Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/bm5XdnLLCMMQbWF-5Xg9ZLGR8Ew.roa
File: bm5XdnLLCMMQbWF-5Xg9ZLGR8Ew.roa (raw, json)
Hash identifier: GAW/BcynwyNyFqlSAnsqYOeCtVa9eGDrPAdfdRKN9o0=
Subject key identifier: 6E:6E:57:76:72:CB:08:C3:10:6D:61:7E:E5:78:3D:64:B1:91:F0:4C
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01906D9CEA716C6AF9631B516B567E165F8D
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/bm5XdnLLCMMQbWF-5Xg9ZLGR8Ew.roa
Signing time: Mon 01 Jul 2024 09:25:18 +0000
ROA not before: Mon 01 Jul 2024 09:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42739
IP address blocks: 37.139.144.0/24 maxlen: 24
37.139.145.0/24 maxlen: 24
37.139.146.0/24 maxlen: 24
37.139.147.0/24 maxlen: 24
37.139.148.0/24 maxlen: 24
37.139.149.0/24 maxlen: 24
37.139.150.0/24 maxlen: 24
37.139.151.0/24 maxlen: 24
77.242.224.0/20 maxlen: 20
77.242.233.0/24 maxlen: 24
77.242.234.0/24 maxlen: 24
77.242.235.0/24 maxlen: 24
78.159.64.0/20 maxlen: 20
78.159.83.0/24 maxlen: 24
92.55.192.0/18 maxlen: 18
92.55.220.0/24 maxlen: 24
92.55.226.0/24 maxlen: 24
185.46.92.0/22 maxlen: 22
188.112.0.0/18 maxlen: 18
188.112.57.0/24 maxlen: 24
2a02:7f0::/32 maxlen: 32
2a02:7f0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:9c:ea:71:6c:6a:f9:63:1b:51:6b:56:7e:16:5f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jul 1 09:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e6e577672cb08c3106d617ee5783d64b191f04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:f7:41:0f:12:f6:bc:74:02:28:b4:c1:38:
ec:3c:e5:d3:42:6f:ef:da:85:6d:06:8d:74:52:c2:
42:19:31:ff:c5:20:71:7f:7a:42:d4:d4:9e:39:6d:
9e:27:73:c9:07:8c:39:8e:e9:28:d9:7f:e2:a3:82:
c3:fc:b4:a1:23:44:1b:75:d9:14:73:e1:03:1e:a9:
99:fb:5c:e2:55:2c:96:26:10:af:b4:87:2e:9d:77:
b3:29:0f:4d:d5:49:fa:06:30:52:ff:83:f2:40:5d:
66:24:0f:13:37:5d:60:82:a8:53:4e:57:9e:5c:99:
04:da:b4:13:e0:fe:03:2b:02:01:27:f8:e1:c1:26:
9b:bd:67:d5:86:2d:da:69:22:27:83:0d:29:56:4e:
66:d5:0f:e4:79:8e:a5:9f:c0:d0:16:64:67:27:91:
b1:0e:7b:e0:00:4d:a5:3d:3f:b3:6b:03:ab:5f:7f:
46:8c:67:28:2a:6d:54:f4:48:a2:b1:31:7b:f3:bb:
34:0a:56:27:f5:24:fd:a6:cb:9e:01:80:8b:62:50:
01:2f:d0:da:03:4d:ea:6d:ac:68:24:1c:de:75:8f:
f7:e8:9e:f5:38:bc:a3:61:92:a9:4a:b2:66:68:1e:
4c:e5:6a:cd:7a:23:2e:ba:92:5d:cf:01:89:c7:54:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6E:57:76:72:CB:08:C3:10:6D:61:7E:E5:78:3D:64:B1:91:F0:4C
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/bm5XdnLLCMMQbWF-5Xg9ZLGR8Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.144.0/21
77.242.224.0/20
78.159.64.0/20
78.159.83.0/24
92.55.192.0/18
185.46.92.0/22
188.112.0.0/18
IPv6:
2a02:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
b3:99:ad:fb:29:9e:f9:4c:87:14:6b:9a:6f:4c:eb:84:29:db:
97:3d:f6:46:2b:44:cb:53:b7:94:37:fa:d8:17:cd:92:86:f0:
7b:33:b7:e5:d9:06:dd:10:12:2a:a5:18:8e:97:9f:e3:d9:8d:
6c:d0:9a:8e:20:d7:9e:ec:6d:b2:56:45:aa:86:7b:4a:35:73:
1e:3d:da:a8:9e:2f:a4:8f:94:df:9e:f8:82:20:b5:c6:f8:87:
c8:5a:5a:b9:fb:65:96:ff:f6:81:41:c2:88:86:8a:80:0c:c5:
92:d4:3f:a7:e0:63:81:39:fe:3e:10:01:26:48:a0:1d:ff:9e:
89:66:d2:54:4c:9f:dd:a6:c7:c9:37:38:41:16:27:09:8a:3e:
2a:69:84:8e:52:a7:45:b1:e6:ae:cd:fd:92:da:0e:1e:81:74:
a8:7e:84:87:eb:56:7f:9e:0b:35:8a:44:ca:f0:57:7b:8d:70:
12:bb:c5:2b:1d:d6:62:f1:f4:af:c9:9c:7d:4e:16:12:a9:0d:
14:98:6c:68:9d:ea:df:90:ba:48:39:21:52:e1:63:05:56:6d:
dc:83:7b:9e:cd:e5:28:f2:7f:ca:43:c1:56:60:af:17:31:73:
8c:fa:55:1a:cd:6f:f4:ad:27:ad:17:0f:28:59:08:b7:01:01:
f9:a1:58:cc
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZBtnOpxbGr5YxtRa1Z+Fl+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjQwNzAxMDkyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZlNTc3NjcyY2IwOGMzMTA2ZDYxN2VlNTc4M2Q2NGIxOTFmMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjn3QQ8S9rx0Aii0wTjsPOXTQm/v
2oVtBo10UsJCGTH/xSBxf3pC1NSeOW2eJ3PJB4w5juko2X/io4LD/LShI0QbddkU
c+EDHqmZ+1ziVSyWJhCvtIcunXezKQ9N1Un6BjBS/4PyQF1mJA8TN11ggqhTTlee
XJkE2rQT4P4DKwIBJ/jhwSabvWfVhi3aaSIngw0pVk5m1Q/keY6ln8DQFmRnJ5Gx
DnvgAE2lPT+zawOrX39GjGcoKm1U9EiisTF787s0ClYn9ST9psueAYCLYlABL9Da
A03qbaxoJBzedY/36J71OLyjYZKpSrJmaB5M5WrNeiMuupJdzwGJx1R8FwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFG5uV3ZyywjDEG1hfuV4PWSxkfBMMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvYm01WGRuTExDTU1RYldGLTVYZzlaTEdSOEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDJYuQAwQE
TfLgAwQETp9AAwQATp9TAwQGXDfAAwQCuS5cAwQGvHAAMA0EAgACMAcDBQAqAgfw
MA0GCSqGSIb3DQEBCwUAA4IBAQCzma37KZ75TIcUa5pvTOuEKduXPfZGK0TLU7eU
N/rYF82ShvB7M7fl2QbdEBIqpRiOl5/j2Y1s0JqOINee7G2yVkWqhntKNXMePdqo
ni+kj5TfnviCILXG+IfIWlq5+2WW//aBQcKIhoqADMWS1D+n4GOBOf4+EAEmSKAd
/56JZtJUTJ/dpsfJNzhBFicJij4qaYSOUqdFseauzf2S2g4egXSofoSH61Z/ngs1
ikTK8Fd7jXASu8UrHdZi8fSvyZx9ThYSqQ0UmGxonerfkLpIOSFS4WMFVm3cg3ue
zeUo8n/KQ8FWYK8XMXOM+lUazW/0rSetFw8oWQi3AQH5oVjM
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:19 2024 by rpki-client on console-fra.rpki-client.org