Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7pc_wkClsdfEgBlieY81mdhqwfY.roa
File: 7pc_wkClsdfEgBlieY81mdhqwfY.roa (raw, json)
Hash identifier: rkJfFVlNeeSroRr8c6j0vKBx9QRNsOR2NXThJOJw+PQ=
Subject key identifier: EE:97:3F:C2:40:A5:B1:D7:C4:80:19:62:79:8F:35:99:D8:6A:C1:F6
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CC8DFAEC55408706EF215ED50F2B75276
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7pc_wkClsdfEgBlieY81mdhqwfY.roa
Signing time: Tue 02 Jan 2024 06:32:31 +0000
ROA not before: Tue 02 Jan 2024 06:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 328867
IP address blocks: 85.92.112.0/24 maxlen: 24
45.158.254.0/24 maxlen: 24
185.245.0.0/24 maxlen: 24
185.243.7.0/24 maxlen: 24
194.62.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 01:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:ae:c5:54:08:70:6e:f2:15:ed:50:f2:b7:52:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 06:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee973fc240a5b1d7c4801962798f3599d86ac1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:5c:8d:30:44:5c:e1:7b:33:ec:31:43:8d:
92:b3:92:f4:d6:db:d7:67:f1:91:ec:48:25:8c:23:
d8:a8:fb:1c:6b:b8:f1:cb:05:e6:55:0f:3c:68:cd:
7d:8d:ef:12:24:28:f1:96:a9:39:6b:2a:f1:c6:13:
93:8b:85:61:5e:bc:4d:51:ef:b2:ed:d2:7a:c7:a9:
e5:91:a8:fc:95:ad:80:db:9e:03:2e:4e:c6:f7:69:
50:31:3a:15:c9:39:09:62:c3:ee:38:56:e3:2c:2a:
33:9e:47:d0:6e:71:fa:91:48:bf:42:14:aa:ba:5e:
7e:38:4b:61:70:c1:9d:ac:37:9e:13:bb:f6:21:97:
a6:51:68:76:8a:85:d1:b1:7b:c5:6d:d8:31:da:f5:
75:44:de:12:4a:46:cd:0f:90:ba:4c:ab:a2:1e:9a:
e9:ff:a4:36:e4:1c:3e:9d:0f:f4:a4:68:f3:d4:38:
cb:ed:a5:48:74:a6:6a:33:c4:43:35:b8:73:76:b6:
2f:64:7b:a4:13:38:b9:24:2b:83:7e:8d:3f:ae:e3:
00:44:39:72:5d:33:46:65:1b:1e:0a:0e:54:c7:0f:
77:fd:bc:0a:a6:f9:64:89:3e:86:ad:17:22:ec:b3:
fd:8a:a2:8c:c2:34:d0:0a:b8:3d:6f:00:02:ef:c7:
08:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:97:3F:C2:40:A5:B1:D7:C4:80:19:62:79:8F:35:99:D8:6A:C1:F6
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7pc_wkClsdfEgBlieY81mdhqwfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.254.0/24
85.92.112.0/24
185.243.7.0/24
185.245.0.0/24
194.62.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ad:d7:41:4b:c1:71:93:67:ca:d7:eb:36:d7:81:81:7d:0d:
43:10:ee:08:aa:96:49:99:d8:10:68:ff:1c:d8:41:3e:d5:01:
4c:61:c3:97:99:22:da:07:df:b5:df:87:2c:77:ba:c0:ac:33:
49:8d:e1:3d:df:0e:6b:d0:fb:a5:aa:a7:63:7a:a0:d0:3c:cd:
c1:9b:32:75:fa:28:74:0f:bd:0e:65:62:f4:42:81:8f:bf:42:
6a:28:6a:17:61:05:be:68:13:46:60:e7:5b:72:7c:f0:a0:5c:
ae:b0:cf:a9:3f:74:fa:c7:6b:59:4d:e8:3d:88:22:46:f0:3c:
b7:bd:7e:0b:f1:c6:0e:8e:4c:a7:11:3e:b9:9d:78:47:4c:73:
e9:5c:d9:b7:6a:31:91:1f:e5:47:83:8b:10:e8:7c:af:54:b6:
44:77:4c:c6:b5:7a:e2:11:ae:03:5b:b9:2a:e9:37:a1:17:e9:
3c:bf:b9:c3:53:de:22:39:fb:fa:80:fd:f7:ad:0c:77:50:02:
3b:fd:d6:c9:55:f3:24:4f:0d:66:8f:92:9a:1f:2c:b4:7b:c7:
42:16:83:02:54:e1:80:40:85:8b:0e:5b:68:d2:2e:17:e2:40:
dc:07:29:08:86:85:97:77:24:92:03:f0:f5:f0:83:56:81:7e:
0b:7f:ae:b6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI367FVAhwbvIV7VDyt1J2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTAyMDYzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTk3M2ZjMjQwYTViMWQ3YzQ4MDE5NjI3OThmMzU5OWQ4NmFjMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLxcjTBEXOF7M+wxQ42Ss5L01tvX
Z/GR7EgljCPYqPsca7jxywXmVQ88aM19je8SJCjxlqk5ayrxxhOTi4VhXrxNUe+y
7dJ6x6nlkaj8la2A254DLk7G92lQMToVyTkJYsPuOFbjLCoznkfQbnH6kUi/QhSq
ul5+OEthcMGdrDeeE7v2IZemUWh2ioXRsXvFbdgx2vV1RN4SSkbND5C6TKuiHprp
/6Q25Bw+nQ/0pGjz1DjL7aVIdKZqM8RDNbhzdrYvZHukEzi5JCuDfo0/ruMARDly
XTNGZRseCg5Uxw93/bwKpvlkiT6GrRci7LP9iqKMwjTQCrg9bwAC78cI5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO6XP8JApbHXxIAZYnmPNZnYasH2MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvN3BjX3drQ2xzZGZFZ0JsaWVZODFtZGhxd2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZ7+AwQA
VVxwAwQAufMHAwQAufUAAwQAwj7WMA0GCSqGSIb3DQEBCwUAA4IBAQAMrddBS8Fx
k2fK1+s214GBfQ1DEO4IqpZJmdgQaP8c2EE+1QFMYcOXmSLaB9+134csd7rArDNJ
jeE93w5r0PulqqdjeqDQPM3BmzJ1+ih0D70OZWL0QoGPv0JqKGoXYQW+aBNGYOdb
cnzwoFyusM+pP3T6x2tZTeg9iCJG8Dy3vX4L8cYOjkynET65nXhHTHPpXNm3ajGR
H+VHg4sQ6HyvVLZEd0zGtXriEa4DW7kq6TehF+k8v7nDU94iOfv6gP33rQx3UAI7
/dbJVfMkTw1mj5KaHyy0e8dCFoMCVOGAQIWLDlto0i4X4kDcBykIhoWXdySSA/D1
8INWgX4Lf662
-----END CERTIFICATE-----
Generated at Fri Jun 14 09:07:28 2024 by rpki-client on console-ams.rpki-client.org