Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/odMNYPHIGJx3WQkqz1IZQbBSj8A.roa
File: odMNYPHIGJx3WQkqz1IZQbBSj8A.roa (raw, json)
Hash identifier: yJXYVoWmfm9Xcc8Yu5k6YyDw7VUy3lkqI3wuiHSzyKs=
Subject key identifier: A1:D3:0D:60:F1:C8:18:9C:77:59:09:2A:CF:52:19:41:B0:52:8F:C0
Certificate issuer: /CN=2f1bd749074f6f977265a1d06c3b1d93b1d358cd
Certificate serial: 018CC56EF9FBA71C0505378F978810ECE484
Authority key identifier: 2F:1B:D7:49:07:4F:6F:97:72:65:A1:D0:6C:3B:1D:93:B1:D3:58:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxvXSQdPb5dyZaHQbDsdk7HTWM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/odMNYPHIGJx3WQkqz1IZQbBSj8A.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13231
IP address blocks: 37.9.252.0/24 maxlen: 24
37.9.252.0/23 maxlen: 23
37.9.253.0/24 maxlen: 24
37.9.255.0/24 maxlen: 24
37.9.254.0/23 maxlen: 23
37.9.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/LxvXSQdPb5dyZaHQbDsdk7HTWM0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/LxvXSQdPb5dyZaHQbDsdk7HTWM0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LxvXSQdPb5dyZaHQbDsdk7HTWM0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f9:fb:a7:1c:05:05:37:8f:97:88:10:ec:e4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1bd749074f6f977265a1d06c3b1d93b1d358cd
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1d30d60f1c8189c7759092acf521941b0528fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:02:4a:94:03:35:aa:37:32:45:09:1b:e3:d4:
37:98:1a:bb:5d:b5:5a:c0:1e:81:8c:77:bc:0c:62:
7a:c7:52:a0:9c:41:96:05:bf:7f:d0:87:87:06:af:
37:23:da:ec:12:8d:89:4c:a9:bc:11:1e:fd:87:96:
47:cf:75:05:da:b8:bc:49:cc:b6:f6:be:52:3f:3a:
c8:74:bf:de:2c:7d:d2:03:67:ff:1d:98:a1:19:fa:
4b:13:3c:96:02:f6:2a:4b:5b:83:5e:dd:62:3b:4c:
b4:6c:ba:cb:aa:c4:ce:dd:e3:56:dd:cd:f0:9b:8a:
90:10:67:9e:f0:88:63:8f:db:39:9e:6b:a2:93:2a:
94:7f:ad:35:01:96:e4:7b:d4:74:9b:76:26:b2:f5:
69:7b:2e:b8:84:f5:fb:d2:ae:84:0a:bc:c9:27:86:
3d:5e:81:19:0f:7f:0e:f9:88:50:50:6e:d2:c2:cc:
93:74:b4:62:4f:b6:27:bc:4f:f8:83:fa:53:c8:23:
8e:e3:e2:62:09:0f:e2:d0:4b:3c:39:7e:97:0a:84:
eb:6f:62:75:72:a0:17:5d:a6:58:6d:9a:71:1d:e9:
cb:12:ae:97:6f:22:81:54:45:38:1e:cf:96:6b:1d:
c0:dd:b8:24:51:1c:a9:a4:39:10:83:d4:56:f0:37:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D3:0D:60:F1:C8:18:9C:77:59:09:2A:CF:52:19:41:B0:52:8F:C0
X509v3 Authority Key Identifier:
keyid:2F:1B:D7:49:07:4F:6F:97:72:65:A1:D0:6C:3B:1D:93:B1:D3:58:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxvXSQdPb5dyZaHQbDsdk7HTWM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/odMNYPHIGJx3WQkqz1IZQbBSj8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/46b155-8f43-4df2-8b81-5fa287d545e8/1/LxvXSQdPb5dyZaHQbDsdk7HTWM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:37:8b:02:cc:58:00:72:ec:15:9e:65:1c:56:5a:98:00:5e:
69:db:a9:e1:47:9e:ea:e4:dd:81:52:ce:77:e1:10:2c:5b:90:
9c:aa:d5:dc:05:5c:6b:6c:66:d1:de:84:fc:85:a8:c2:d1:95:
3d:32:eb:22:bf:7b:ee:6e:6b:2b:40:ea:6d:7c:8e:5d:17:d0:
38:6c:8f:51:4a:dc:76:33:07:e6:38:c0:45:98:01:66:bb:16:
5a:77:3c:c7:b3:cb:b0:f3:65:4c:37:cc:ae:80:99:dd:b0:9e:
d8:81:7a:37:29:70:84:9d:97:9d:69:4a:7b:ee:42:3a:5c:c5:
55:11:52:da:5e:b7:29:f6:91:7a:6f:a4:2e:c3:bb:74:25:4a:
f9:d6:6b:5a:d6:0e:e0:ac:68:5b:9b:80:6e:2b:e0:3a:f0:12:
f5:4c:19:87:8a:7a:d1:19:19:80:8d:41:c7:c9:e7:45:a7:ea:
0b:39:ea:c6:54:2a:ec:e7:7d:db:5e:40:0a:53:fc:9b:d1:7a:
35:77:db:29:e1:2c:50:42:46:ec:12:7d:23:51:a4:2e:37:86:
1f:16:f1:70:df:4f:a2:dd:cd:2e:c2:c0:5d:5b:84:8b:fa:7b:
6a:3e:bf:1b:f5:b2:23:2a:aa:51:7d:df:8b:0f:3d:d6:b8:db:
c6:7f:11:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvn7pxwFBTePl4gQ7OSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWJkNzQ5MDc0ZjZmOTc3MjY1YTFkMDZjM2IxZDkzYjFk
MzU4Y2QwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQzMGQ2MGYxYzgxODljNzc1OTA5MmFjZjUyMTk0MWIwNTI4ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAJKlAM1qjcyRQkb49Q3mBq7XbVa
wB6BjHe8DGJ6x1KgnEGWBb9/0IeHBq83I9rsEo2JTKm8ER79h5ZHz3UF2ri8Scy2
9r5SPzrIdL/eLH3SA2f/HZihGfpLEzyWAvYqS1uDXt1iO0y0bLrLqsTO3eNW3c3w
m4qQEGee8Ihjj9s5nmuikyqUf601AZbke9R0m3YmsvVpey64hPX70q6ECrzJJ4Y9
XoEZD38O+YhQUG7SwsyTdLRiT7YnvE/4g/pTyCOO4+JiCQ/i0Es8OX6XCoTrb2J1
cqAXXaZYbZpxHenLEq6XbyKBVEU4Hs+Wax3A3bgkURyppDkQg9RW8Del8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHTDWDxyBicd1kJKs9SGUGwUo/AMB8GA1UdIwQY
MBaAFC8b10kHT2+XcmWh0Gw7HZOx01jNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHh2WFNRZFBiNWR5WmFIUWJEc2RrN0hUV00wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy80NmIxNTUtOGY0My00ZGYyLThiODEt
NWZhMjg3ZDU0NWU4LzEvb2RNTllQSElHSngzV1FrcXoxSVpRYkJTajhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy80NmIxNTUtOGY0My00ZGYyLThiODEtNWZhMjg3ZDU0NWU4
LzEvTHh2WFNRZFBiNWR5WmFIUWJEc2RrN0hUV00wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJQn8MA0G
CSqGSIb3DQEBCwUAA4IBAQCwN4sCzFgAcuwVnmUcVlqYAF5p26nhR57q5N2BUs53
4RAsW5CcqtXcBVxrbGbR3oT8hajC0ZU9Musiv3vubmsrQOptfI5dF9A4bI9RStx2
MwfmOMBFmAFmuxZadzzHs8uw82VMN8yugJndsJ7YgXo3KXCEnZedaUp77kI6XMVV
EVLaXrcp9pF6b6Quw7t0JUr51mta1g7grGhbm4BuK+A68BL1TBmHinrRGRmAjUHH
yedFp+oLOerGVCrs533bXkAKU/yb0Xo1d9sp4SxQQkbsEn0jUaQuN4YfFvFw30+i
3c0uwsBdW4SL+ntqPr8b9bIjKqpRfd+LDz3WuNvGfxFf
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:34 2024 by rpki-client on console-ams.rpki-client.org