Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/cAOinGVUZdZePLgHlXbMWRpXPFI.roa
File: cAOinGVUZdZePLgHlXbMWRpXPFI.roa (raw, json)
Hash identifier: I4+GqGz39hvBgczVPgww5d9sBQVdWAPq4WipFKHwXko=
Subject key identifier: 70:03:A2:9C:65:54:65:D6:5E:3C:B8:07:95:76:CC:59:1A:57:3C:52
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 01928F8B6BA162C491C8F9CFB0EAF484FD66
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/cAOinGVUZdZePLgHlXbMWRpXPFI.roa
Signing time: Tue 15 Oct 2024 09:38:51 +0000
ROA not before: Tue 15 Oct 2024 09:38:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34309
IP address blocks: 37.156.68.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:8b:6b:a1:62:c4:91:c8:f9:cf:b0:ea:f4:84:fd:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Oct 15 09:38:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7003a29c655465d65e3cb8079576cc591a573c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:25:a7:80:7f:fb:ff:47:ca:56:73:06:10:
77:c8:74:43:1c:f9:23:af:29:8d:51:53:e2:03:65:
14:04:79:b4:98:cf:fa:37:19:89:52:c0:af:e4:50:
ce:01:70:5f:98:c6:23:b5:32:fa:a7:75:00:09:a4:
44:d4:55:6e:f4:aa:db:b4:f2:5f:51:fc:95:fb:76:
a7:b5:ad:06:78:55:f4:77:3a:ee:de:1c:db:2b:b9:
a2:a3:82:d2:86:8a:18:5b:a7:78:e5:67:5a:d6:4f:
e0:b0:79:92:5b:e2:27:1d:33:89:7a:ac:e5:07:da:
6e:d8:00:12:98:2c:1f:11:39:df:92:3a:9d:77:46:
95:81:94:f1:32:e8:75:c8:75:dd:67:e9:03:e5:ae:
3f:c5:ac:68:bb:61:38:9e:4a:ce:c1:cf:7f:38:9a:
6b:1d:02:21:6c:4f:3f:3e:e8:e1:7b:de:84:5f:b3:
ae:77:9b:96:27:a3:09:9d:c8:d4:ec:22:f8:3b:c7:
cf:65:49:29:ed:b5:f5:39:ca:6f:59:49:dd:fe:ac:
c2:50:6e:fc:aa:d2:4a:0b:7c:78:c0:0f:f9:67:97:
6f:34:1c:94:32:a0:e9:52:70:8c:f9:a6:8d:71:73:
a6:24:e4:26:2a:77:16:0a:77:74:2a:f8:89:66:dd:
37:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:03:A2:9C:65:54:65:D6:5E:3C:B8:07:95:76:CC:59:1A:57:3C:52
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/cAOinGVUZdZePLgHlXbMWRpXPFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
185.146.234.0/24
185.165.170.0/24
185.247.226.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5a:e5:9f:f9:2d:bd:fe:f2:a3:9e:e8:f1:e7:f1:3c:b1:00:
8c:f0:b8:2d:9c:a3:51:c0:d3:27:d7:10:d9:45:9f:02:6d:c1:
18:b2:a6:57:69:8d:41:c5:fb:55:e5:01:09:de:e8:e8:94:c2:
ed:a3:8e:23:7c:fd:62:87:21:72:82:db:84:01:56:89:92:92:
97:ab:7e:2e:bb:d3:f6:78:d7:1c:c4:f3:59:42:d2:99:55:bd:
2e:3f:f2:a8:42:02:1a:d8:e8:99:c9:91:e6:73:f2:87:a6:37:
cc:fa:1f:c9:a5:3f:60:8c:8f:5c:98:58:94:2d:3f:bb:ee:f2:
37:92:37:35:52:94:0e:97:49:10:6f:5e:3e:64:cd:f8:b9:fb:
e3:58:c4:df:bd:59:9b:02:2a:53:c4:57:0b:cf:0f:ba:5f:4a:
4d:a6:55:7d:a9:79:86:d6:ca:86:f8:8e:b9:cb:2a:5c:d3:c8:
49:ba:56:e5:53:78:95:de:4d:00:42:1c:d0:77:75:00:c8:84:
1a:95:cd:e4:8d:26:fb:d9:09:3d:5d:37:66:d6:8f:0c:ef:78:
f3:3b:01:a1:5e:de:71:ac:9b:93:ec:d6:85:60:c7:e3:6e:9c:
61:3a:ea:a0:bd:04:8d:1e:2b:0f:c8:62:0e:16:c5:75:e8:b8:
aa:cb:4c:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKPi2uhYsSRyPnPsOr0hP1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjQxMDE1MDkzODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDAzYTI5YzY1NTQ2NWQ2NWUzY2I4MDc5NTc2Y2M1OTFhNTczYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuslp4B/+/9HylZzBhB3yHRDHPkj
rymNUVPiA2UUBHm0mM/6NxmJUsCv5FDOAXBfmMYjtTL6p3UACaRE1FVu9KrbtPJf
UfyV+3anta0GeFX0dzru3hzbK7mio4LShooYW6d45Wda1k/gsHmSW+InHTOJeqzl
B9pu2AASmCwfETnfkjqdd0aVgZTxMuh1yHXdZ+kD5a4/xaxou2E4nkrOwc9/OJpr
HQIhbE8/Pujhe96EX7Oud5uWJ6MJncjU7CL4O8fPZUkp7bX1OcpvWUnd/qzCUG78
qtJKC3x4wA/5Z5dvNByUMqDpUnCM+aaNcXOmJOQmKncWCnd0KviJZt033wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHADopxlVGXWXjy4B5V2zFkaVzxSMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvY0FPaW5HVlVaZFplUExnSGxYYk1XUnBYUEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJZxEAwQA
uZLqAwQAuaWqAwQAuffiMA0GCSqGSIb3DQEBCwUAA4IBAQB5WuWf+S29/vKjnujx
5/E8sQCM8LgtnKNRwNMn1xDZRZ8CbcEYsqZXaY1BxftV5QEJ3ujolMLto44jfP1i
hyFygtuEAVaJkpKXq34uu9P2eNccxPNZQtKZVb0uP/KoQgIa2OiZyZHmc/KHpjfM
+h/JpT9gjI9cmFiULT+77vI3kjc1UpQOl0kQb14+ZM34ufvjWMTfvVmbAipTxFcL
zw+6X0pNplV9qXmG1sqG+I65yypc08hJulblU3iV3k0AQhzQd3UAyIQalc3kjSb7
2Qk9XTdm1o8M73jzOwGhXt5xrJuT7NaFYMfjbpxhOuqgvQSNHisPyGIOFsV16Liq
y0x1
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:41 2024 by rpki-client on console-ams.rpki-client.org