Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/N-pyI5F-x0GGXUe8Wk5BxR4LMhA.roa
File: N-pyI5F-x0GGXUe8Wk5BxR4LMhA.roa (raw, json)
Hash identifier: qAePT6DnTxf5Yf4WpxFRpRjO5qXqMTxxSELYuVVQh6g=
Subject key identifier: 37:EA:72:23:91:7E:C7:41:86:5D:47:BC:5A:4E:41:C5:1E:0B:32:10
Certificate issuer: /CN=c66261c339c5edf8d8c483f08e46b8480a805ef1
Certificate serial: 018CC8DE7C6C769663FCD4B6EC120BAE4DD7
Authority key identifier: C6:62:61:C3:39:C5:ED:F8:D8:C4:83:F0:8E:46:B8:48:0A:80:5E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJhwznF7fjYxIPwjka4SAqAXvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/N-pyI5F-x0GGXUe8Wk5BxR4LMhA.roa
Signing time: Tue 02 Jan 2024 06:31:13 +0000
ROA not before: Tue 02 Jan 2024 06:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202844
IP address blocks: 185.151.208.0/22 maxlen: 22
185.151.208.0/23 maxlen: 23
185.151.210.0/23 maxlen: 23
2a0e:e640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/xmJhwznF7fjYxIPwjka4SAqAXvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/xmJhwznF7fjYxIPwjka4SAqAXvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJhwznF7fjYxIPwjka4SAqAXvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:7c:6c:76:96:63:fc:d4:b6:ec:12:0b:ae:4d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66261c339c5edf8d8c483f08e46b8480a805ef1
Validity
Not Before: Jan 2 06:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37ea7223917ec741865d47bc5a4e41c51e0b3210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:29:68:8c:b1:2c:6f:e0:0e:09:2e:e3:eb:a6:
bc:27:9e:33:05:17:cd:dd:90:0e:1c:6d:af:d6:14:
94:90:94:a4:a7:3e:05:5b:f4:e2:0d:00:e7:50:2f:
e5:eb:77:18:f4:3e:2f:e8:6c:43:2f:19:e0:1b:59:
29:a9:e2:96:f1:9d:b7:64:9f:d6:48:67:df:35:ba:
94:cc:5f:14:d0:51:86:06:8a:3b:87:fc:b3:d7:90:
67:c6:8f:63:59:a1:e8:4c:17:dd:ae:03:af:e7:3c:
d0:f4:c4:3c:d5:78:83:c6:b7:5f:ee:9f:82:7e:92:
2e:58:43:d4:7a:a9:c9:d4:fb:ab:f4:fe:fd:a7:60:
cf:ed:9a:2e:1f:65:2b:0c:eb:2f:96:91:8a:3c:34:
f3:e5:75:c8:39:67:6c:41:ff:f0:af:60:b9:f6:6f:
e6:9e:f5:56:f3:c2:6f:cf:aa:ff:2f:66:3b:b7:8b:
98:50:47:08:14:70:f7:ee:fd:fd:a0:07:a7:9d:55:
94:93:56:24:e9:4c:69:e6:91:ae:1e:43:fd:c2:a9:
93:71:5e:b2:53:b4:eb:f3:a4:47:d6:5b:1b:6d:6c:
1c:eb:b7:bc:94:d6:3b:10:ce:f6:ae:51:f5:cb:7a:
d8:f3:23:ff:8b:2e:0c:1b:c2:71:0e:ab:43:cf:ed:
e7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:EA:72:23:91:7E:C7:41:86:5D:47:BC:5A:4E:41:C5:1E:0B:32:10
X509v3 Authority Key Identifier:
keyid:C6:62:61:C3:39:C5:ED:F8:D8:C4:83:F0:8E:46:B8:48:0A:80:5E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJhwznF7fjYxIPwjka4SAqAXvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/N-pyI5F-x0GGXUe8Wk5BxR4LMhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/xmJhwznF7fjYxIPwjka4SAqAXvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.208.0/22
IPv6:
2a0e:e640::/29
Signature Algorithm: sha256WithRSAEncryption
4d:de:72:35:e4:22:57:25:ca:d2:e3:39:32:26:d8:f5:6f:57:
9d:16:8d:a6:88:2a:25:09:fe:ae:b3:73:18:28:67:37:f1:6b:
c3:02:5e:b5:07:97:7f:f1:c5:88:0e:42:79:a0:b0:fe:9b:6c:
01:3b:cb:98:ba:55:52:8e:79:91:c6:90:cf:5a:05:32:db:c3:
ae:0a:fa:4a:31:60:5a:2d:9d:50:0e:82:c1:b0:24:31:d3:41:
0c:89:4d:fc:c6:6b:36:02:50:79:df:e3:09:21:d5:10:73:2b:
18:67:4a:47:1d:86:5c:32:4e:15:16:4b:a5:af:53:25:26:af:
87:97:00:24:06:6d:c7:83:35:dc:5d:07:4e:d6:fa:a1:06:7a:
b6:a8:05:69:69:51:ce:b5:83:6d:cb:3e:3f:98:fa:7e:b2:57:
2a:8f:4e:85:9c:60:8b:a8:92:38:dc:b2:2e:f3:b8:1c:70:96:
f6:1b:55:75:3e:a6:86:79:63:b8:99:69:77:ce:be:26:39:a9:
08:09:e6:fa:5f:16:69:9b:fd:37:14:d6:5f:7f:fc:1f:6d:50:
65:dd:06:c8:f8:53:fc:50:9d:b4:05:69:54:c6:2e:58:46:55:
a0:dd:7a:48:10:00:76:50:96:d5:36:74:8c:71:ff:99:42:21:
8d:2b:0a:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3nxsdpZj/NS27BILrk3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2MWMzMzljNWVkZjhkOGM0ODNmMDhlNDZiODQ4MGE4
MDVlZjEwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2VhNzIyMzkxN2VjNzQxODY1ZDQ3YmM1YTRlNDFjNTFlMGIzMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhClojLEsb+AOCS7j66a8J54zBRfN
3ZAOHG2v1hSUkJSkpz4FW/TiDQDnUC/l63cY9D4v6GxDLxngG1kpqeKW8Z23ZJ/W
SGffNbqUzF8U0FGGBoo7h/yz15Bnxo9jWaHoTBfdrgOv5zzQ9MQ81XiDxrdf7p+C
fpIuWEPUeqnJ1Pur9P79p2DP7ZouH2UrDOsvlpGKPDTz5XXIOWdsQf/wr2C59m/m
nvVW88Jvz6r/L2Y7t4uYUEcIFHD37v39oAennVWUk1Yk6Uxp5pGuHkP9wqmTcV6y
U7Tr86RH1lsbbWwc67e8lNY7EM72rlH1y3rY8yP/iy4MG8JxDqtDz+3neQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDfqciORfsdBhl1HvFpOQcUeCzIQMB8GA1UdIwQY
MBaAFMZiYcM5xe342MSD8I5GuEgKgF7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KaHd6bkY3ZmpZeElQd2prYTRTQXFBWHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MjU5NTItN2FmYi00NDNkLWFmMGEt
NzdjM2UxYzhmNmRlLzEvTi1weUk1Ri14MEdHWFVlOFdrNUJ4UjRMTWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MjU5NTItN2FmYi00NDNkLWFmMGEtNzdjM2UxYzhmNmRl
LzEveG1KaHd6bkY3ZmpZeElQd2prYTRTQXFBWHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZfQMA0E
AgACMAcDBQMqDuZAMA0GCSqGSIb3DQEBCwUAA4IBAQBN3nI15CJXJcrS4zkyJtj1
b1edFo2miColCf6us3MYKGc38WvDAl61B5d/8cWIDkJ5oLD+m2wBO8uYulVSjnmR
xpDPWgUy28OuCvpKMWBaLZ1QDoLBsCQx00EMiU38xms2AlB53+MJIdUQcysYZ0pH
HYZcMk4VFkulr1MlJq+HlwAkBm3HgzXcXQdO1vqhBnq2qAVpaVHOtYNtyz4/mPp+
slcqj06FnGCLqJI43LIu87gccJb2G1V1PqaGeWO4mWl3zr4mOakICeb6XxZpm/03
FNZff/wfbVBl3QbI+FP8UJ20BWlUxi5YRlWg3XpIEAB2UJbVNnSMcf+ZQiGNKwq/
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:36:27 2024 by rpki-client on console-fra.rpki-client.org