Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1-7s8yRsWdpcNYRcC6pNWouKZo_s.roa
File: 1-7s8yRsWdpcNYRcC6pNWouKZo_s.roa (raw, json)
Hash identifier: cKxPXK76vSWT8kc54pFn0Xp8YyVkwsVFfQi9TChBGyc=
Subject key identifier: FB:BB:3C:C9:1B:16:76:97:0D:61:17:02:EA:93:56:A2:E2:99:A3:FB
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 018F4CD7696B46064A8139E505D410B620CD
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1-7s8yRsWdpcNYRcC6pNWouKZo_s.roa
Signing time: Mon 06 May 2024 07:38:56 +0000
ROA not before: Mon 06 May 2024 07:38:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12338
IP address blocks: 85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 01:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:d7:69:6b:46:06:4a:81:39:e5:05:d4:10:b6:20:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: May 6 07:38:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbbb3cc91b1676970d611702ea9356a2e299a3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:cf:c3:2b:6d:0f:99:5f:63:2d:a4:62:0b:
58:ca:3c:42:04:89:0b:f7:af:63:e7:b1:76:3c:6f:
41:47:d3:41:0d:00:4a:82:04:2f:3c:6f:f9:89:48:
55:d9:af:76:63:8b:e7:8e:86:d8:c1:94:fd:7e:9c:
b3:a4:ef:cc:a7:35:99:a4:ca:4c:1c:0b:37:28:76:
57:24:18:de:bc:9b:44:91:04:f9:c2:b1:be:32:fc:
3f:48:74:45:bf:40:a2:e1:2a:2f:4f:b7:9a:da:27:
89:5c:cb:8e:e1:9a:f1:b0:7b:5c:5f:07:b5:04:2f:
c3:32:4b:03:7d:fc:5b:9b:b6:87:ba:5e:aa:b8:0a:
2b:86:99:20:a3:06:2a:d3:68:3e:5f:1b:53:d0:c6:
d6:51:aa:8c:ea:5e:d8:f0:5c:34:ca:cd:b7:43:cd:
85:6d:95:98:74:4e:c9:8d:02:7f:a5:e4:8c:f9:e3:
5a:a7:44:90:2b:21:a5:dc:59:c6:cc:6f:00:ce:b0:
72:99:8d:78:84:07:f0:94:58:9f:fd:5c:33:0f:80:
5a:3f:51:88:d8:08:4c:63:c7:f3:e5:f8:c8:4e:41:
69:b7:96:c7:63:a8:1f:6a:02:a0:e3:1d:19:a3:08:
e2:47:c2:45:4a:b3:ee:dd:01:f7:19:54:7a:db:d2:
fc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BB:3C:C9:1B:16:76:97:0D:61:17:02:EA:93:56:A2:E2:99:A3:FB
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1-7s8yRsWdpcNYRcC6pNWouKZo_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.152.104.0/22
85.152.124.0/22
188.171.234.0/24
188.171.240.0/20
Signature Algorithm: sha256WithRSAEncryption
61:6b:ad:cf:5c:0b:fc:d2:50:8b:68:ea:c7:ca:2c:5e:d1:8a:
a9:a7:38:23:55:59:2f:48:ea:f4:3f:4a:24:2c:66:29:5e:62:
9f:c9:09:21:51:d0:90:5f:fa:af:e4:1a:d6:0a:f6:84:d7:9c:
06:79:b6:18:1c:c1:f5:a4:a7:8d:81:c5:28:8b:5a:f5:20:3b:
d7:3a:5d:57:2c:19:15:dd:90:af:7e:79:02:f6:bf:ec:3f:0a:
89:c0:95:51:da:b1:6a:52:57:f0:43:2b:5e:4a:cf:e5:f6:06:
d0:79:28:68:b7:8e:14:e4:1b:b2:c1:db:d7:e0:3a:f8:5f:49:
d8:bf:ad:54:a8:38:36:b5:b3:ae:58:4b:52:f7:ed:55:56:3e:
ef:81:72:b0:31:8a:07:77:84:b4:83:f3:f4:d5:a4:1c:06:b6:
64:29:fe:a8:82:b7:f5:e7:7c:86:63:3d:e3:a1:77:54:ec:0f:
4b:ab:cb:3b:de:78:64:ce:21:1c:d5:12:d0:a2:48:09:e6:66:
cc:cd:da:08:bd:50:58:d7:e4:b9:9a:9b:0f:d3:40:1e:e6:e9:
6c:54:d2:98:61:93:42:1f:4b:13:db:72:cc:58:9f:74:a8:68:
2e:33:52:61:9b:95:9a:a4:00:92:13:98:12:aa:50:f8:1b:f4:
5f:1a:11:72
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY9M12lrRgZKgTnlBdQQtiDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjQwNTA2MDczODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJiM2NjOTFiMTY3Njk3MGQ2MTE3MDJlYTkzNTZhMmUyOTlhM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpPPwyttD5lfYy2kYgtYyjxCBIkL
969j57F2PG9BR9NBDQBKggQvPG/5iUhV2a92Y4vnjobYwZT9fpyzpO/MpzWZpMpM
HAs3KHZXJBjevJtEkQT5wrG+Mvw/SHRFv0Ci4SovT7ea2ieJXMuO4ZrxsHtcXwe1
BC/DMksDffxbm7aHul6quAorhpkgowYq02g+XxtT0MbWUaqM6l7Y8Fw0ys23Q82F
bZWYdE7JjQJ/peSM+eNap0SQKyGl3FnGzG8AzrBymY14hAfwlFif/VwzD4BaP1GI
2AhMY8fz5fjITkFpt5bHY6gfagKg4x0ZowjiR8JFSrPu3QH3GVR629L8nQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPu7PMkbFnaXDWEXAuqTVqLimaP7MB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvMS03czh5UnNXZHBjTllSY0M2cE5Xb3VLWm9fcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTUvMDdmMjcwLWM2Y2MtNDljZC1hZTQ2LTUxMDBhMjZkMjc0
Yi8xL1RxWmNmdHVrYWRDWjEycXMxOXdtUDAzLXhlcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlWYaAME
AlWYfAMEALyr6gMEBLyr8DANBgkqhkiG9w0BAQsFAAOCAQEAYWutz1wL/NJQi2jq
x8osXtGKqac4I1VZL0jq9D9KJCxmKV5in8kJIVHQkF/6r+Qa1gr2hNecBnm2GBzB
9aSnjYHFKIta9SA71zpdVywZFd2Qr355Ava/7D8KicCVUdqxalJX8EMrXkrP5fYG
0HkoaLeOFOQbssHb1+A6+F9J2L+tVKg4NrWzrlhLUvftVVY+74FysDGKB3eEtIPz
9NWkHAa2ZCn+qIK39ed8hmM946F3VOwPS6vLO954ZM4hHNUS0KJICeZmzM3aCL1Q
WNfkuZqbD9NAHubpbFTSmGGTQh9LE9tyzFifdKhoLjNSYZuVmqQAkhOYEqpQ+Bv0
XxoRcg==
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:11:07 2024 by rpki-client on console-fra.rpki-client.org