Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/7q2pptNsIej6_T140gmolmgwgmY.roa
File: 7q2pptNsIej6_T140gmolmgwgmY.roa (raw, json)
Hash identifier: AuXzXgH4YhG8lM4T/PgnR6F/9tPNBAKoVgmGhiyaenE=
Subject key identifier: EE:AD:A9:A6:D3:6C:21:E8:FA:FD:3D:78:D2:09:A8:96:68:30:82:66
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0191FFB6368E17D3E40FB1B92FF2F2A0BE7F
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/7q2pptNsIej6_T140gmolmgwgmY.roa
Signing time: Tue 17 Sep 2024 11:20:17 +0000
ROA not before: Tue 17 Sep 2024 11:20:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203394
IP address blocks: 185.126.255.0/24 maxlen: 24
194.4.71.0/24 maxlen: 24
212.79.125.0/24 maxlen: 24
212.87.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:b6:36:8e:17:d3:e4:0f:b1:b9:2f:f2:f2:a0:be:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Sep 17 11:20:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeada9a6d36c21e8fafd3d78d209a89668308266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:f2:77:82:fa:17:d8:94:01:a6:c2:6f:d7:
ad:0c:e3:02:6d:24:4c:88:a5:8e:12:86:35:07:cb:
49:6b:75:e2:fe:37:b5:28:a3:2b:33:79:de:52:d9:
9d:db:d6:5d:0b:cd:92:e1:d6:c8:73:c1:24:15:d1:
0c:33:b9:41:d6:6d:8c:b5:a8:3e:00:38:fe:91:ef:
32:83:25:69:ee:1b:47:2e:f7:4c:ef:5c:ac:b2:bc:
7c:d7:91:45:e2:88:70:bc:2c:f3:b1:9b:02:2e:a8:
6e:87:44:73:52:7a:18:2a:55:cb:a5:67:c2:b0:60:
34:3b:c1:b8:28:07:36:b8:85:57:ea:8e:17:8a:93:
6d:86:b6:b1:a3:31:bb:9a:f3:64:e2:6c:55:de:6a:
47:3b:f5:fb:87:2c:47:db:3c:a7:40:b2:1d:c9:ef:
eb:fe:f6:89:7d:43:ba:7b:c9:53:7b:c7:13:80:63:
e8:e6:f8:10:89:a4:0b:ff:73:a9:05:e9:b8:c0:cd:
64:ed:0e:03:f0:cd:df:4e:9b:f0:70:f2:16:7e:a5:
9f:2e:a2:54:1c:cb:3b:ca:ff:1a:ab:89:f3:a3:99:
bf:31:8e:c9:5f:6f:7e:40:eb:bc:78:83:e7:f3:2b:
81:21:77:98:36:b7:a9:b9:f7:02:df:98:65:90:4d:
39:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AD:A9:A6:D3:6C:21:E8:FA:FD:3D:78:D2:09:A8:96:68:30:82:66
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/7q2pptNsIej6_T140gmolmgwgmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.255.0/24
194.4.71.0/24
212.79.125.0/24
212.87.168.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ff:8a:8a:ab:29:6f:d6:c2:c7:b1:01:ca:13:62:86:49:6e:
b8:c3:5c:01:70:12:58:9b:52:33:63:25:9a:70:0b:da:54:f5:
3a:28:b4:fc:79:db:74:53:ec:7f:28:61:b1:e3:4a:39:ba:bf:
b2:57:8a:22:40:17:bc:37:94:dc:2d:1b:e0:65:38:df:23:04:
f4:94:5b:e5:ee:c5:3e:39:f8:7b:55:e7:3b:13:ef:b5:9c:bf:
20:0d:17:dd:70:bc:fb:07:dd:9f:bd:d1:e5:69:20:1a:74:af:
c6:ae:95:97:2b:7e:3e:6d:a8:5b:d9:df:c7:ef:c9:e2:20:70:
1a:52:13:92:b4:71:8a:98:d7:b5:f2:98:c9:0d:81:80:86:2a:
16:1c:b3:e2:96:50:25:f5:57:2b:32:de:33:78:c8:d5:59:05:
1b:25:11:a2:28:d1:43:9d:4c:c8:6e:62:34:6a:b4:cb:fe:2c:
87:ad:20:23:e4:10:32:f7:3a:f8:da:72:b5:23:1e:9c:8c:5c:
32:87:f7:f0:d8:aa:62:65:b2:89:af:e4:72:0d:b5:46:01:b8:
ff:fc:a3:34:31:b3:fb:36:03:50:d4:b6:da:86:a4:18:6b:65:
26:c0:f9:63:7e:c5:50:1d:cc:24:02:f8:96:1c:9a:c1:9e:82:
5e:2b:f7:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH/tjaOF9PkD7G5L/LyoL5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjQwOTE3MTEyMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFkYTlhNmQzNmMyMWU4ZmFmZDNkNzhkMjA5YTg5NjY4MzA4MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzLyd4L6F9iUAabCb9etDOMCbSRM
iKWOEoY1B8tJa3Xi/je1KKMrM3neUtmd29ZdC82S4dbIc8EkFdEMM7lB1m2Mtag+
ADj+ke8ygyVp7htHLvdM71yssrx815FF4ohwvCzzsZsCLqhuh0RzUnoYKlXLpWfC
sGA0O8G4KAc2uIVX6o4XipNthraxozG7mvNk4mxV3mpHO/X7hyxH2zynQLIdye/r
/vaJfUO6e8lTe8cTgGPo5vgQiaQL/3OpBem4wM1k7Q4D8M3fTpvwcPIWfqWfLqJU
HMs7yv8aq4nzo5m/MY7JX29+QOu8eIPn8yuBIXeYNrepufcC35hlkE05CQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO6tqabTbCHo+v09eNIJqJZoMIJmMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvN3EycHB0TnNJZWo2X1QxNDBnbW9sbWd3Z21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuX7/AwQA
wgRHAwQA1E99AwQA1FeoMA0GCSqGSIb3DQEBCwUAA4IBAQAd/4qKqylv1sLHsQHK
E2KGSW64w1wBcBJYm1IzYyWacAvaVPU6KLT8edt0U+x/KGGx40o5ur+yV4oiQBe8
N5TcLRvgZTjfIwT0lFvl7sU+Ofh7Vec7E++1nL8gDRfdcLz7B92fvdHlaSAadK/G
rpWXK34+bahb2d/H78niIHAaUhOStHGKmNe18pjJDYGAhioWHLPillAl9VcrMt4z
eMjVWQUbJRGiKNFDnUzIbmI0arTL/iyHrSAj5BAy9zr42nK1Ix6cjFwyh/fw2Kpi
ZbKJr+RyDbVGAbj//KM0MbP7NgNQ1LbahqQYa2UmwPljfsVQHcwkAviWHJrBnoJe
K/fO
-----END CERTIFICATE-----
Generated at Sat Sep 28 09:30:52 2024 by rpki-client on console-fra.rpki-client.org