Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/DufL97FfKku4Bux6ua4SeAjuebc.roa
File: DufL97FfKku4Bux6ua4SeAjuebc.roa (raw, json)
Hash identifier: c9TNZftRxfvaJJmoe2Bt3elK7mKlQtzoQn0PI81Nqno=
Subject key identifier: 0E:E7:CB:F7:B1:5F:2A:4B:B8:06:EC:7A:B9:AE:12:78:08:EE:79:B7
Certificate issuer: /CN=6596f0dc165b7cd209022b2964834c45e74d212c
Certificate serial: 018DD4A26239722013028E07AF6B210083AC
Authority key identifier: 65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/DufL97FfKku4Bux6ua4SeAjuebc.roa
Signing time: Fri 23 Feb 2024 06:23:48 +0000
ROA not before: Fri 23 Feb 2024 06:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198569
IP address blocks: 37.152.160.0/24 maxlen: 24
37.152.161.0/24 maxlen: 24
37.152.162.0/24 maxlen: 24
37.152.163.0/24 maxlen: 24
37.152.164.0/24 maxlen: 24
37.152.167.0/24 maxlen: 24
37.152.168.0/24 maxlen: 24
37.152.169.0/24 maxlen: 24
37.152.170.0/24 maxlen: 24
37.152.171.0/24 maxlen: 24
37.152.172.0/24 maxlen: 24
37.152.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 00:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:a2:62:39:72:20:13:02:8e:07:af:6b:21:00:83:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596f0dc165b7cd209022b2964834c45e74d212c
Validity
Not Before: Feb 23 06:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ee7cbf7b15f2a4bb806ec7ab9ae127808ee79b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ff:97:9f:f5:3b:68:61:7c:e0:76:99:63:ff:
45:bd:05:6b:9d:57:e3:7f:2e:3b:b8:8f:3f:70:3f:
02:9f:5b:a9:07:29:ff:62:ab:83:7c:c1:d8:b6:df:
3b:a4:f1:a9:94:22:0d:9d:a0:bb:a8:25:7f:fc:7c:
da:1a:c3:f0:43:6e:a9:de:c2:15:ad:5d:e3:31:e7:
74:cf:3f:bb:35:46:04:78:8e:ac:df:b5:e4:49:79:
9c:ae:23:8f:a7:25:75:11:84:1a:33:35:ed:f3:2e:
3d:a4:5c:11:ea:f6:ad:8c:5b:1d:e2:14:32:b1:51:
54:fa:a7:bd:87:fb:a5:3f:53:32:1f:e8:03:8f:26:
de:b8:69:d1:e2:df:98:1b:3c:fb:3e:ed:87:e1:0d:
c1:c8:5f:dc:0c:ed:ae:4c:0c:bc:67:a4:7b:99:6e:
c9:85:20:27:42:70:30:14:27:a8:14:b0:41:78:4e:
61:a3:c1:16:87:b6:e9:8d:1d:ba:89:ab:39:b6:ab:
2d:dc:64:e0:2d:b6:2d:66:e1:d9:95:de:75:87:c4:
d5:d7:43:da:d9:1b:39:c5:d6:a9:d2:79:69:e9:83:
62:af:d8:a5:a2:c1:55:eb:89:a6:9e:ea:a1:89:3d:
ce:ed:ae:7a:ee:0f:cb:80:74:44:ac:fc:32:2b:41:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E7:CB:F7:B1:5F:2A:4B:B8:06:EC:7A:B9:AE:12:78:08:EE:79:B7
X509v3 Authority Key Identifier:
keyid:65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/DufL97FfKku4Bux6ua4SeAjuebc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.160.0-37.152.164.255
37.152.167.0-37.152.173.255
Signature Algorithm: sha256WithRSAEncryption
65:56:7d:70:e8:76:84:8b:56:f6:a6:23:a2:e0:c5:3e:10:0d:
94:df:10:30:7a:d3:0f:27:34:a3:dd:5d:4f:cc:5b:68:d2:46:
16:19:86:d0:2d:95:dd:71:41:21:52:31:18:18:3f:bc:8a:95:
41:9a:66:50:b3:a3:90:94:e3:16:bd:ea:57:13:53:f3:80:b1:
15:30:8d:38:21:63:04:c2:15:d8:fa:6c:1a:6b:51:98:8b:9e:
8d:6d:e7:69:f7:21:e2:76:d9:7e:3b:98:08:8d:c1:c3:87:4b:
95:d3:84:53:71:67:91:c7:8b:f4:c5:7e:6c:9b:d7:bc:46:0a:
cc:95:f9:b1:f1:bb:55:ec:6d:51:71:fb:18:f0:3b:3c:c8:2c:
a2:6d:1b:59:ad:d9:e3:ca:96:29:2a:33:59:e8:f9:47:9a:22:
00:1b:9e:5a:db:00:2f:f4:f9:b8:65:92:40:4c:26:ff:1d:96:
86:cb:a9:10:95:54:4f:a3:dd:a3:b9:9d:48:8d:72:d6:ba:d6:
61:c7:69:5b:97:65:6c:42:9a:40:f0:5f:26:b4:6a:36:ed:5d:
23:c2:65:03:1c:93:ab:ff:c9:61:ad:de:1c:2a:b1:67:4c:c7:
70:54:43:77:3b:4e:16:6f:a7:4e:e5:37:da:c4:f7:19:11:11:
59:40:ea:f6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY3UomI5ciATAo4Hr2shAIOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmMGRjMTY1YjdjZDIwOTAyMmIyOTY0ODM0YzQ1ZTc0
ZDIxMmMwHhcNMjQwMjIzMDYyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU3Y2JmN2IxNWYyYTRiYjgwNmVjN2FiOWFlMTI3ODA4ZWU3OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf+Xn/U7aGF84HaZY/9FvQVrnVfj
fy47uI8/cD8Cn1upByn/YquDfMHYtt87pPGplCINnaC7qCV//HzaGsPwQ26p3sIV
rV3jMed0zz+7NUYEeI6s37XkSXmcriOPpyV1EYQaMzXt8y49pFwR6vatjFsd4hQy
sVFU+qe9h/ulP1MyH+gDjybeuGnR4t+YGzz7Pu2H4Q3ByF/cDO2uTAy8Z6R7mW7J
hSAnQnAwFCeoFLBBeE5ho8EWh7bpjR26ias5tqst3GTgLbYtZuHZld51h8TV10Pa
2Rs5xdap0nlp6YNir9ilosFV64mmnuqhiT3O7a567g/LgHRErPwyK0E4swIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA7ny/exXypLuAbsermuEngI7nm3MB8GA1UdIwQY
MBaAFGWW8NwWW3zSCQIrKWSDTEXnTSEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYt
MmQxM2NmOWI0NWMwLzEvRHVmTDk3RmZLa3U0QnV4NnVhNFNlQWp1ZWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYtMmQxM2NmOWI0NWMw
LzEvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAUlmKAD
BAAlmKQwDAMEACWYpwMEASWYrDANBgkqhkiG9w0BAQsFAAOCAQEAZVZ9cOh2hItW
9qYjouDFPhANlN8QMHrTDyc0o91dT8xbaNJGFhmG0C2V3XFBIVIxGBg/vIqVQZpm
ULOjkJTjFr3qVxNT84CxFTCNOCFjBMIV2PpsGmtRmIuejW3nafch4nbZfjuYCI3B
w4dLldOEU3FnkceL9MV+bJvXvEYKzJX5sfG7VextUXH7GPA7PMgsom0bWa3Z48qW
KSozWej5R5oiABueWtsAL/T5uGWSQEwm/x2WhsupEJVUT6Pdo7mdSI1y1rrWYcdp
W5dlbEKaQPBfJrRqNu1dI8JlAxyTq//JYa3eHCqxZ0zHcFRDdztOFm+nTuU32sT3
GRERWUDq9g==
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:20:01 2024 by rpki-client on console-fra.rpki-client.org