Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/PBYps83ldEJCmUJRCNAw8fjXkvM.roa
File: PBYps83ldEJCmUJRCNAw8fjXkvM.roa (raw, json)
Hash identifier: dODmekDYHQSHoe9NEFo+ebH7jlcXe53mdZy3+yCtBqA=
Subject key identifier: 3C:16:29:B3:CD:E5:74:42:42:99:42:51:08:D0:30:F1:F8:D7:92:F3
Certificate issuer: /CN=37b8221099486a3b133e0139e34b934264cdd700
Certificate serial: 018CC94D9D57E7EBAB03CF02BF5F4E56ECD9
Authority key identifier: 37:B8:22:10:99:48:6A:3B:13:3E:01:39:E3:4B:93:42:64:CD:D7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N7giEJlIajsTPgE540uTQmTN1wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/PBYps83ldEJCmUJRCNAw8fjXkvM.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203541
IP address blocks: 37.61.184.0/21 maxlen: 21
2a06:c500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/N7giEJlIajsTPgE540uTQmTN1wA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/N7giEJlIajsTPgE540uTQmTN1wA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N7giEJlIajsTPgE540uTQmTN1wA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9d:57:e7:eb:ab:03:cf:02:bf:5f:4e:56:ec:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37b8221099486a3b133e0139e34b934264cdd700
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c1629b3cde574424299425108d030f1f8d792f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:76:c5:ec:b9:c0:6f:dc:77:20:cd:2c:52:
39:e3:9e:f5:20:03:21:e6:1d:02:75:c5:d0:17:07:
2e:ab:63:df:f5:fe:c8:72:23:3e:62:e4:20:56:38:
aa:a2:05:ad:56:15:07:8c:53:27:32:58:b6:7a:68:
eb:5b:44:22:1a:84:f6:c5:b0:d0:36:35:80:ca:82:
ae:b4:36:95:82:ac:d5:b3:f3:9a:42:94:cd:57:4a:
53:a5:41:b4:ff:b8:ab:7a:32:98:f4:5a:b0:8e:92:
36:15:34:1b:f4:f7:a7:8d:c1:55:3b:97:9e:39:61:
c4:f3:fd:94:38:1b:bd:c4:a3:6f:5d:e3:ca:aa:77:
a4:c0:b0:3f:99:96:b7:61:43:77:8e:75:23:d9:71:
27:a5:f6:83:73:41:24:87:f7:96:d9:86:53:e5:e6:
5b:a7:ea:c7:c4:c6:8d:d0:0b:aa:d9:28:e7:49:a0:
2b:66:28:87:13:6d:86:4d:4b:f4:18:a5:71:00:c3:
c0:2c:8b:44:bd:6c:0a:e9:7e:61:aa:f5:7a:80:8d:
d1:1d:e4:be:4e:23:d8:cc:c0:cb:19:c0:5f:6a:a1:
2d:73:e1:6d:ce:26:8d:c2:8c:97:1b:23:b1:33:06:
f9:31:91:62:02:49:de:57:c7:5f:39:0d:56:46:cd:
d1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:16:29:B3:CD:E5:74:42:42:99:42:51:08:D0:30:F1:F8:D7:92:F3
X509v3 Authority Key Identifier:
keyid:37:B8:22:10:99:48:6A:3B:13:3E:01:39:E3:4B:93:42:64:CD:D7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N7giEJlIajsTPgE540uTQmTN1wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/PBYps83ldEJCmUJRCNAw8fjXkvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/N7giEJlIajsTPgE540uTQmTN1wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.184.0/21
IPv6:
2a06:c500::/29
Signature Algorithm: sha256WithRSAEncryption
49:d8:65:61:ed:c8:22:70:12:46:cb:6f:21:e1:1d:b3:1d:d9:
35:04:a8:fa:08:59:dc:78:62:7f:f9:27:c2:32:09:f2:88:8a:
f7:70:32:58:68:c1:88:36:96:48:be:6b:1f:9d:26:57:8b:82:
a0:55:10:e2:29:0a:86:de:5e:4b:e1:b0:aa:c8:51:94:82:8b:
9e:45:c9:5d:56:46:30:5b:f5:b6:4c:23:b0:c9:35:5c:08:00:
3f:81:1f:bd:e0:d4:28:ea:bb:06:a1:4a:89:64:54:91:eb:74:
6f:23:a7:d5:9b:98:15:fe:b2:3d:79:90:35:91:d8:a6:08:d6:
b8:63:bd:59:2b:ef:8c:c3:94:1f:f6:55:d4:01:0f:7e:77:75:
0d:f5:9f:91:b9:05:70:e8:90:f8:e9:47:da:19:40:27:30:1e:
4c:79:a2:2e:db:b2:cc:ad:3b:4f:42:51:de:0d:61:62:d2:a5:
6f:04:f7:d4:0d:23:65:5b:b1:2f:47:1d:75:bf:60:b8:58:46:
93:5e:38:81:e1:5e:d5:45:23:f2:70:01:21:b6:5d:cd:e1:22:
7d:93:36:af:27:cb:eb:36:da:b8:65:6f:c6:f0:6d:0a:7b:3e:
7d:83:79:e1:e9:63:dd:64:55:df:02:e0:54:b7:b3:63:bb:9e:
7c:61:f7:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTZ1X5+urA88Cv19OVuzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YjgyMjEwOTk0ODZhM2IxMzNlMDEzOWUzNGI5MzQyNjRj
ZGQ3MDAwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE2MjliM2NkZTU3NDQyNDI5OTQyNTEwOGQwMzBmMWY4ZDc5MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPx2xey5wG/cdyDNLFI54571IAMh
5h0CdcXQFwcuq2Pf9f7IciM+YuQgVjiqogWtVhUHjFMnMli2emjrW0QiGoT2xbDQ
NjWAyoKutDaVgqzVs/OaQpTNV0pTpUG0/7irejKY9FqwjpI2FTQb9PenjcFVO5ee
OWHE8/2UOBu9xKNvXePKqnekwLA/mZa3YUN3jnUj2XEnpfaDc0Ekh/eW2YZT5eZb
p+rHxMaN0Auq2SjnSaArZiiHE22GTUv0GKVxAMPALItEvWwK6X5hqvV6gI3RHeS+
TiPYzMDLGcBfaqEtc+FtziaNwoyXGyOxMwb5MZFiAkneV8dfOQ1WRs3RwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDwWKbPN5XRCQplCUQjQMPH415LzMB8GA1UdIwQY
MBaAFDe4IhCZSGo7Ez4BOeNLk0JkzdcAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjdnaUVKbElhanNUUGdFNTQwdVRRbVROMXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kZTk1NmYtZTU1Yi00MzdlLTg1ZDkt
Njg2ZjgzNmNiY2FkLzEvUEJZcHM4M2xkRUpDbVVKUkNOQXc4ZmpYa3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kZTk1NmYtZTU1Yi00MzdlLTg1ZDktNjg2ZjgzNmNiY2Fk
LzEvTjdnaUVKbElhanNUUGdFNTQwdVRRbVROMXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDJT24MA0E
AgACMAcDBQMqBsUAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ2GVh7cgicBJGy28h4R2z
Hdk1BKj6CFnceGJ/+SfCMgnyiIr3cDJYaMGINpZIvmsfnSZXi4KgVRDiKQqG3l5L
4bCqyFGUgoueRcldVkYwW/W2TCOwyTVcCAA/gR+94NQo6rsGoUqJZFSR63RvI6fV
m5gV/rI9eZA1kdimCNa4Y71ZK++Mw5Qf9lXUAQ9+d3UN9Z+RuQVw6JD46UfaGUAn
MB5MeaIu27LMrTtPQlHeDWFi0qVvBPfUDSNlW7EvRx11v2C4WEaTXjiB4V7VRSPy
cAEhtl3N4SJ9kzavJ8vrNtq4ZW/G8G0Kez59g3nh6WPdZFXfAuBUt7Nju558Yffi
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:04:04 2024 by rpki-client on console-fra.rpki-client.org