Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/L1fmWXHbcRNn6kbffm07GWc1Qqc.roa
File: L1fmWXHbcRNn6kbffm07GWc1Qqc.roa (raw, json)
Hash identifier: lCT4aa3w9gIXIumA7avgN0ka/y6fIGnQ25uZSK6ypmM=
Subject key identifier: 2F:57:E6:59:71:DB:71:13:67:EA:46:DF:7E:6D:3B:19:67:35:42:A7
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0192D7895EC0AC71246C5DEEAC736BBEAC08
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/L1fmWXHbcRNn6kbffm07GWc1Qqc.roa
Signing time: Tue 29 Oct 2024 09:09:17 +0000
ROA not before: Tue 29 Oct 2024 09:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202468
IP address blocks: 37.32.0.0/19 maxlen: 24
37.152.176.0/20 maxlen: 24
94.101.176.0/20 maxlen: 24
185.97.116.0/22 maxlen: 24
185.143.232.0/22 maxlen: 24
185.206.92.0/22 maxlen: 24
185.220.224.0/22 maxlen: 24
185.226.116.0/22 maxlen: 24
185.228.236.0/22 maxlen: 24
185.231.180.0/22 maxlen: 24
185.239.104.0/22 maxlen: 24
188.121.96.0/19 maxlen: 24
193.176.240.0/22 maxlen: 24
2a07:3900::/29 maxlen: 48
2a0c:a7c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:89:5e:c0:ac:71:24:6c:5d:ee:ac:73:6b:be:ac:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Oct 29 09:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f57e65971db711367ea46df7e6d3b19673542a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:88:74:9e:0d:27:a7:6e:63:6f:cb:a0:5c:da:
94:3f:55:fa:43:8b:a3:c5:ff:56:5f:04:09:b0:d4:
b9:93:1a:3f:4d:85:4b:11:8f:3c:ca:7d:04:3b:b7:
9b:b4:84:c9:2a:a0:c3:90:81:ec:9a:42:2f:a5:da:
f7:fb:38:f9:ee:0a:14:ca:55:91:2c:4a:9c:28:08:
8b:8b:70:15:0b:82:f5:93:79:37:9c:88:5b:eb:de:
49:58:7f:5e:41:81:cb:8f:83:b0:6f:e9:d7:53:ee:
03:54:bb:4d:49:ef:e3:da:7e:89:22:90:87:5e:ea:
7f:38:f6:2e:12:21:15:4d:5f:df:fe:e4:23:17:0b:
e1:f4:6f:b6:26:f6:ca:40:7f:d3:81:d3:f6:b6:ae:
3b:60:a7:9c:9a:61:3a:f2:32:85:90:3d:2d:98:1c:
0c:15:cb:d8:ab:22:40:74:63:09:f3:4a:30:6c:76:
91:c4:33:cb:17:47:b6:03:f5:04:20:36:b8:c4:3e:
c4:a1:dc:7d:1d:82:29:ca:f9:61:ce:c1:9b:f0:0b:
b3:69:4a:7c:f5:10:30:5d:dd:d0:c6:8a:c1:81:e4:
78:b3:8e:f6:87:c0:bd:38:41:df:82:b2:26:93:65:
44:f4:b5:25:6e:8d:6d:31:89:a8:38:30:00:70:06:
84:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:57:E6:59:71:DB:71:13:67:EA:46:DF:7E:6D:3B:19:67:35:42:A7
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/L1fmWXHbcRNn6kbffm07GWc1Qqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.0.0/19
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:4a:a5:f8:b4:c9:fc:0c:f6:2c:fe:21:f6:9b:b4:89:a7:c4:
f4:09:e0:65:f9:ba:19:10:83:8e:96:b7:52:ac:57:cc:cf:6b:
8a:b3:02:b0:89:c6:d2:55:fa:d1:ac:99:06:e7:88:07:af:d9:
6d:78:4a:21:7e:4e:ac:6f:5d:a9:83:79:74:5f:e2:53:c8:d3:
53:6c:d0:a9:1c:b0:e3:35:59:c1:d2:b8:7f:ed:64:72:62:7d:
42:a6:92:f1:db:48:77:ed:d3:41:e6:5f:6b:87:8a:f0:ff:56:
7e:1c:49:6a:69:08:bb:c0:f9:4b:72:5d:05:82:72:37:93:bc:
46:05:b1:c9:b6:b7:00:24:e0:fc:11:b0:3b:4d:30:82:66:cc:
60:97:ee:4f:5d:5f:33:d7:87:27:80:31:5e:6f:e8:d0:c8:38:
57:28:35:79:99:7c:94:0d:8b:a5:c4:9d:0d:f4:89:3c:67:ed:
db:1c:c6:5a:16:ae:fe:53:2f:68:55:7e:76:f9:71:54:f3:1c:
c9:1b:e3:9d:6f:1a:75:8e:ee:1e:14:9f:b4:53:24:ed:65:94:
ee:69:ea:d0:b4:0e:60:75:53:5d:76:a8:ea:5f:ad:e7:db:9f:
95:9d:d9:4f:5e:55:b0:e3:81:eb:fd:af:b0:e3:83:df:01:f8:
07:83:d5:c3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZLXiV7ArHEkbF3urHNrvqwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQxMDI5MDkwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU3ZTY1OTcxZGI3MTEzNjdlYTQ2ZGY3ZTZkM2IxOTY3MzU0MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoh0ng0np25jb8ugXNqUP1X6Q4uj
xf9WXwQJsNS5kxo/TYVLEY88yn0EO7ebtITJKqDDkIHsmkIvpdr3+zj57goUylWR
LEqcKAiLi3AVC4L1k3k3nIhb695JWH9eQYHLj4Owb+nXU+4DVLtNSe/j2n6JIpCH
Xup/OPYuEiEVTV/f/uQjFwvh9G+2JvbKQH/TgdP2tq47YKecmmE68jKFkD0tmBwM
FcvYqyJAdGMJ80owbHaRxDPLF0e2A/UEIDa4xD7Eodx9HYIpyvlhzsGb8AuzaUp8
9RAwXd3QxorBgeR4s472h8C9OEHfgrImk2VE9LUlbo1tMYmoODAAcAaEOQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFC9X5llx23ETZ+pG335tOxlnNUKnMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvTDFmbVdYSGJjUk5uNmtiZmZtMDdHV2MxUXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQFJSAAAwQE
JZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0AwQCueTsAwQC
uee0AwQCue9oAwQFvHlgAwQCwbDwMBQEAgACMA4DBQMqBzkAAwUDKgynwDANBgkq
hkiG9w0BAQsFAAOCAQEAAEql+LTJ/Az2LP4h9pu0iafE9AngZfm6GRCDjpa3UqxX
zM9rirMCsInG0lX60ayZBueIB6/ZbXhKIX5OrG9dqYN5dF/iU8jTU2zQqRyw4zVZ
wdK4f+1kcmJ9QqaS8dtId+3TQeZfa4eK8P9WfhxJamkIu8D5S3JdBYJyN5O8RgWx
yba3ACTg/BGwO00wgmbMYJfuT11fM9eHJ4AxXm/o0Mg4Vyg1eZl8lA2LpcSdDfSJ
PGft2xzGWhau/lMvaFV+dvlxVPMcyRvjnW8adY7uHhSftFMk7WWU7mnq0LQOYHVT
XXao6l+t59uflZ3ZT15VsOOB6/2vsOOD3wH4B4PVww==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:25:23 2024 by rpki-client on console-ams.rpki-client.org