Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X4RAD9QFUr8XCPylJz9cuSLw7uk.roa
File: X4RAD9QFUr8XCPylJz9cuSLw7uk.roa (raw, json)
Hash identifier: PI10W0mVpUr+p21t4/CckzTxen0YM/tfaGUaQU7b8bo=
Subject key identifier: 5F:84:40:0F:D4:05:52:BF:17:08:FC:A5:27:3F:5C:B9:22:F0:EE:E9
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018D8DEC14851D8D5962540C0E5F45A8B6A2
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X4RAD9QFUr8XCPylJz9cuSLw7uk.roa
Signing time: Fri 09 Feb 2024 12:51:15 +0000
ROA not before: Fri 09 Feb 2024 12:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60071
IP address blocks: 79.172.207.0/24 maxlen: 24
79.172.219.0/24 maxlen: 24
87.229.72.0/24 maxlen: 24
87.229.103.0/24 maxlen: 24
87.229.104.0/24 maxlen: 24
87.229.120.0/24 maxlen: 24
95.138.196.0/24 maxlen: 24
217.144.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 23:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:ec:14:85:1d:8d:59:62:54:0c:0e:5f:45:a8:b6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 9 12:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f84400fd40552bf1708fca5273f5cb922f0eee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:a6:81:8c:58:dc:2d:10:c8:0e:d3:f9:e1:
e9:f0:27:cf:c9:de:69:ad:82:7a:c4:75:f0:1f:e3:
f8:b0:81:9d:86:cc:74:ea:4f:50:83:fb:8e:c5:80:
dd:68:1e:4c:0f:ed:aa:47:0e:86:a6:61:bc:01:06:
96:56:82:95:15:b4:b0:68:ed:1a:11:f5:6b:d0:f3:
a1:b6:dd:64:b2:f5:24:eb:3d:ec:fa:08:ff:c2:d1:
ab:24:bd:d2:cb:d2:f5:af:e4:75:1a:2b:da:4b:fb:
20:40:27:f9:b3:47:8a:c0:c4:0b:80:a1:16:64:28:
ca:89:06:a4:68:f1:1b:31:da:d8:3f:99:b5:cc:b7:
ba:4f:ef:05:0a:fc:f0:e9:3a:38:af:bb:3d:1a:e1:
e1:45:56:bc:d5:75:c3:91:d3:28:aa:35:31:f0:b5:
cd:c0:78:78:b3:09:6f:c0:16:ec:c6:56:25:ae:59:
71:62:1b:f7:7b:09:78:fd:4e:50:cf:d1:d7:2c:da:
cf:a5:ac:1c:d1:0e:8a:a0:d2:51:2c:f7:ea:84:f9:
c0:94:cb:c9:31:fa:ea:85:33:d1:c0:4d:53:b1:5f:
2d:51:ba:2c:dd:fd:1e:b1:fd:b2:f7:17:34:15:5a:
64:e0:d1:43:ae:75:da:2f:89:3d:d6:b9:b8:74:5f:
26:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:84:40:0F:D4:05:52:BF:17:08:FC:A5:27:3F:5C:B9:22:F0:EE:E9
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X4RAD9QFUr8XCPylJz9cuSLw7uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.207.0/24
79.172.219.0/24
87.229.72.0/24
87.229.103.0-87.229.104.255
87.229.120.0/24
95.138.196.0/24
217.144.51.0/24
Signature Algorithm: sha256WithRSAEncryption
14:06:d9:f8:78:51:4a:88:20:7d:56:04:e7:ee:66:1d:ec:f2:
50:c1:6b:8b:f4:6e:a5:af:59:54:89:e6:60:22:e6:72:8b:cb:
06:03:27:4a:15:04:57:84:8f:09:97:4e:57:fa:b7:2c:8c:d1:
a8:38:49:b6:d9:b0:d2:48:ed:07:b6:29:86:48:84:68:2f:4a:
64:80:44:6d:f2:c3:84:3f:60:42:a4:77:d5:9b:ce:84:ef:02:
ea:5b:87:ef:b2:88:ca:a0:6f:3d:8f:7a:f1:66:ba:a9:d5:93:
e9:37:94:d3:c4:85:c4:65:67:21:fb:6e:74:12:2a:15:7a:b7:
cd:3b:f2:64:56:4e:75:a8:64:4e:86:2d:f8:a3:03:e6:ad:e2:
f6:a1:03:66:f5:48:0f:c6:b0:e6:a3:c6:d0:69:aa:4f:aa:79:
e4:97:e9:3f:5c:c3:06:69:af:cf:db:8b:86:ed:b5:83:2e:8e:
45:69:f1:ef:80:ff:2f:69:dd:91:43:6a:e0:2c:a8:5f:fa:6d:
ef:fb:63:f2:e5:67:c5:f9:28:a5:dd:fa:e2:1b:98:71:ee:de:
06:fe:1e:61:02:f9:34:20:57:8e:3d:f0:9b:7b:85:32:1b:19:
ff:69:2f:5e:01:88:92:07:c1:89:bf:3d:c5:04:20:53:51:f4:
ca:17:15:f7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY2N7BSFHY1ZYlQMDl9FqLaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMjA5MTI1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg0NDAwZmQ0MDU1MmJmMTcwOGZjYTUyNzNmNWNiOTIyZjBlZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6SmgYxY3C0QyA7T+eHp8CfPyd5p
rYJ6xHXwH+P4sIGdhsx06k9Qg/uOxYDdaB5MD+2qRw6GpmG8AQaWVoKVFbSwaO0a
EfVr0POhtt1ksvUk6z3s+gj/wtGrJL3Sy9L1r+R1GivaS/sgQCf5s0eKwMQLgKEW
ZCjKiQakaPEbMdrYP5m1zLe6T+8FCvzw6To4r7s9GuHhRVa81XXDkdMoqjUx8LXN
wHh4swlvwBbsxlYlrllxYhv3ewl4/U5Qz9HXLNrPpawc0Q6KoNJRLPfqhPnAlMvJ
MfrqhTPRwE1TsV8tUbos3f0esf2y9xc0FVpk4NFDrnXaL4k91rm4dF8mowIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFF+EQA/UBVK/Fwj8pSc/XLki8O7pMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWDRSQUQ5UUZVcjhYQ1B5bEp6OWN1U0x3N3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAT6zPAwQA
T6zbAwQAV+VIMAwDBABX5WcDBABX5WgDBABX5XgDBABfisQDBADZkDMwDQYJKoZI
hvcNAQELBQADggEBABQG2fh4UUqIIH1WBOfuZh3s8lDBa4v0bqWvWVSJ5mAi5nKL
ywYDJ0oVBFeEjwmXTlf6tyyM0ag4SbbZsNJI7Qe2KYZIhGgvSmSARG3yw4Q/YEKk
d9WbzoTvAupbh++yiMqgbz2PevFmuqnVk+k3lNPEhcRlZyH7bnQSKhV6t8078mRW
TnWoZE6GLfijA+at4vahA2b1SA/GsOajxtBpqk+qeeSX6T9cwwZpr8/bi4bttYMu
jkVp8e+A/y9p3ZFDauAsqF/6be/7Y/LlZ8X5KKXd+uIbmHHu3gb+HmEC+TQgV449
8Jt7hTIbGf9pL14BiJIHwYm/PcUEIFNR9MoXFfc=
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:35:19 2024 by rpki-client on console-ams.rpki-client.org