Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/x7KxHGCcjFBU5A_ZV0VCHDWeF1E.roa
File: x7KxHGCcjFBU5A_ZV0VCHDWeF1E.roa (raw, json)
Hash identifier: jIAD5EFTBDrvbQOAZv18KjJ8rvXW2CGiv/5tjoi0C+k=
Subject key identifier: C7:B2:B1:1C:60:9C:8C:50:54:E4:0F:D9:57:45:42:1C:35:9E:17:51
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018CC79351F9A2AF8BE9D4E86065B0DF0D15
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/x7KxHGCcjFBU5A_ZV0VCHDWeF1E.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.233.31.0/24 maxlen: 24
195.180.128.0/22 maxlen: 24
194.163.68.0/24 maxlen: 24
194.233.151.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.64.89.0/24 maxlen: 24
195.180.152.0/22 maxlen: 24
195.180.157.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
195.252.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.mft
rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:51:f9:a2:af:8b:e9:d4:e8:60:65:b0:df:0d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7b2b11c609c8c5054e40fd95745421c359e1751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:2a:36:fe:27:35:9f:14:75:14:42:ea:32:
6d:4b:6a:3a:9e:a5:39:13:a7:d9:b1:35:cb:f7:0d:
f2:1c:ac:97:1f:d1:44:79:bd:fb:9b:9f:4a:99:13:
07:b1:d1:83:58:08:b5:16:83:00:dc:ca:b1:bb:25:
17:04:2a:93:cf:80:e1:a5:d7:6e:93:36:84:93:f2:
83:bb:24:70:e6:ff:01:ad:80:d6:08:99:0e:c1:67:
98:ef:30:91:80:8d:80:ad:a2:c1:3f:c0:d8:d7:e5:
db:a5:2e:08:b1:21:fb:79:80:17:72:b0:dc:41:f4:
56:ff:1b:1e:6a:55:a0:24:c2:bb:84:67:72:f4:cf:
b4:67:ae:bc:db:97:e9:9d:a9:a8:56:f2:9d:d1:31:
61:57:e8:f4:6c:f7:30:5f:30:e8:68:d0:dc:46:11:
83:70:c0:c9:44:6a:6b:a8:55:52:a6:eb:32:b7:c6:
1b:fb:01:72:f6:ce:07:9a:e1:01:61:71:c2:bd:89:
29:52:b4:1b:5a:b2:d3:91:99:de:21:6d:89:c7:94:
8e:dc:b8:45:8a:df:c7:db:42:92:a2:62:cf:8b:47:
3e:83:f3:f7:ee:0d:82:9b:d2:ed:30:08:d8:2e:1a:
ba:c1:41:e4:a4:a8:cc:bd:2a:21:f9:4c:06:8b:ac:
02:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B2:B1:1C:60:9C:8C:50:54:E4:0F:D9:57:45:42:1C:35:9E:17:51
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/x7KxHGCcjFBU5A_ZV0VCHDWeF1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
194.163.68.0/24
194.163.92.0/24
194.233.31.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
195.180.152.0/22
195.180.157.0/24
195.252.175.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1f:24:50:ec:ff:b6:4b:c6:fe:ad:7a:2c:15:76:be:6d:0a:
fc:bc:97:08:a5:a5:7a:f9:f5:84:ce:50:24:42:47:70:91:31:
74:42:61:67:cf:91:34:71:bc:0e:36:aa:0a:86:bd:58:3f:6b:
60:90:a3:50:8b:29:07:bd:f8:6f:a1:51:cb:07:0b:f9:5f:06:
3e:6b:2f:94:51:86:f5:fc:ce:eb:9e:53:fd:24:ad:b6:d8:c3:
26:2f:66:b8:24:09:29:9a:fa:0c:34:b5:f6:97:0b:1d:e6:8d:
8a:61:23:68:7b:c1:7c:0c:c4:23:6b:c0:9c:c8:7c:b9:72:b9:
a5:1f:99:1d:a3:ae:11:47:0c:cd:69:fb:d5:47:45:d5:ee:d1:
83:98:81:fc:1f:c7:75:85:57:75:de:1c:8b:ae:e8:4d:fc:5e:
5d:13:3d:16:2f:c9:16:19:d6:c5:86:93:b7:b3:6a:d7:53:a7:
2e:7c:ec:58:52:10:36:4e:b6:09:08:c3:cf:ab:e5:bb:1b:16:
ce:48:eb:c9:1b:ef:2a:f7:59:01:c9:21:4e:f4:dc:76:20:85:
b3:6f:98:17:bc:d9:e3:a5:39:f8:a2:6d:ec:5d:6e:84:99:1b:
7d:00:ab:9a:ce:68:9c:7a:b2:c6:e7:b9:c1:bf:33:77:bb:fe:
4f:56:02:b9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzHk1H5oq+L6dToYGWw3w0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2IyYjExYzYwOWM4YzUwNTRlNDBmZDk1NzQ1NDIxYzM1OWUxNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdoqNv4nNZ8UdRRC6jJtS2o6nqU5
E6fZsTXL9w3yHKyXH9FEeb37m59KmRMHsdGDWAi1FoMA3MqxuyUXBCqTz4Dhpddu
kzaEk/KDuyRw5v8BrYDWCJkOwWeY7zCRgI2AraLBP8DY1+XbpS4IsSH7eYAXcrDc
QfRW/xsealWgJMK7hGdy9M+0Z66825fpnamoVvKd0TFhV+j0bPcwXzDoaNDcRhGD
cMDJRGprqFVSpusyt8Yb+wFy9s4HmuEBYXHCvYkpUrQbWrLTkZneIW2Jx5SO3LhF
it/H20KSomLPi0c+g/P37g2Cm9LtMAjYLhq6wUHkpKjMvSoh+UwGi6wCxwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMeysRxgnIxQVOQP2VdFQhw1nhdRMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEveDdLeEhHQ2NqRkJVNUFfWlYwVkNIRFdlRjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwkBZAwQA
wqNEAwQAwqNcAwQAwukfAwQBwumUAwQAwumXAwQCw7SAAwQCw7SYAwQAw7SdAwQA
w/yvMA0GCSqGSIb3DQEBCwUAA4IBAQBYHyRQ7P+2S8b+rXosFXa+bQr8vJcIpaV6
+fWEzlAkQkdwkTF0QmFnz5E0cbwONqoKhr1YP2tgkKNQiykHvfhvoVHLBwv5XwY+
ay+UUYb1/M7rnlP9JK222MMmL2a4JAkpmvoMNLX2lwsd5o2KYSNoe8F8DMQja8Cc
yHy5crmlH5kdo64RRwzNafvVR0XV7tGDmIH8H8d1hVd13hyLruhN/F5dEz0WL8kW
GdbFhpO3s2rXU6cufOxYUhA2TrYJCMPPq+W7GxbOSOvJG+8q91kBySFO9Nx2IIWz
b5gXvNnjpTn4om3sXW6EmRt9AKuazmicerLG57nBvzN3u/5PVgK5
-----END CERTIFICATE-----
Generated at Thu May 2 22:32:59 2024 by rpki-client on console-ams.rpki-client.org