Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa
File: H59b5Oo8ObpV-FWMdiBdaxh75w8.roa (raw, json)
Hash identifier: HnBpVO/+rwm+y+C6RmLuibg0PfAiPxGRaso4rDbgVSY=
Subject key identifier: 1F:9F:5B:E4:EA:3C:39:BA:55:F8:55:8C:76:20:5D:6B:18:7B:E7:0F
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 018DDABA721F8D8149665F2CCBE3EE62B45C
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa
Signing time: Sat 24 Feb 2024 10:47:48 +0000
ROA not before: Sat 24 Feb 2024 10:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57862
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/23 maxlen: 23
37.122.153.0/24 maxlen: 24
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:ba:72:1f:8d:81:49:66:5f:2c:cb:e3:ee:62:b4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Feb 24 10:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f9f5be4ea3c39ba55f8558c76205d6b187be70f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4a:43:a3:c3:85:4c:eb:b2:23:29:8f:3c:45:
3f:19:fb:cb:70:a5:05:a2:83:8c:b5:be:f6:a1:2d:
7e:07:fe:8c:a0:79:a0:59:b4:41:ad:08:e9:6e:b4:
ce:0a:c9:66:03:71:8f:45:ed:e4:a7:88:7d:64:e6:
57:75:69:95:c4:43:1d:ba:2a:b0:0d:a1:25:21:79:
bc:94:30:b9:6f:0b:94:b7:6f:4a:22:ab:d0:47:21:
4b:eb:1b:95:70:2d:b7:e9:14:84:b5:b3:5f:08:cd:
97:b5:98:91:a3:5c:1c:bc:d8:31:00:43:91:ff:68:
66:4d:4b:54:62:1f:16:b8:62:5f:4d:37:69:08:09:
13:c6:c1:70:89:1f:c3:e0:31:c2:71:13:f5:84:ec:
8c:65:32:51:e7:2a:d1:d3:8c:a0:83:5c:d6:d5:fd:
07:c8:46:a3:ca:af:3e:83:92:72:29:b9:73:fa:e3:
47:4c:96:88:a7:0e:bb:81:68:dc:39:c2:06:94:bb:
93:8a:ba:b9:d2:44:e1:f7:ab:d4:23:e4:b7:38:e6:
1a:e7:85:f5:0a:80:ff:e5:4f:12:18:71:7c:c6:c5:
e8:a8:52:bd:2b:b0:97:59:60:5a:21:54:da:21:b0:
20:7f:77:00:a2:ab:5b:2c:a5:15:c8:60:80:2c:f1:
8c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9F:5B:E4:EA:3C:39:BA:55:F8:55:8C:76:20:5D:6B:18:7B:E7:0F
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.156.255
Signature Algorithm: sha256WithRSAEncryption
03:ac:d6:d0:ae:0e:53:3c:af:93:43:fc:50:d7:fc:a7:55:33:
c7:6f:8b:73:d6:e0:fc:06:13:6c:a8:20:23:9a:dd:63:85:0c:
fa:9f:c3:2c:7f:1d:94:5d:27:d1:49:fa:65:d5:93:e0:c6:41:
60:c9:5c:3c:00:af:09:6d:fd:bb:8c:db:5f:69:3a:cb:c5:a8:
8c:67:98:6b:b4:5c:5a:4b:4f:0c:78:c0:b8:75:ef:9c:c9:d5:
93:b3:c2:51:b9:e2:8a:2b:52:b5:7b:10:78:24:f1:4a:c3:72:
e2:9b:84:d8:ac:de:ec:bc:e9:4d:79:72:63:12:b8:49:f3:5e:
60:74:f8:ff:cd:49:33:08:71:f0:9a:1a:33:48:86:eb:c2:42:
5a:b5:71:cb:47:0c:2f:91:b7:30:77:57:39:d5:63:c8:0e:0d:
86:77:2e:eb:26:38:51:e0:f5:91:7d:08:72:b1:ec:87:ca:5f:
14:a4:94:81:79:c5:d0:05:46:e8:85:29:c9:1c:1d:4b:bd:aa:
54:0a:29:d1:a0:d7:08:b0:39:8c:fc:c1:68:ef:ad:1b:f0:1f:
40:b0:84:5b:65:4c:b6:21:ef:59:e5:46:20:da:93:87:e5:96:
c1:e5:c2:fb:1d:7d:fc:2d:bb:b4:fb:22:2b:59:8a:d4:c4:7e:
f5:46:12:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3aunIfjYFJZl8sy+PuYrRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwMjI0MTA0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjlmNWJlNGVhM2MzOWJhNTVmODU1OGM3NjIwNWQ2YjE4N2JlNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkpDo8OFTOuyIymPPEU/GfvLcKUF
ooOMtb72oS1+B/6MoHmgWbRBrQjpbrTOCslmA3GPRe3kp4h9ZOZXdWmVxEMduiqw
DaElIXm8lDC5bwuUt29KIqvQRyFL6xuVcC236RSEtbNfCM2XtZiRo1wcvNgxAEOR
/2hmTUtUYh8WuGJfTTdpCAkTxsFwiR/D4DHCcRP1hOyMZTJR5yrR04ygg1zW1f0H
yEajyq8+g5JyKblz+uNHTJaIpw67gWjcOcIGlLuTirq50kTh96vUI+S3OOYa54X1
CoD/5U8SGHF8xsXoqFK9K7CXWWBaIVTaIbAgf3cAoqtbLKUVyGCALPGMXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB+fW+TqPDm6VfhVjHYgXWsYe+cPMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvSDU5YjVPbzhPYnBWLUZXTWRpQmRheGg3NXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAAOs1tCuDlM8r5ND/FDX/KdVM8dvi3PW
4PwGE2yoICOa3WOFDPqfwyx/HZRdJ9FJ+mXVk+DGQWDJXDwArwlt/buM219pOsvF
qIxnmGu0XFpLTwx4wLh175zJ1ZOzwlG54oorUrV7EHgk8UrDcuKbhNis3uy86U15
cmMSuEnzXmB0+P/NSTMIcfCaGjNIhuvCQlq1cctHDC+RtzB3VznVY8gODYZ3Lusm
OFHg9ZF9CHKx7IfKXxSklIF5xdAFRuiFKckcHUu9qlQKKdGg1wiwOYz8wWjvrRvw
H0CwhFtlTLYh71nlRiDak4fllsHlwvsdffwtu7T7IitZitTEfvVGErk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 08:14:53 2024 by rpki-client on console-ams.rpki-client.org