Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/aw59ES8klzcWBG25DhO48QrFox8.roa
File: aw59ES8klzcWBG25DhO48QrFox8.roa (raw, json)
Hash identifier: w5QKMHaF2LKMlZhSthdFfMPC5c+W0+UfSC6ri3zt2HE=
Subject key identifier: 6B:0E:7D:11:2F:24:97:37:16:04:6D:B9:0E:13:B8:F1:0A:C5:A3:1F
Certificate issuer: /CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Certificate serial: 018E33173E36675514AE0E73D5CB81D76F17
Authority key identifier: AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/aw59ES8klzcWBG25DhO48QrFox8.roa
Signing time: Tue 12 Mar 2024 14:35:45 +0000
ROA not before: Tue 12 Mar 2024 14:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29104
IP address blocks: 37.35.0.0/21 maxlen: 21
37.35.6.0/24 maxlen: 24
185.116.132.0/22 maxlen: 22
185.116.134.0/24 maxlen: 24
192.54.144.0/24 maxlen: 24
192.93.158.0/24 maxlen: 24
192.93.159.0/24 maxlen: 24
192.93.160.0/24 maxlen: 24
192.93.161.0/24 maxlen: 24
192.93.166.0/23 maxlen: 23
193.56.125.0/24 maxlen: 24
193.56.130.0/24 maxlen: 24
2a00:4f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:17:3e:36:67:55:14:ae:0e:73:d5:cb:81:d7:6f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Validity
Not Before: Mar 12 14:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b0e7d112f24973716046db90e13b8f10ac5a31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:47:16:e3:ac:70:99:d7:0a:cd:76:03:64:
90:c2:58:84:a1:fa:10:0c:15:1c:90:d0:d3:dd:ad:
9c:de:5a:24:95:a1:90:7f:55:08:be:af:c1:bb:dc:
e6:56:d4:55:5f:15:23:7a:d3:7b:3b:4e:36:ff:a2:
ab:23:ff:e8:6e:2d:d9:bb:31:46:43:3b:aa:89:90:
3e:1e:74:9f:34:c6:e7:9c:96:2f:62:a2:e3:67:5b:
d7:4e:ba:4a:a2:23:5d:d7:6b:9c:d2:59:a5:e7:94:
ca:d3:66:aa:b5:53:a7:a3:22:be:ec:ba:e1:9e:df:
8e:4d:f8:0e:ea:26:28:4a:a8:af:fc:7a:a6:5d:a6:
2c:cf:59:b8:05:db:01:fd:cd:d0:55:e5:e7:f9:46:
80:69:10:6c:9c:0c:84:f6:56:57:22:0e:dc:72:50:
35:d0:c9:2f:d4:91:a0:8b:7c:03:26:5c:04:65:77:
d1:81:30:2e:75:3c:b6:4a:c8:31:fc:05:04:52:bc:
25:3d:7a:78:80:5b:c0:3f:f1:7c:ac:a4:fd:6f:1a:
13:20:81:18:38:b0:d9:30:3c:6e:6c:1c:5e:a1:47:
e9:03:d8:c7:84:d6:fe:dc:88:2e:73:8f:ea:16:72:
e4:29:17:66:dc:12:08:10:59:ef:dc:1a:77:c5:c4:
32:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:0E:7D:11:2F:24:97:37:16:04:6D:B9:0E:13:B8:F1:0A:C5:A3:1F
X509v3 Authority Key Identifier:
keyid:AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/aw59ES8klzcWBG25DhO48QrFox8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.0.0/21
185.116.132.0/22
192.54.144.0/24
192.93.158.0-192.93.161.255
192.93.166.0/23
193.56.125.0/24
193.56.130.0/24
IPv6:
2a00:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
96:cb:f5:38:f8:dd:1f:1b:49:eb:98:4b:60:c8:47:0c:05:37:
90:48:12:21:5d:cc:51:04:7b:18:9d:fb:51:ca:46:49:50:5b:
00:fa:43:ff:e4:bb:da:b1:b3:a9:ae:66:90:f1:09:99:ea:c7:
f9:c0:9a:82:64:b8:d2:01:8c:b6:d1:ff:34:ce:d3:2f:63:10:
d1:b5:0c:1b:82:d9:7b:0b:b6:1b:9f:45:da:2f:ec:25:1a:09:
26:50:b2:d2:a0:d8:b4:61:11:25:59:79:42:56:b3:cb:a8:d4:
01:77:49:f4:fa:e9:e6:4f:a9:95:6c:f6:1b:0d:80:19:e0:14:
6b:16:57:6e:49:6f:af:f3:a2:fa:08:ad:05:16:d1:82:3c:bc:
bd:91:1b:65:e2:b2:0b:9b:77:9f:66:19:b8:47:5e:ac:8e:cd:
4e:18:06:23:bb:06:fc:1a:16:75:ed:80:e0:4b:f2:40:b6:72:
28:54:b2:24:c7:01:b1:5b:b2:c2:61:09:19:3f:5d:7a:e9:01:
51:0c:02:42:89:99:99:f0:b3:07:c1:03:01:f5:26:9c:9c:fb:
05:f8:de:0e:87:b0:54:9b:ee:7f:e2:fc:e2:52:93:54:c5:66:
dc:00:bb:90:67:12:66:d0:72:22:0f:a4:0a:19:ae:2c:ab:e1:
4c:8e:01:b2
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY4zFz42Z1UUrg5z1cuB128XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWUyZWZjZGMyMTNhYzViMWIwODc5ZDkyMmExNzhiODUw
ZjQ1MWYwHhcNMjQwMzEyMTQzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBlN2QxMTJmMjQ5NzM3MTYwNDZkYjkwZTEzYjhmMTBhYzVhMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRNHFuOscJnXCs12A2SQwliEofoQ
DBUckNDT3a2c3loklaGQf1UIvq/Bu9zmVtRVXxUjetN7O042/6KrI//obi3ZuzFG
QzuqiZA+HnSfNMbnnJYvYqLjZ1vXTrpKoiNd12uc0lml55TK02aqtVOnoyK+7Lrh
nt+OTfgO6iYoSqiv/HqmXaYsz1m4BdsB/c3QVeXn+UaAaRBsnAyE9lZXIg7cclA1
0Mkv1JGgi3wDJlwEZXfRgTAudTy2Ssgx/AUEUrwlPXp4gFvAP/F8rKT9bxoTIIEY
OLDZMDxubBxeoUfpA9jHhNb+3Iguc4/qFnLkKRdm3BIIEFnv3Bp3xcQySwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFGsOfREvJJc3FgRtuQ4TuPEKxaMfMB8GA1UdIwQY
MBaAFKyeLvzcITrFsbCHnZIqF4uFD0UfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEt
N2M3YmYyNzE3NWM1LzEvYXc1OUVTOGtsemNXQkcyNURoTzQ4UXJGb3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEtN2M3YmYyNzE3NWM1
LzEvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDJSMAAwQC
uXSEAwQAwDaQMAwDBAHAXZ4DBAHAXaADBAHAXaYDBADBOH0DBADBOIIwDQQCAAIw
BwMFACoAT0AwDQYJKoZIhvcNAQELBQADggEBAJbL9Tj43R8bSeuYS2DIRwwFN5BI
EiFdzFEEexid+1HKRklQWwD6Q//ku9qxs6muZpDxCZnqx/nAmoJkuNIBjLbR/zTO
0y9jENG1DBuC2XsLthufRdov7CUaCSZQstKg2LRhESVZeUJWs8uo1AF3SfT66eZP
qZVs9hsNgBngFGsWV25Jb6/zovoIrQUW0YI8vL2RG2Xisgubd59mGbhHXqyOzU4Y
BiO7BvwaFnXtgOBL8kC2cihUsiTHAbFbssJhCRk/XXrpAVEMAkKJmZnwswfBAwH1
Jpyc+wX43g6HsFSb7n/i/OJSk1TFZtwAu5BnEmbQciIPpAoZriyr4UyOAbI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:25:22 2024 by rpki-client on console-fra.rpki-client.org