Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t7CiJdyaOUOkKsyqr5laYdkFlPM.roa
File: t7CiJdyaOUOkKsyqr5laYdkFlPM.roa (raw, json)
Hash identifier: VqVX1b6gQU+CObI7MVWl4WP4Ur3eg+rKt5fcqavWPtY=
Subject key identifier: B7:B0:A2:25:DC:9A:39:43:A4:2A:CC:AA:AF:99:5A:61:D9:05:94:F3
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018DD60A304E1DE96FE59FF75D5CFF730A08
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t7CiJdyaOUOkKsyqr5laYdkFlPM.roa
Signing time: Fri 23 Feb 2024 12:56:48 +0000
ROA not before: Fri 23 Feb 2024 12:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197730
IP address blocks: 45.135.238.0/24 maxlen: 24
185.235.164.0/24 maxlen: 24
2a06:da40::/40 maxlen: 40
2a0b:1f00::/32 maxlen: 32
2a0e:31c0::/40 maxlen: 40
2a0f:22c0::/40 maxlen: 40
2a0f:cf40::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:0a:30:4e:1d:e9:6f:e5:9f:f7:5d:5c:ff:73:0a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 23 12:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7b0a225dc9a3943a42accaaaf995a61d90594f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:df:4f:0e:47:68:3e:d2:d7:41:c9:e3:a3:
3c:e5:5a:fd:ab:15:68:84:11:64:3b:08:f7:ba:3e:
3a:23:b7:de:90:d5:83:f3:12:69:f8:81:59:83:b7:
8b:2d:2c:8b:c4:94:2f:a5:a4:7b:b2:e2:cd:99:3d:
56:19:fa:21:6d:bd:5b:fc:15:f9:78:35:c5:4e:59:
9f:c1:81:45:ee:94:b4:32:91:a2:6a:81:3c:01:91:
9c:ff:a8:8c:0e:f6:36:a5:8e:e1:57:90:5c:42:91:
ea:e3:01:f1:62:bc:f3:47:14:2e:73:87:d0:42:ff:
7b:3d:fc:75:84:87:35:6f:c6:07:2a:3f:52:88:bc:
62:73:43:c5:9e:10:e7:49:e3:ec:37:9c:ef:92:ad:
ed:de:46:be:9f:bd:f5:9a:f1:54:b1:eb:87:07:5a:
a6:e5:8f:ae:b6:08:76:7a:bb:bd:4f:62:c6:87:47:
ed:38:7e:85:17:1c:a3:20:7e:b2:6f:32:2a:b7:92:
a5:59:6e:37:a8:18:59:ea:07:fb:d8:c9:3a:53:dc:
9a:91:cb:a0:4c:23:3f:29:40:b3:19:c7:44:f7:78:
43:e8:ae:fe:6b:34:4c:ee:72:07:db:43:74:83:a8:
74:4e:1f:3c:12:44:3d:4e:9f:b8:c9:03:09:a0:13:
b3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B0:A2:25:DC:9A:39:43:A4:2A:CC:AA:AF:99:5A:61:D9:05:94:F3
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t7CiJdyaOUOkKsyqr5laYdkFlPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.238.0/24
185.235.164.0/24
IPv6:
2a06:da40::/40
2a0b:1f00::/32
2a0e:31c0::/40
2a0f:22c0::/40
2a0f:cf40::/40
Signature Algorithm: sha256WithRSAEncryption
68:31:19:af:5b:4a:5f:38:f8:37:6e:21:2c:cc:11:63:13:76:
00:eb:7b:a1:5e:f8:7e:93:8d:ab:50:ee:65:bb:9d:91:b0:cc:
6b:21:6d:8c:00:76:bd:92:48:36:15:bf:82:d5:9d:9e:12:06:
fd:10:75:40:af:5b:f6:ce:26:82:c7:06:c4:a5:86:25:94:b0:
ba:e7:e0:a3:29:cc:96:91:5d:05:89:49:8f:71:5a:6b:95:36:
37:28:f2:f2:44:ea:c5:12:89:d8:43:09:d8:a2:75:48:7d:ff:
01:97:7e:36:f7:e3:0e:8e:1f:d3:e4:d7:c4:c8:f5:83:67:74:
3f:3f:dc:86:b6:e3:38:fa:ef:8f:f8:60:91:72:fb:4f:9d:62:
39:7e:eb:af:18:ed:f0:2a:7d:42:6b:93:3a:06:9b:46:dd:70:
51:0c:7f:57:2b:f2:70:20:15:3f:e3:a5:77:f3:c1:25:0c:7d:
d5:dc:f9:a7:ec:c7:a7:97:ee:3a:13:a1:c9:e9:89:ff:fb:b2:
5f:e1:1d:04:64:6d:66:bf:7b:53:8b:63:3e:5b:d1:80:46:5b:
13:fc:e2:5e:aa:6b:cd:e9:5f:28:04:02:47:ea:b0:0b:ce:1f:
f4:62:67:0d:04:a5:a8:ee:e1:7b:3b:7c:3a:f4:4c:2b:84:2c:
14:32:9d:60
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY3WCjBOHelv5Z/3XVz/cwoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMjIzMTI1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IwYTIyNWRjOWEzOTQzYTQyYWNjYWFhZjk5NWE2MWQ5MDU5NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ibfTw5HaD7S10HJ46M85Vr9qxVo
hBFkOwj3uj46I7fekNWD8xJp+IFZg7eLLSyLxJQvpaR7suLNmT1WGfohbb1b/BX5
eDXFTlmfwYFF7pS0MpGiaoE8AZGc/6iMDvY2pY7hV5BcQpHq4wHxYrzzRxQuc4fQ
Qv97Pfx1hIc1b8YHKj9SiLxic0PFnhDnSePsN5zvkq3t3ka+n731mvFUseuHB1qm
5Y+utgh2eru9T2LGh0ftOH6FFxyjIH6ybzIqt5KlWW43qBhZ6gf72Mk6U9yakcug
TCM/KUCzGcdE93hD6K7+azRM7nIH20N0g6h0Th88EkQ9Tp+4yQMJoBOzgQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLewoiXcmjlDpCrMqq+ZWmHZBZTzMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdDdDaUpkeWFPVU9rS3N5cXI1bGFZZGtGbFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzASBAIAATAMAwQALYfuAwQA
ueukMC0EAgACMCcDBgAqBtpAAAMFACoLHwADBgAqDjHAAAMGACoPIsAAAwYAKg/P
QAAwDQYJKoZIhvcNAQELBQADggEBAGgxGa9bSl84+DduISzMEWMTdgDre6Fe+H6T
jatQ7mW7nZGwzGshbYwAdr2SSDYVv4LVnZ4SBv0QdUCvW/bOJoLHBsSlhiWUsLrn
4KMpzJaRXQWJSY9xWmuVNjco8vJE6sUSidhDCdiidUh9/wGXfjb34w6OH9Pk18TI
9YNndD8/3Ia24zj674/4YJFy+0+dYjl+668Y7fAqfUJrkzoGm0bdcFEMf1cr8nAg
FT/jpXfzwSUMfdXc+afsx6eX7joTocnpif/7sl/hHQRkbWa/e1OLYz5b0YBGWxP8
4l6qa83pXygEAkfqsAvOH/RiZw0Epaju4Xs7fDr0TCuELBQynWA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:44:58 2024 by rpki-client on console-ams.rpki-client.org