Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/S8pqIxrhnzeRo9RF1Rpof1IPJ1E.roa
File: S8pqIxrhnzeRo9RF1Rpof1IPJ1E.roa (raw, json)
Hash identifier: VouBZGBFwg2xvpc0rHojnEy01gySrfYGggzJaDqEEWs=
Subject key identifier: 4B:CA:6A:23:1A:E1:9F:37:91:A3:D4:45:D5:1A:68:7F:52:0F:27:51
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0191FF67F515C32F53580B3E13FBF248DAB4
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/S8pqIxrhnzeRo9RF1Rpof1IPJ1E.roa
Signing time: Tue 17 Sep 2024 09:54:48 +0000
ROA not before: Tue 17 Sep 2024 09:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60071
IP address blocks: 79.172.207.0/24 maxlen: 24
87.229.72.0/24 maxlen: 24
87.229.103.0/24 maxlen: 24
87.229.104.0/24 maxlen: 24
87.229.120.0/24 maxlen: 24
95.138.196.0/24 maxlen: 24
217.144.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:67:f5:15:c3:2f:53:58:0b:3e:13:fb:f2:48:da:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Sep 17 09:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bca6a231ae19f3791a3d445d51a687f520f2751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4d:a9:55:26:fa:db:9c:5b:64:45:a3:9d:91:
8c:3f:97:50:b7:a8:51:c2:cf:41:d7:10:c5:d3:8a:
f6:b9:83:07:b1:0e:31:29:a9:d0:d1:52:f0:c2:31:
ba:fa:77:6c:1c:fc:36:71:50:6e:3b:ec:cc:70:0c:
43:54:92:8b:28:b4:32:a9:e3:0e:45:2c:10:2c:4b:
b5:b0:d1:82:26:6c:f0:92:65:a8:a9:e1:b8:62:34:
bd:d1:41:f2:5d:ae:0d:c1:30:39:f2:f4:94:8d:f0:
d0:7b:e8:e2:d4:81:20:d7:75:d7:33:d5:b1:67:07:
57:8e:0e:c2:46:bc:a5:54:30:8f:fa:1d:fd:9d:5b:
8b:87:cc:e8:b0:aa:d7:6c:57:2e:71:6a:a3:b2:88:
54:83:65:65:69:0c:16:14:a2:e1:d1:79:f7:a2:b8:
34:09:12:e1:ee:11:e0:7f:e3:6a:ac:61:72:0f:09:
5a:9e:3d:1e:b4:e5:a8:e0:5c:2d:9a:07:eb:51:0f:
df:8a:63:52:77:47:99:8e:f0:85:51:72:e2:6e:3f:
8c:2a:0e:31:fb:d9:07:6a:3d:29:8c:fe:c7:8f:93:
f0:07:b2:7c:f2:94:5d:76:32:e6:d7:ac:9a:f8:65:
0b:1a:c8:5c:6c:8e:2b:7a:fb:f5:02:76:09:9f:12:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CA:6A:23:1A:E1:9F:37:91:A3:D4:45:D5:1A:68:7F:52:0F:27:51
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/S8pqIxrhnzeRo9RF1Rpof1IPJ1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.207.0/24
87.229.72.0/24
87.229.103.0-87.229.104.255
87.229.120.0/24
95.138.196.0/24
217.144.51.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a5:4b:6e:f2:66:c4:fd:46:f1:51:59:29:90:b1:13:48:fc:
fb:fb:fb:50:91:5d:20:91:b2:67:ef:9a:bf:70:99:ab:f7:c9:
19:67:0c:9f:ba:db:95:83:ab:79:15:fa:90:c3:83:bb:5e:ae:
7e:2e:4f:db:4d:6b:57:98:3f:b7:01:b0:f8:de:c6:f6:56:81:
12:4a:fa:e5:90:39:17:05:78:61:1b:3a:8f:69:2c:23:fb:a0:
07:9f:bb:97:49:d6:48:1a:4d:23:ea:7c:57:69:2f:05:99:58:
af:24:91:4f:fb:a0:b7:5f:3c:98:90:4e:07:33:44:74:be:33:
85:8f:1d:43:43:99:f5:90:77:cd:a6:78:be:bd:95:3b:76:b4:
1f:ee:03:cc:82:91:90:d8:93:7c:2a:19:8b:a3:e4:13:d7:b2:
3c:8b:1b:9f:38:fc:63:cf:36:92:64:e9:e8:c7:d4:2a:80:ed:
8c:d9:4a:4c:09:31:4e:ed:44:20:07:30:fb:d8:04:ad:cc:d9:
ef:90:33:38:e9:ba:f6:86:ab:f8:af:75:c6:61:76:61:cb:fa:
17:76:ef:0e:43:cf:51:6a:2d:d1:ba:f2:e1:18:dd:83:cd:59:
42:97:7a:10:ae:dd:18:22:96:e2:57:d7:a0:b3:ec:9a:41:4c:
ab:5b:6a:b5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZH/Z/UVwy9TWAs+E/vySNq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwOTE3MDk1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNhNmEyMzFhZTE5ZjM3OTFhM2Q0NDVkNTFhNjg3ZjUyMGYyNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk2pVSb625xbZEWjnZGMP5dQt6hR
ws9B1xDF04r2uYMHsQ4xKanQ0VLwwjG6+ndsHPw2cVBuO+zMcAxDVJKLKLQyqeMO
RSwQLEu1sNGCJmzwkmWoqeG4YjS90UHyXa4NwTA58vSUjfDQe+ji1IEg13XXM9Wx
ZwdXjg7CRrylVDCP+h39nVuLh8zosKrXbFcucWqjsohUg2VlaQwWFKLh0Xn3org0
CRLh7hHgf+NqrGFyDwlanj0etOWo4FwtmgfrUQ/fimNSd0eZjvCFUXLibj+MKg4x
+9kHaj0pjP7Hj5PwB7J88pRddjLm16ya+GULGshcbI4revv1AnYJnxIz4wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEvKaiMa4Z83kaPURdUaaH9SDydRMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvUzhwcUl4cmhuemVSbzlSRjFScG9mMUlQSjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAT6zPAwQA
V+VIMAwDBABX5WcDBABX5WgDBABX5XgDBABfisQDBADZkDMwDQYJKoZIhvcNAQEL
BQADggEBAGSlS27yZsT9RvFRWSmQsRNI/Pv7+1CRXSCRsmfvmr9wmav3yRlnDJ+6
25WDq3kV+pDDg7tern4uT9tNa1eYP7cBsPjexvZWgRJK+uWQORcFeGEbOo9pLCP7
oAefu5dJ1kgaTSPqfFdpLwWZWK8kkU/7oLdfPJiQTgczRHS+M4WPHUNDmfWQd82m
eL69lTt2tB/uA8yCkZDYk3wqGYuj5BPXsjyLG584/GPPNpJk6ejH1CqA7YzZSkwJ
MU7tRCAHMPvYBK3M2e+QMzjpuvaGq/ivdcZhdmHL+hd27w5Dz1FqLdG68uEY3YPN
WUKXehCu3RgiluJX16Cz7JpBTKtbarU=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:33:30 2024 by rpki-client on console-ams.rpki-client.org