Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa
File: un0kCN_Sbe3QnwuKHldGm2MhI3E.roa (raw, json)
Hash identifier: VaX6gg6vfZibQRyd7oKfXWDXY53lg92LvVOTSlm42OE=
Subject key identifier: BA:7D:24:08:DF:D2:6D:ED:D0:9F:0B:8A:1E:57:46:9B:63:21:23:71
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 018CC72660F544102D60099E49ECE83D93B6
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa
Signing time: Mon 01 Jan 2024 22:30:30 +0000
ROA not before: Mon 01 Jan 2024 22:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202848
IP address blocks: 185.137.38.0/24 maxlen: 24
185.137.37.0/24 maxlen: 24
185.137.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:60:f5:44:10:2d:60:09:9e:49:ec:e8:3d:93:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 22:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba7d2408dfd26dedd09f0b8a1e57469b63212371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a4:dd:c7:f0:c5:54:49:db:5c:72:5a:99:e0:
ed:2d:6a:51:83:7a:62:8d:75:0e:34:ec:54:d0:69:
80:c3:d8:78:d1:c0:2f:d4:53:67:be:9b:c2:c2:c9:
e0:83:73:7d:48:5d:1d:b1:30:51:1a:69:49:0e:57:
e7:41:9f:58:50:44:57:75:8e:99:ef:cf:bc:ca:95:
77:0e:16:1a:77:82:e8:df:38:9c:76:f0:77:5c:ac:
da:c7:3b:4a:4e:e1:4d:d8:9c:86:98:08:41:6f:fd:
c8:af:e7:ff:ef:ec:5f:b3:0b:57:2f:31:eb:89:61:
89:e3:f0:8e:c3:aa:13:a7:69:0a:d4:32:79:b6:69:
70:dc:65:8a:36:f8:e5:b1:e3:d6:ef:63:2c:d4:2f:
53:eb:70:36:d1:6c:7a:2b:66:d0:94:9e:89:45:9e:
57:1c:4c:c1:94:86:cb:f0:a7:89:d4:a4:fd:f8:88:
1d:6f:67:d5:8f:f1:df:0a:c1:ca:a3:87:24:d4:7d:
ef:d8:c9:87:26:27:97:d8:fa:df:8c:0c:f8:11:a6:
9b:44:3b:0b:2a:29:37:f0:f0:c1:c9:fd:9c:67:5c:
b5:53:47:d7:d8:5b:e6:33:ad:e8:65:cd:7a:c5:64:
bc:b1:ca:a7:44:96:e8:3b:86:b5:96:27:ec:e9:a2:
7d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7D:24:08:DF:D2:6D:ED:D0:9F:0B:8A:1E:57:46:9B:63:21:23:71
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/un0kCN_Sbe3QnwuKHldGm2MhI3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.37.0-185.137.39.255
Signature Algorithm: sha256WithRSAEncryption
1e:16:ed:c4:b6:51:d1:46:92:15:d3:0d:d4:ea:23:53:b3:98:
b6:98:28:25:ae:c1:24:2a:5d:e0:24:cb:e7:14:c8:37:80:74:
80:b2:1b:c3:7a:6e:d6:b2:b5:34:40:17:1d:ad:05:29:ca:b1:
9e:04:9f:61:4e:94:d8:8e:36:24:0b:b0:39:96:1c:ad:af:87:
c3:c0:a3:c6:fd:50:b2:f6:ef:0f:38:c3:42:77:44:84:5f:8e:
70:40:9a:24:e0:03:95:0d:bc:3e:5a:9d:aa:b6:c4:b4:27:ef:
91:0c:86:1f:4e:5f:43:a2:e2:60:f4:fb:b2:1a:54:5f:6b:3d:
38:b9:8d:43:2f:26:49:6f:40:d0:68:a2:3e:56:b8:76:ac:7e:
24:a7:9a:5a:b5:bc:77:32:d4:b7:0b:1f:52:1f:8b:9c:8f:f9:
1c:ef:a6:76:8d:f7:af:9b:8d:a1:4f:e3:75:59:99:90:32:a3:
8b:4d:08:b3:8d:9d:08:c3:8d:2d:8f:6f:4f:76:db:59:59:7c:
d7:aa:61:64:3d:3d:1e:fe:05:48:be:5d:0f:35:9d:80:9f:d3:
ae:d4:e9:8a:03:66:e4:c5:30:c4:21:9b:e9:73:87:21:c7:61:
52:ca:52:dc:5b:9b:18:ab:97:fe:e7:ae:cc:bb:56:e9:3e:5b:
c5:5c:f2:4a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJmD1RBAtYAmeSezoPZO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjQwMTAxMjIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdkMjQwOGRmZDI2ZGVkZDA5ZjBiOGExZTU3NDY5YjYzMjEyMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKTdx/DFVEnbXHJameDtLWpRg3pi
jXUONOxU0GmAw9h40cAv1FNnvpvCwsngg3N9SF0dsTBRGmlJDlfnQZ9YUERXdY6Z
78+8ypV3DhYad4Lo3zicdvB3XKzaxztKTuFN2JyGmAhBb/3Ir+f/7+xfswtXLzHr
iWGJ4/COw6oTp2kK1DJ5tmlw3GWKNvjlsePW72Ms1C9T63A20Wx6K2bQlJ6JRZ5X
HEzBlIbL8KeJ1KT9+Igdb2fVj/HfCsHKo4ck1H3v2MmHJieX2PrfjAz4EaabRDsL
Kik38PDByf2cZ1y1U0fX2FvmM63oZc16xWS8scqnRJboO4a1lifs6aJ9xwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLp9JAjf0m3t0J8Lih5XRptjISNxMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvdW4wa0NOX1NiZTNRbnd1S0hsZEdtMk1oSTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5iSUD
BAO5iSAwDQYJKoZIhvcNAQELBQADggEBAB4W7cS2UdFGkhXTDdTqI1OzmLaYKCWu
wSQqXeAky+cUyDeAdICyG8N6btaytTRAFx2tBSnKsZ4En2FOlNiONiQLsDmWHK2v
h8PAo8b9ULL27w84w0J3RIRfjnBAmiTgA5UNvD5anaq2xLQn75EMhh9OX0Oi4mD0
+7IaVF9rPTi5jUMvJklvQNBooj5WuHasfiSnmlq1vHcy1LcLH1Ifi5yP+RzvpnaN
96+bjaFP43VZmZAyo4tNCLONnQjDjS2Pb09221lZfNeqYWQ9PR7+BUi+XQ81nYCf
067U6YoDZuTFMMQhm+lzhyHHYVLKUtxbmxirl/7nrsy7Vuk+W8Vc8ko=
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:22:08 2024 by rpki-client on console-ams.rpki-client.org