Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/V0nHPv28e8UbA9z44BJPdKnMgAQ.roa
File: V0nHPv28e8UbA9z44BJPdKnMgAQ.roa (raw, json)
Hash identifier: dENw+EmclwIcgbZM6WOaXwolcrXsH1SUlJrsMEOB3ls=
Subject key identifier: 57:49:C7:3E:FD:BC:7B:C5:1B:03:DC:F8:E0:12:4F:74:A9:CC:80:04
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 018CC7953AAD07BD27E3FF4CBAF45F052230
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/V0nHPv28e8UbA9z44BJPdKnMgAQ.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51691
IP address blocks: 37.16.96.0/20 maxlen: 23
178.213.232.0/21 maxlen: 21
37.16.112.0/20 maxlen: 20
178.213.239.0/24 maxlen: 24
2a00:4cc1::/32 maxlen: 48
2a00:4cc1:2501::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3a:ad:07:bd:27:e3:ff:4c:ba:f4:5f:05:22:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5749c73efdbc7bc51b03dcf8e0124f74a9cc8004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:09:98:5b:ae:9a:cb:3b:ed:37:9e:66:3a:18:
d8:b9:de:0d:76:fa:b6:64:e9:6a:c1:9f:90:5f:0c:
79:d3:ae:f3:72:a1:00:76:b9:33:ff:2b:fa:88:01:
0d:3b:b6:c9:05:ac:de:a7:c4:b1:cb:df:9c:d4:9c:
79:0e:e5:98:8d:57:a9:f4:fb:c9:a2:0b:95:70:44:
54:99:f3:26:25:86:8e:49:b7:79:e1:5f:19:9d:01:
33:ca:0d:4f:c6:5b:78:85:b9:3e:f8:60:48:b1:ec:
84:39:cb:15:3d:7b:47:07:b2:ce:b3:ff:ee:ac:bd:
a5:3b:95:cf:89:6f:15:95:30:08:8f:3b:5d:da:cc:
d9:97:ec:ab:7d:c7:ce:07:f5:3d:1c:3c:aa:b5:a7:
5a:af:a3:0f:0b:56:53:a4:76:d4:63:35:a7:bb:a9:
70:24:fb:e1:9e:84:58:ed:6d:ae:ad:92:73:2a:56:
f3:f2:b6:c4:b6:b7:ca:d9:37:4c:c2:ad:23:06:3b:
6c:09:d3:f9:c8:f3:58:e5:9d:65:7f:04:58:ec:d1:
64:03:06:86:13:62:dd:33:52:9e:42:26:fc:43:5d:
03:c8:90:17:b5:d9:39:c2:3a:82:91:b9:c8:d5:8b:
90:c3:e5:cc:9f:01:e4:90:7a:96:4f:2b:fd:d7:1b:
12:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:49:C7:3E:FD:BC:7B:C5:1B:03:DC:F8:E0:12:4F:74:A9:CC:80:04
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/V0nHPv28e8UbA9z44BJPdKnMgAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc1::/32
Signature Algorithm: sha256WithRSAEncryption
5e:98:85:a6:9f:98:1e:60:97:f5:f7:58:eb:5c:bb:f9:46:6f:
23:bb:9a:ca:76:57:71:3e:d9:5b:91:ed:68:66:99:d0:aa:30:
a0:f0:cd:7e:bc:5c:34:e8:bb:dc:62:cf:e3:47:46:c9:0a:7b:
a0:ce:97:95:cb:99:a8:71:76:19:2e:fd:48:c7:73:d3:64:14:
b9:64:92:1f:91:18:1d:b8:0a:7b:74:0e:34:22:af:87:ed:c3:
02:6c:a1:fd:a7:b9:3e:3c:9a:77:d9:e7:07:c3:58:a6:0a:d4:
87:e1:d5:be:04:cb:6d:0d:7e:a4:b6:d4:ed:59:e2:30:15:4a:
f3:ff:41:be:99:d8:7b:64:b4:e5:5c:bb:66:b8:a6:ee:6d:b8:
4f:a0:d0:2b:4b:99:c8:fd:91:7a:57:23:1f:12:b6:50:ce:2f:
48:0f:6e:ce:fe:62:7e:de:87:2c:f5:41:ab:17:1a:79:bc:46:
94:49:d0:ee:ac:5b:8b:ca:67:f8:22:0c:00:9f:85:78:07:a8:
55:46:95:08:c3:9f:3b:c7:3b:48:2c:7f:e3:df:51:3d:59:da:
38:21:f2:b9:83:bb:df:8c:89:f6:bf:a6:89:05:b6:ce:c4:d6:
df:01:4b:31:8f:9a:ce:00:1b:67:0e:ef:59:45:fc:2d:61:c2:
3b:a5:5a:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlTqtB70n4/9MuvRfBSIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQ5YzczZWZkYmM3YmM1MWIwM2RjZjhlMDEyNGY3NGE5Y2M4MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQmYW66ayzvtN55mOhjYud4Ndvq2
ZOlqwZ+QXwx5067zcqEAdrkz/yv6iAENO7bJBazep8Sxy9+c1Jx5DuWYjVep9PvJ
oguVcERUmfMmJYaOSbd54V8ZnQEzyg1Pxlt4hbk++GBIseyEOcsVPXtHB7LOs//u
rL2lO5XPiW8VlTAIjztd2szZl+yrfcfOB/U9HDyqtadar6MPC1ZTpHbUYzWnu6lw
JPvhnoRY7W2urZJzKlbz8rbEtrfK2TdMwq0jBjtsCdP5yPNY5Z1lfwRY7NFkAwaG
E2LdM1KeQib8Q10DyJAXtdk5wjqCkbnI1YuQw+XMnwHkkHqWTyv91xsSxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFdJxz79vHvFGwPc+OAST3SpzIAEMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvVjBuSFB2MjhlOFViQTl6NDRCSlBkS25NZ0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJRBgAwQD
stXoMA0EAgACMAcDBQAqAEzBMA0GCSqGSIb3DQEBCwUAA4IBAQBemIWmn5geYJf1
91jrXLv5Rm8ju5rKdldxPtlbke1oZpnQqjCg8M1+vFw06LvcYs/jR0bJCnugzpeV
y5mocXYZLv1Ix3PTZBS5ZJIfkRgduAp7dA40Iq+H7cMCbKH9p7k+PJp32ecHw1im
CtSH4dW+BMttDX6kttTtWeIwFUrz/0G+mdh7ZLTlXLtmuKbubbhPoNArS5nI/ZF6
VyMfErZQzi9ID27O/mJ+3ocs9UGrFxp5vEaUSdDurFuLymf4IgwAn4V4B6hVRpUI
w587xztILH/j31E9Wdo4IfK5g7vfjIn2v6aJBbbOxNbfAUsxj5rOABtnDu9ZRfwt
YcI7pVpB
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:55:33 2024 by rpki-client on console-fra.rpki-client.org