Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/4Ep6LzCZepxLmvyry8Dd7BhaK7Q.roa
File: 4Ep6LzCZepxLmvyry8Dd7BhaK7Q.roa (raw, json)
Hash identifier: HIlLExmQbcfsoh4n7pfOk/3ZEiwG0+pMK5HBLqPAqFo=
Subject key identifier: E0:4A:7A:2F:30:99:7A:9C:4B:9A:FC:AB:CB:C0:DD:EC:18:5A:2B:B4
Certificate issuer: /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial: 018CC79509C54A23653A5B73B8BE097876CE
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/4Ep6LzCZepxLmvyry8Dd7BhaK7Q.roa
Signing time: Tue 02 Jan 2024 00:31:22 +0000
ROA not before: Tue 02 Jan 2024 00:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58318
IP address blocks: 37.130.196.0/24 maxlen: 24
37.130.199.0/24 maxlen: 24
37.130.198.0/24 maxlen: 24
37.130.197.0/24 maxlen: 24
2a04:dc0::/48 maxlen: 48
2a04:dc1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:09:c5:4a:23:65:3a:5b:73:b8:be:09:78:76:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Validity
Not Before: Jan 2 00:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e04a7a2f30997a9c4b9afcabcbc0ddec185a2bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6c:dd:93:a0:34:59:b1:04:18:42:3b:11:f1:
96:27:b8:5d:36:0d:9c:96:63:b3:7f:bf:b7:0a:f4:
0a:6f:51:8c:dc:16:43:a4:1a:c0:13:c7:63:a7:0a:
9c:4d:ef:09:ad:17:17:33:89:57:31:9a:46:cd:1d:
fa:97:a6:87:54:3a:fa:13:7f:0c:bb:5a:4e:66:84:
40:99:18:ec:77:9e:d2:9b:45:7b:ea:99:74:68:16:
0d:26:81:73:69:3d:d0:59:f7:71:45:8f:74:6a:03:
b7:61:41:dc:a0:6e:11:1d:9d:18:c9:82:09:25:49:
1a:fb:ae:12:98:b1:e0:83:5c:42:15:9b:fb:41:af:
74:19:b7:8b:ca:08:6f:b7:d7:70:78:e0:db:72:e2:
cb:52:36:d7:c7:f8:6c:b3:ae:26:49:e0:29:2a:eb:
71:8d:74:51:24:b7:9c:69:8c:aa:b6:c9:6c:8c:39:
7e:c3:ca:7a:b9:7d:dd:33:a9:a5:a7:8f:90:e8:14:
af:e3:ab:76:85:11:13:11:91:2e:f7:67:5a:0c:4a:
b2:20:2c:df:e4:27:25:c5:fa:39:1d:c7:7d:1e:ba:
13:86:a3:29:ef:44:3c:af:ad:4f:49:53:79:fa:b4:
14:4e:87:ba:d1:a9:08:9a:a0:86:d0:c5:73:fa:ff:
08:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4A:7A:2F:30:99:7A:9C:4B:9A:FC:AB:CB:C0:DD:EC:18:5A:2B:B4
X509v3 Authority Key Identifier:
keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/4Ep6LzCZepxLmvyry8Dd7BhaK7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.196.0/22
IPv6:
2a04:dc0::/48
2a04:dc1::/48
Signature Algorithm: sha256WithRSAEncryption
68:3a:98:c5:7b:7f:b1:47:7a:03:7f:c8:22:b6:bf:53:5a:1c:
5a:19:1f:77:4e:f2:87:eb:e2:0e:6e:2e:8f:ed:02:40:0b:8a:
e8:ba:34:0f:0f:b8:6b:d0:0c:71:84:b8:91:e8:f8:dd:6a:3e:
46:6b:7e:65:b5:69:7f:35:c6:9a:4a:ba:e8:d9:c0:aa:58:e8:
2b:19:e1:58:09:f2:90:43:fd:1c:93:4a:16:53:33:ba:a6:ae:
96:ef:66:9f:65:40:4c:20:9e:0f:4c:16:b3:25:ce:71:1a:64:
61:fb:66:03:dd:9d:92:dc:de:2e:b6:d1:a3:e2:08:d5:ca:74:
89:50:a2:ea:0b:08:50:72:d3:0e:13:ea:d8:df:99:f9:36:70:
80:1e:ea:9f:6d:40:b2:61:0f:2a:f4:e8:8c:03:8b:c0:4b:ad:
8c:10:47:f6:4c:10:ed:e5:12:c1:66:ff:fb:0f:c5:b8:34:25:
be:ab:74:df:96:c2:7e:4b:77:b5:f6:54:97:00:f3:49:43:e0:
f6:4d:07:87:02:8f:2d:43:24:82:c4:45:d1:7f:ea:21:5e:50:
84:88:85:25:4a:03:b9:57:22:d4:60:96:c4:9a:79:80:e9:22:
c1:c2:7c:c0:56:e8:83:dd:12:02:2a:6c:03:a7:61:e6:2e:1c:
22:1f:aa:69
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHlQnFSiNlOltzuL4JeHbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDNiMGVjNzk5NTFkNWQ1NTgwMTMzZTUzMjlhOTBmMmZl
ZTFjNWIwHhcNMjQwMTAyMDAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRhN2EyZjMwOTk3YTljNGI5YWZjYWJjYmMwZGRlYzE4NWEyYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2zdk6A0WbEEGEI7EfGWJ7hdNg2c
lmOzf7+3CvQKb1GM3BZDpBrAE8djpwqcTe8JrRcXM4lXMZpGzR36l6aHVDr6E38M
u1pOZoRAmRjsd57Sm0V76pl0aBYNJoFzaT3QWfdxRY90agO3YUHcoG4RHZ0YyYIJ
JUka+64SmLHgg1xCFZv7Qa90GbeLyghvt9dweODbcuLLUjbXx/hss64mSeApKutx
jXRRJLecaYyqtslsjDl+w8p6uX3dM6mlp4+Q6BSv46t2hRETEZEu92daDEqyICzf
5Cclxfo5Hcd9HroThqMp70Q8r61PSVN5+rQUToe60akImqCG0MVz+v8IkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOBKei8wmXqcS5r8q8vA3ewYWiu0MB8GA1UdIwQY
MBaAFH1DsOx5lR1dVYATPlMpqQ8v7hxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgt
OTNhNjE5MmIxNzg1LzEvNEVwNkx6Q1plcHhMbXZ5cnk4RGQ3QmhhSzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgtOTNhNjE5MmIxNzg1
LzEvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCJYLEMBgE
AgACMBIDBwAqBA3AAAADBwAqBA3BAAAwDQYJKoZIhvcNAQELBQADggEBAGg6mMV7
f7FHegN/yCK2v1NaHFoZH3dO8ofr4g5uLo/tAkALiui6NA8PuGvQDHGEuJHo+N1q
PkZrfmW1aX81xppKuujZwKpY6CsZ4VgJ8pBD/RyTShZTM7qmrpbvZp9lQEwgng9M
FrMlznEaZGH7ZgPdnZLc3i620aPiCNXKdIlQouoLCFBy0w4T6tjfmfk2cIAe6p9t
QLJhDyr06IwDi8BLrYwQR/ZMEO3lEsFm//sPxbg0Jb6rdN+Wwn5Ld7X2VJcA80lD
4PZNB4cCjy1DJILERdF/6iFeUISIhSVKA7lXItRglsSaeYDpIsHCfMBW6IPdEgIq
bAOnYeYuHCIfqmk=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:06:29 2024 by rpki-client on console-fra.rpki-client.org