Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AAMVr-H7Mm5c8-bzmqTbDJ5iVPE.roa
File: AAMVr-H7Mm5c8-bzmqTbDJ5iVPE.roa (raw, json)
Hash identifier: 9WEVzlj+5cdd16YQlP9iNb7K7JjFv02yDTr1Oz8GDCk=
Subject key identifier: 00:03:15:AF:E1:FB:32:6E:5C:F3:E6:F3:9A:A4:DB:0C:9E:62:54:F1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01907923AA4FB8401A59D30A946906B152DD
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AAMVr-H7Mm5c8-bzmqTbDJ5iVPE.roa
Signing time: Wed 03 Jul 2024 15:08:18 +0000
ROA not before: Wed 03 Jul 2024 15:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 23
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:79:23:aa:4f:b8:40:1a:59:d3:0a:94:69:06:b1:52:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jul 3 15:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=000315afe1fb326e5cf3e6f39aa4db0c9e6254f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e3:89:1d:f2:1c:18:1e:36:ce:5c:00:56:61:
2c:58:ea:fc:fc:7e:d7:1b:73:95:5b:57:c3:5d:14:
7d:ae:13:96:f1:03:a0:69:2a:cb:a9:96:c1:f6:cc:
ec:e0:cf:94:d6:35:10:44:a5:2f:2d:9d:00:f5:59:
5f:77:1d:ee:41:8f:da:b8:5e:81:12:c6:28:b5:f6:
59:84:31:a6:f0:8b:dd:e3:b2:58:8d:88:08:41:d1:
f5:5d:f6:f9:7a:34:9f:33:00:8e:87:56:9f:ed:90:
a4:b0:bc:1d:28:54:60:5b:c3:07:07:cb:b8:20:02:
2b:4c:47:01:0d:b2:96:5a:11:f4:bb:92:ee:98:92:
fe:4c:ca:76:cd:64:a3:ef:e9:f2:ba:6d:d7:ea:f4:
f1:c7:da:bb:55:b0:82:b6:3a:6e:1a:a0:6c:14:c0:
55:ce:bc:26:10:0e:17:6f:a3:ba:88:e7:fe:f1:20:
b5:a7:b8:27:e8:c3:eb:4f:be:e1:c8:61:1f:ec:f7:
21:6a:89:06:9a:82:db:2a:00:e2:af:0d:44:84:c8:
e2:55:7a:08:af:1b:56:4d:3e:e5:06:96:db:ab:d5:
31:ea:f8:cd:da:4b:3d:c8:0c:88:68:c3:dc:d5:b8:
14:da:58:5a:65:e7:6a:14:64:e9:60:ff:41:1f:fa:
c4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:03:15:AF:E1:FB:32:6E:5C:F3:E6:F3:9A:A4:DB:0C:9E:62:54:F1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/AAMVr-H7Mm5c8-bzmqTbDJ5iVPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/24
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:17:05:63:81:a9:86:3c:26:5c:38:7b:96:f4:f1:5e:c8:dd:
ed:1f:12:1e:42:28:c3:ba:11:f6:34:51:f4:d8:c4:b0:f9:b8:
c0:51:b8:27:58:12:59:16:ad:92:e2:22:c4:25:cd:d9:4b:df:
ba:48:d4:ba:ad:0a:62:5d:f1:b6:5c:d1:a4:8b:e3:60:54:a6:
3b:8a:0d:c6:6b:a3:2c:fa:a1:a6:9c:1c:ef:1b:e1:aa:80:cd:
e8:39:1c:cf:75:d7:31:5a:47:76:e8:f5:3b:d6:aa:fa:4d:ab:
e9:f2:9e:1b:16:a1:a0:c1:7c:59:24:0b:45:67:1d:76:23:79:
4a:ea:a0:2f:f8:e6:cd:0f:80:d0:70:46:a7:a2:a8:fc:98:44:
75:bf:0a:46:0f:82:0a:ac:d9:4b:8d:15:67:49:7e:58:58:f5:
2b:87:47:37:4d:0c:f5:36:60:28:ef:d7:a9:d6:4e:20:24:03:
b7:27:9c:0b:1c:cc:57:70:21:51:eb:ef:63:bb:d0:cb:d8:35:
f6:b7:5f:0e:f0:50:60:79:78:50:1f:49:e0:e1:d7:64:4e:27:
39:a9:74:08:ff:3b:65:54:f5:be:34:a1:f3:e7:d1:ae:68:24:
37:62:08:c6:bd:1d:80:51:a2:0a:f0:cd:d7:df:22:37:b0:59:
95:51:e5:43
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZB5I6pPuEAaWdMKlGkGsVLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNzAzMTUwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDAzMTVhZmUxZmIzMjZlNWNmM2U2ZjM5YWE0ZGIwYzllNjI1NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseOJHfIcGB42zlwAVmEsWOr8/H7X
G3OVW1fDXRR9rhOW8QOgaSrLqZbB9szs4M+U1jUQRKUvLZ0A9Vlfdx3uQY/auF6B
EsYotfZZhDGm8Ivd47JYjYgIQdH1Xfb5ejSfMwCOh1af7ZCksLwdKFRgW8MHB8u4
IAIrTEcBDbKWWhH0u5LumJL+TMp2zWSj7+nyum3X6vTxx9q7VbCCtjpuGqBsFMBV
zrwmEA4Xb6O6iOf+8SC1p7gn6MPrT77hyGEf7PchaokGmoLbKgDirw1EhMjiVXoI
rxtWTT7lBpbbq9Ux6vjN2ks9yAyIaMPc1bgU2lhaZedqFGTpYP9BH/rElQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFAADFa/h+zJuXPPm85qk2wyeYlTxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQUFNVnItSDdNbTVjOC1iem1xVGJESjVpVlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
wCQlAwQAwEcFAwQAwEcoAwQAwEdhAwQAwEeeAwQAwHllAwQAwHmsAwQAwHnAAwQA
wKVBAwQAwKVWAwQAwLChAwQAwbQ9AwQAwbUAAwQAwbW7AwQAwbcDAwQBwbdEAwQA
wbdPAwQBwbdcAwQAwbdoAwQAwbd2AwQBwepEAwQBwercAwQAwertAwQBweuOAwQA
wg6BAwQAwg7UAwQBwkQ4AwQAwkRjAwQAwkR+AwQBwkTCAwQAwkcbAwQAwkdTAwQB
wkeMAwQAwkeoAwQDwkf4AwQAwmcyAwQBwoRsAwQBwoSuMA0GCSqGSIb3DQEBCwUA
A4IBAQBsFwVjgamGPCZcOHuW9PFeyN3tHxIeQijDuhH2NFH02MSw+bjAUbgnWBJZ
Fq2S4iLEJc3ZS9+6SNS6rQpiXfG2XNGki+NgVKY7ig3Ga6Ms+qGmnBzvG+GqgM3o
ORzPddcxWkd26PU71qr6Tavp8p4bFqGgwXxZJAtFZx12I3lK6qAv+ObND4DQcEan
oqj8mER1vwpGD4IKrNlLjRVnSX5YWPUrh0c3TQz1NmAo79ep1k4gJAO3J5wLHMxX
cCFR6+9ju9DL2DX2t18O8FBgeXhQH0ng4ddkTic5qXQI/ztlVPW+NKHz59GuaCQ3
YgjGvR2AUaIK8M3X3yI3sFmVUeVD
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:04:53 2024 by rpki-client on console-ams.rpki-client.org