Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/aPOWaRJR-FGrN3u-8zh82-1PBwc.roa
File: aPOWaRJR-FGrN3u-8zh82-1PBwc.roa (raw, json)
Hash identifier: tw7J1wNC6LeOrw8JgIU3vE8suFymEvXhHV92CbdtCks=
Subject key identifier: 68:F3:96:69:12:51:F8:51:AB:37:7B:BE:F3:38:7C:DB:ED:4F:07:07
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 018CCA2A93D870252CA6EEDC82B28AF1ACEC
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/aPOWaRJR-FGrN3u-8zh82-1PBwc.roa
Signing time: Tue 02 Jan 2024 12:33:57 +0000
ROA not before: Tue 02 Jan 2024 12:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42306
IP address blocks: 46.253.96.0/21 maxlen: 21
185.134.160.0/22 maxlen: 22
46.253.104.0/21 maxlen: 21
77.236.192.0/19 maxlen: 19
37.44.208.0/22 maxlen: 22
2a06:ed40::/29 maxlen: 29
2a03:f280::/29 maxlen: 29
2a0e:5340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:93:d8:70:25:2c:a6:ee:dc:82:b2:8a:f1:ac:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Jan 2 12:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68f396691251f851ab377bbef3387cdbed4f0707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6d:b6:86:46:fa:a9:e8:c1:25:fc:b3:62:70:
e6:ff:b9:9e:32:71:65:f5:45:9d:41:c2:f9:83:ed:
a9:cb:b2:52:a6:48:e9:e8:86:96:ef:e9:f7:85:29:
31:68:2f:ae:72:f0:d5:6b:4b:2d:90:17:89:02:b4:
13:5a:01:77:34:ea:ec:e6:c2:d6:bf:ef:4f:41:fb:
aa:45:ad:94:b9:33:e1:d7:aa:bd:4b:79:a8:a8:b3:
bf:20:07:0a:48:ae:6d:a6:44:25:f8:0c:89:f4:a5:
74:29:d7:d2:58:2b:f8:15:81:38:9b:a0:3f:f2:58:
53:aa:b2:80:fc:83:56:30:e1:75:5c:b9:17:16:3a:
7f:dd:4c:0a:21:3b:80:9a:54:92:df:8e:68:68:09:
12:d5:5d:21:c1:76:21:7f:6e:f2:21:f2:51:5b:d2:
a0:97:d9:a7:8a:8f:29:07:76:19:6c:7c:2a:98:c8:
62:c1:df:fc:23:80:0f:78:e6:95:1d:15:23:69:90:
65:f2:7d:f1:3c:96:5f:53:7b:6b:02:d8:a7:62:23:
d4:0a:90:b7:a7:a5:96:b8:90:b9:3b:e3:62:61:76:
1a:b5:67:76:45:e2:c3:78:bc:2f:df:93:0c:e1:dc:
ef:c0:21:cd:ea:b6:16:38:5d:3a:f4:e9:cf:67:b5:
60:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F3:96:69:12:51:F8:51:AB:37:7B:BE:F3:38:7C:DB:ED:4F:07:07
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/aPOWaRJR-FGrN3u-8zh82-1PBwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.208.0/22
46.253.96.0/20
77.236.192.0/19
185.134.160.0/22
IPv6:
2a03:f280::/29
2a06:ed40::/29
2a0e:5340::/29
Signature Algorithm: sha256WithRSAEncryption
79:f7:fc:68:b9:6a:f5:b6:b4:ec:59:28:ee:8d:8c:38:b0:cd:
ce:3d:6e:ff:56:79:07:70:10:42:f9:c2:d2:a4:fe:a6:36:6e:
67:99:a0:bc:f9:12:2e:b6:31:69:69:f1:e4:80:56:af:83:9e:
e1:b9:f3:d2:b2:a8:35:e9:0f:1e:a4:80:6e:bd:d8:9a:f0:52:
74:0e:6d:13:14:9f:64:2f:5d:eb:1f:cd:34:65:e0:f7:41:97:
ac:af:5a:28:66:8f:ee:79:8c:62:7b:ea:bb:2a:b2:01:3c:f6:
db:98:fb:de:fc:27:71:44:46:48:62:16:93:d6:50:0c:02:66:
f0:f0:1a:51:b9:09:ef:63:31:55:47:b2:2c:31:55:f7:95:04:
9c:17:bb:72:c8:ae:39:07:9b:bd:c5:31:35:33:05:9f:69:16:
d0:af:bc:24:72:5c:3d:69:e2:52:27:ab:2a:1a:25:0e:a5:c4:
ef:e8:25:a7:dc:80:00:0b:a0:be:b9:cb:d9:2a:f1:27:9f:88:
b1:22:16:26:73:11:5d:d4:4e:b5:da:9c:da:b5:88:63:52:dc:
ef:19:ed:bc:08:3f:1d:32:a5:ac:d4:97:04:72:3a:22:a6:4e:
db:ac:7d:b6:8b:6d:60:5e:66:d5:c6:6b:bd:87:ad:8c:08:69:
5a:f1:ec:5f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzKKpPYcCUspu7cgrKK8azsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjQwMTAyMTIzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYzOTY2OTEyNTFmODUxYWIzNzdiYmVmMzM4N2NkYmVkNGYwNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm22hkb6qejBJfyzYnDm/7meMnFl
9UWdQcL5g+2py7JSpkjp6IaW7+n3hSkxaC+ucvDVa0stkBeJArQTWgF3NOrs5sLW
v+9PQfuqRa2UuTPh16q9S3moqLO/IAcKSK5tpkQl+AyJ9KV0KdfSWCv4FYE4m6A/
8lhTqrKA/INWMOF1XLkXFjp/3UwKITuAmlSS345oaAkS1V0hwXYhf27yIfJRW9Kg
l9mnio8pB3YZbHwqmMhiwd/8I4APeOaVHRUjaZBl8n3xPJZfU3trAtinYiPUCpC3
p6WWuJC5O+NiYXYatWd2ReLDeLwv35MM4dzvwCHN6rYWOF069OnPZ7VgRQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGjzlmkSUfhRqzd7vvM4fNvtTwcHMB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvYVBPV2FSSlItRkdyTjN1LTh6aDgyLTFQQndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAtYTY5OWJjYjA4YWUz
LzEvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCJSzQAwQE
Lv1gAwQFTezAAwQCuYagMBsEAgACMBUDBQMqA/KAAwUDKgbtQAMFAyoOU0AwDQYJ
KoZIhvcNAQELBQADggEBAHn3/Gi5avW2tOxZKO6NjDiwzc49bv9WeQdwEEL5wtKk
/qY2bmeZoLz5Ei62MWlp8eSAVq+DnuG589KyqDXpDx6kgG692JrwUnQObRMUn2Qv
XesfzTRl4PdBl6yvWihmj+55jGJ76rsqsgE89tuY+978J3FERkhiFpPWUAwCZvDw
GlG5Ce9jMVVHsiwxVfeVBJwXu3LIrjkHm73FMTUzBZ9pFtCvvCRyXD1p4lInqyoa
JQ6lxO/oJafcgAALoL65y9kq8SefiLEiFiZzEV3UTrXanNq1iGNS3O8Z7bwIPx0y
pazUlwRyOiKmTtusfbaLbWBeZtXGa72HrYwIaVrx7F8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:50 2024 by rpki-client on console-fra.rpki-client.org