2:92:2b:dc:ab:7c:31:5b:2a:30:
62:3c:37:c8:b6:b3:67:5b:9a:48:ca:70:08:96:ab:
d3:4e:3c:90:b7:48:8b:9e:cd:dc:07:83:28:04:e0:
6e:23:6e:93:ac:98:ef:55:9d:ec:ce:88:0d:e0:8a:
b4:88:16:af:5f:83:df:6a:ed:50:c3:80:aa:3c:1b:
78:2c:e7:db:f3:06:07:e6:4d:bd:fb:18:61:21:75:
43:bd:59:22:49:31:8f:2d:4e:d2:61:76:df:85:da:
fc:1c:6a:54:02:dc:e1:f5:a4:83:6e:64:8e:f5:01:
0b:47:88:de:33:bc:43:1b:65:fa:dd:b2:df:ce:37:
79:aa:91:d6:14:7d:29:1b:6f:4b:15:71:f9:20:45:
e1:76:e0:c9:8f:04:9e:fa:22:b4:7d:48:d1:d1:ea:
c5:b1:d6:ee:66:a5:47:0a:1a:47:5d:e5:17:1a:1c:
a8:ba:77:a1:55:8e:6c:01:21:3a:49:78:8d:c1:0e:
fa:a6:e5:cf:6f:4b:0f:7f:23:40:47:25:0f:a4:e8:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4A:B7:56:D3:BE:9B:1C:92:74:99:F6:58:64:CE:22:CC:6A:00:D4
X509v3 Authority Key Identifier:
keyid:E3:90:F2:EE:0A:70:BC:AE:FE:01:95:A3:D8:B3:77:D3:42:97:A9:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/45Dy7gpwvK7-AZWj2LN300KXqUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/4Uq3VtO-mxySdJn2WGTOIsxqANQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a604cf-1947-4b12-9a6b-3eb9134ec79d/1/45Dy7gpwvK7-AZWj2LN300KXqUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.152.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:07:9d:a1:a9:68:35:08:39:4f:dd:c1:12:15:8b:a5:1e:b1:
8c:7e:63:39:94:39:e2:da:dc:f0:a1:cd:c7:aa:43:70:be:b2:
a4:82:45:68:6f:91:65:6d:72:97:9b:c1:d0:67:e3:0d:23:8e:
4a:86:88:3d:d5:22:96:5b:08:44:4c:51:5a:22:c6:f2:77:b0:
af:07:05:52:3f:98:f1:94:8e:56:c8:01:8d:fb:68:e6:bd:9b:
c5:86:00:7b:53:75:66:7b:84:3e:7f:e6:bf:cd:8e:d9:4f:0e:
a3:3d:65:5c:e5:f0:b6:23:ba:2d:ba:d7:91:b1:e5:8d:7d:61:
a9:cf:c6:6d:c2:01:1b:86:de:e2:8c:e3:1d:ca:20:47:f7:eb:
80:d9:78:ee:c6:04:00:d9:76:3d:c7:f7:81:15:88:9b:63:b1:
f7:10:fe:0e:bc:4d:9c:57:5c:da:a0:14:90:5c:ae:1a:f7:ba:
a4:5d:2e:60:9c:c8:58:f8:75:bf:54:4d:67:ec:b7:80:20:d8:
cb:85:60:47:5c:7d:f2:2f:35:46:fe:0c:23:0b:2b:02:a2:e7:
21:20:63:98:5c:59:ac:ef:4b:b0:0c:22:87:8f:39:d2:16:ae:
e0:48:e3:65:4f:c8:96:00:bf:84:63:0f:85:b3:ff:ab:fd:48:
c9:db:f9:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSrGO4J7Becz3QbN4a/bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOTBmMmVlMGE3MGJjYWVmZTAxOTVhM2Q4YjM3N2QzNDI5
N2E5NDMwHhcNMjQwMTAyMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTRhYjc1NmQzYmU5YjFjOTI3NDk5ZjY1ODY0Y2UyMmNjNmEwMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gOxG+SOie5wW2OlcO5CBGdJcKeN
VTxZx/E0sCFyrBm2gkDAuT8VlXqDb48OWlAmQ+KSK9yrfDFbKjBiPDfItrNnW5pI
ynAIlqvTTjyQt0iLns3cB4MoBOBuI26TrJjvVZ3szogN4Iq0iBavX4Pfau1Qw4Cq
PBt4LOfb8wYH5k29+xhhIXVDvVkiSTGPLU7SYXbfhdr8HGpUAtzh9aSDbmSO9QEL
R4jeM7xDG2X63bLfzjd5qpHWFH0pG29LFXH5IEXhduDJjwSe+iK0fUjR0erFsdbu
ZqVHChpHXeUXGhyounehVY5sASE6SXiNwQ76puXPb0sPfyNARyUPpOizeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFKt1bTvpscknSZ9lhkziLMagDUMB8GA1UdIwQY
MBaAFOOQ8u4KcLyu/gGVo9izd9NCl6lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmIt
M2ViOTEzNGVjNzlkLzEvNFVxM1Z0Ty1teHlTZEpuMldHVE9Jc3hxQU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9hNjA0Y2YtMTk0Ny00YjEyLTlhNmItM2ViOTEzNGVjNzlk
LzEvNDVEeTdncHd2SzctQVpXajJMTjMwMEtYcVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSWYMA0G
CSqGSIb3DQEBCwUAA4IBAQBeB52hqWg1CDlP3cESFYulHrGMfmM5lDni2tzwoc3H
qkNwvrKkgkVob5FlbXKXm8HQZ+MNI45Khog91SKWWwhETFFaIsbyd7CvBwVSP5jx
lI5WyAGN+2jmvZvFhgB7U3Vme4Q+f+a/zY7ZTw6jPWVc5fC2I7otuteRseWNfWGp
z8ZtwgEbht7ijOMdyiBH9+uA2XjuxgQA2XY9x/eBFYibY7H3EP4OvE2cV1zaoBSQ
XK4a97qkXS5gnMhY+HW/VE1n7LeAINjLhWBHXH3yLzVG/gwjCysCouchIGOYXFms
70uwDCKHjznSFq7gSONlT8iWAL+EYw+Fs/+r/UjJ2/kv
-----END CERTIFICATE-----
Generated at Tue May 28 13:52:37 2024 by rpki-client on console-ams.rpki-client.org