Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/srVgEH7S8vTlW8XLjsNHRwQO_KA.roa
File: srVgEH7S8vTlW8XLjsNHRwQO_KA.roa (raw, json)
Hash identifier: Ad6gKMqz77RcjSc/YR010zVCjpXEjqXQ41+vvco5IDQ=
Subject key identifier: B2:B5:60:10:7E:D2:F2:F4:E5:5B:C5:CB:8E:C3:47:47:04:0E:FC:A0
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019286F3B75D166FA293C77BD9D523CEA4B0
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/srVgEH7S8vTlW8XLjsNHRwQO_KA.roa
Signing time: Sun 13 Oct 2024 17:36:11 +0000
ROA not before: Sun 13 Oct 2024 17:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:86:f3:b7:5d:16:6f:a2:93:c7:7b:d9:d5:23:ce:a4:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Oct 13 17:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2b560107ed2f2f4e55bc5cb8ec34747040efca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:cb:ea:c7:79:d6:5a:62:40:8f:27:4d:f6:
1b:9d:be:b5:a5:06:21:f2:3d:06:05:f2:b2:f2:5f:
04:b2:7d:ff:8b:eb:ec:b5:0b:10:2f:5e:47:04:0e:
77:7f:8b:de:80:20:7b:17:23:b1:5e:f9:a0:5a:8c:
b9:15:ff:cd:b3:80:b4:80:3a:c7:7b:d5:56:ae:d3:
fd:f0:5f:72:c5:b7:68:3c:9a:b2:80:c7:48:6c:7a:
27:cd:82:ed:74:06:3a:34:1f:24:b6:ae:34:7a:48:
2c:96:e8:2c:9f:2e:23:50:a0:fc:ec:46:6c:04:96:
96:e7:23:e6:45:c8:ed:e7:5b:dd:53:d5:78:21:3a:
bb:09:fe:53:28:0f:b9:9f:46:96:7e:0c:78:2f:f4:
64:c9:6b:7c:76:96:e7:89:2c:87:2d:2d:e2:12:fe:
18:ea:82:fe:2b:15:26:80:98:fc:d4:33:07:c1:d5:
b2:4e:57:9c:91:14:8a:4a:cd:3f:29:5e:dd:fb:9e:
ed:45:76:9d:5e:82:45:d6:c5:16:d3:75:b9:fb:a1:
22:58:b2:b2:85:31:10:78:ae:09:34:32:74:46:d9:
14:c2:4c:0e:bf:12:e2:02:56:21:7b:92:97:fa:28:
5c:e4:6e:2b:0e:60:4d:50:95:f8:b9:0a:12:31:3d:
47:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B5:60:10:7E:D2:F2:F4:E5:5B:C5:CB:8E:C3:47:47:04:0E:FC:A0
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/srVgEH7S8vTlW8XLjsNHRwQO_KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0/23
185.247.224.0-185.247.226.255
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
7b:62:75:71:7d:bb:2f:dc:7e:66:80:b6:74:9d:46:5f:70:77:
9a:a8:4d:82:73:8d:68:54:0b:06:48:46:39:a7:4b:77:b3:b7:
c7:2c:24:52:90:45:78:fd:af:89:c7:f3:8c:5d:bd:6b:19:0e:
4a:85:a9:53:f0:91:4a:ad:9f:ca:62:07:da:80:3d:0b:c5:5e:
14:fd:10:ba:60:7b:8d:d0:a9:89:3e:b2:ff:cc:3e:a3:b6:1d:
6d:d0:fd:1d:0e:5a:96:2e:80:96:3f:8a:b6:13:04:b0:8d:ed:
e9:32:5c:b2:0d:5c:df:86:62:a4:64:2f:43:16:f5:ad:95:18:
33:9a:1b:4f:9d:3f:0b:c2:23:f9:15:f8:dc:47:f8:23:45:05:
92:f3:8a:23:bf:1c:2c:a8:6c:08:63:51:42:70:56:c1:6e:30:
5f:d0:ec:e9:22:88:3a:14:61:16:73:46:ac:aa:0d:74:a6:ff:
7d:9e:91:26:76:74:af:64:fd:6f:80:da:14:a3:9d:e9:cf:8e:
ba:93:75:e2:d2:df:6f:a1:d7:eb:db:dd:da:f2:23:75:b7:3e:
34:54:fe:89:a7:ec:6b:0d:d8:db:66:ac:c8:cd:86:60:20:f5:
dd:68:14:5c:6f:62:ac:b2:6a:fb:23:43:24:10:fe:88:5c:b1:
1e:d8:96:57
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZKG87ddFm+ik8d72dUjzqSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjQxMDEzMTczNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI1NjAxMDdlZDJmMmY0ZTU1YmM1Y2I4ZWMzNDc0NzA0MGVmY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ3L6sd51lpiQI8nTfYbnb61pQYh
8j0GBfKy8l8Esn3/i+vstQsQL15HBA53f4vegCB7FyOxXvmgWoy5Ff/Ns4C0gDrH
e9VWrtP98F9yxbdoPJqygMdIbHonzYLtdAY6NB8ktq40ekgslugsny4jUKD87EZs
BJaW5yPmRcjt51vdU9V4ITq7Cf5TKA+5n0aWfgx4L/RkyWt8dpbniSyHLS3iEv4Y
6oL+KxUmgJj81DMHwdWyTleckRSKSs0/KV7d+57tRXadXoJF1sUW03W5+6EiWLKy
hTEQeK4JNDJ0RtkUwkwOvxLiAlYhe5KX+ihc5G4rDmBNUJX4uQoSMT1HXQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFLK1YBB+0vL05VvFy47DR0cEDvygMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvc3JWZ0VIN1M4dlRsVzhYTGpzTkhSd1FPX0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBGBAIAATBAAwQAJZxEAwQB
JeSAAwQAuQpEAwQCuWRUMAwDBAO5kugDBAC5kuoDBAK5pagDBAG59rwwDAMEBbn3
4AMEALn34jAgBAIAAjAaMA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcAAQAwDQYJKoZI
hvcNAQELBQADggEBAHtidXF9uy/cfmaAtnSdRl9wd5qoTYJzjWhUCwZIRjmnS3ez
t8csJFKQRXj9r4nH84xdvWsZDkqFqVPwkUqtn8piB9qAPQvFXhT9ELpge43QqYk+
sv/MPqO2HW3Q/R0OWpYugJY/irYTBLCN7ekyXLINXN+GYqRkL0MW9a2VGDOaG0+d
PwvCI/kV+NxH+CNFBZLziiO/HCyobAhjUUJwVsFuMF/Q7OkiiDoUYRZzRqyqDXSm
/32ekSZ2dK9k/W+A2hSjnenPjrqTdeLS32+h1+vb3dryI3W3PjRU/omn7GsN2Ntm
rMjNhmAg9d1oFFxvYqyyavsjQyQQ/ohcsR7Yllc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:49 2024 by rpki-client on console-fra.rpki-client.org