Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/r-0zoSgFkHGffnjjfMIsM0UZsV8.roa
File: r-0zoSgFkHGffnjjfMIsM0UZsV8.roa (raw, json)
Hash identifier: h8I4OUdDwjgi/a5EFTAi2qvfepZAMGqj6GHXeYrvL5s=
Subject key identifier: AF:ED:33:A1:28:05:90:71:9F:7E:78:E3:7C:C2:2C:33:45:19:B1:5F
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018FE2FB8DE99512C793F627B1EC1AFFCBD2
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/r-0zoSgFkHGffnjjfMIsM0UZsV8.roa
Signing time: Tue 04 Jun 2024 11:21:27 +0000
ROA not before: Tue 04 Jun 2024 11:21:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33947
IP address blocks: 79.172.202.0/24 maxlen: 24
79.172.232.0/22 maxlen: 22
84.21.0.0/22 maxlen: 22
84.21.9.0/24 maxlen: 24
84.21.14.0/24 maxlen: 24
84.21.17.0/24 maxlen: 24
84.21.21.0/24 maxlen: 24
84.21.22.0/24 maxlen: 24
84.21.23.0/24 maxlen: 24
84.21.24.0/24 maxlen: 24
84.21.25.0/24 maxlen: 24
84.21.26.0/24 maxlen: 24
84.21.27.0/24 maxlen: 24
84.21.28.0/24 maxlen: 24
84.21.29.0/24 maxlen: 24
84.21.30.0/24 maxlen: 24
87.229.1.0/24 maxlen: 24
87.229.2.0/24 maxlen: 24
87.229.3.0/24 maxlen: 24
87.229.4.0/24 maxlen: 24
87.229.5.0/24 maxlen: 24
87.229.13.0/24 maxlen: 24
87.229.25.0/24 maxlen: 24
87.229.27.0/24 maxlen: 24
87.229.28.0/24 maxlen: 24
87.229.29.0/24 maxlen: 24
87.229.30.0/24 maxlen: 24
87.229.46.0/23 maxlen: 23
87.229.49.0/24 maxlen: 24
87.229.109.0/24 maxlen: 24
178.238.214.0/24 maxlen: 24
178.238.218.0/24 maxlen: 24
178.238.219.0/24 maxlen: 24
2a02:730:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 23:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:fb:8d:e9:95:12:c7:93:f6:27:b1:ec:1a:ff:cb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 4 11:21:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afed33a1280590719f7e78e37cc22c334519b15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fa:68:b0:aa:9b:34:ff:e1:46:39:38:0b:b4:
12:91:48:c6:bc:3f:5b:ab:89:e4:1d:53:97:99:0c:
81:c2:47:5b:39:94:7d:52:a4:8e:4b:44:0d:a7:f0:
4d:cb:d0:6e:47:e2:77:45:e8:6e:c7:36:d9:dd:ca:
ff:d2:ee:6d:ef:69:8c:35:16:87:ce:a7:0c:89:45:
84:7d:0a:50:58:06:61:0d:b5:54:cb:60:02:dc:fb:
e5:13:f6:b5:5b:c0:1b:7c:54:7a:70:35:f5:4b:c2:
3e:ae:ed:0e:a6:c1:13:84:5a:5f:42:66:27:ff:41:
60:02:10:da:8f:b5:f3:5d:06:b7:4a:f2:eb:dd:c1:
67:47:56:cd:ce:c9:f2:85:56:b9:12:ae:74:02:03:
17:95:af:26:b6:ea:0b:fd:c9:69:ac:04:5d:e8:a1:
7e:2c:16:91:9e:b9:28:f3:6d:30:05:43:ab:fd:02:
4f:1f:0b:12:87:d5:d1:89:3f:98:93:b5:2f:25:4f:
e9:29:34:9f:f9:f4:1a:99:29:66:d6:e4:9f:94:f8:
63:19:51:05:f7:17:c3:f8:e5:d7:56:74:62:22:2d:
8f:fa:6f:e2:ee:55:ee:e9:57:ce:87:d0:96:08:04:
62:d4:87:ee:8b:e3:30:c9:cd:d6:8d:44:7f:84:ca:
b8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:ED:33:A1:28:05:90:71:9F:7E:78:E3:7C:C2:2C:33:45:19:B1:5F
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/r-0zoSgFkHGffnjjfMIsM0UZsV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.202.0/24
79.172.232.0/22
84.21.0.0/22
84.21.9.0/24
84.21.14.0/24
84.21.17.0/24
84.21.21.0-84.21.30.255
87.229.1.0-87.229.5.255
87.229.13.0/24
87.229.25.0/24
87.229.27.0-87.229.30.255
87.229.46.0/23
87.229.49.0/24
87.229.109.0/24
178.238.214.0/24
178.238.218.0/23
IPv6:
2a02:730:2000::/48
Signature Algorithm: sha256WithRSAEncryption
08:9f:f9:d0:00:39:61:8f:db:d8:bd:20:a4:c1:53:25:ed:69:
b6:70:e2:c9:e6:a7:ab:5c:80:e5:a4:e4:a4:e0:ff:34:09:8c:
f7:23:e3:7a:cb:32:66:35:32:66:48:07:ed:6e:32:fa:b5:47:
50:0d:ec:c5:fd:73:e3:13:17:32:78:fe:58:60:81:c4:37:38:
1c:7d:c7:eb:19:5d:c0:d2:cd:0a:31:b0:a7:bc:e7:9b:28:2e:
2b:d4:97:0d:dc:2d:5f:63:9c:1b:15:06:d8:3d:e6:97:44:d3:
bd:30:76:73:f5:d0:4d:32:0d:69:b4:dc:36:1c:ed:8f:ed:64:
a9:01:91:3b:29:de:65:bf:d5:40:e4:dc:06:a7:1d:ca:2d:42:
4f:c9:ce:e7:78:85:fd:bf:48:8e:cb:bb:5c:1c:cf:0b:c8:92:
7e:7c:a2:69:10:68:f7:92:69:bd:82:d6:c1:22:d0:04:16:12:
22:48:9c:b8:b1:87:35:f8:eb:fa:4d:22:2f:32:f8:e9:ae:9f:
c7:ba:5a:4d:cf:9d:e3:4e:d7:85:43:8b:21:f3:3d:0d:d3:ac:
19:fb:25:bd:19:f3:8f:8f:97:3c:c2:37:db:c4:c8:f3:e2:8a:
e9:91:6b:57:3d:2a:b9:1d:64:35:b3:c9:3e:84:ab:6c:d3:82:
84:d6:f0:94
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAY/i+43plRLHk/Ynsewa/8vSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwNjA0MTEyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVkMzNhMTI4MDU5MDcxOWY3ZTc4ZTM3Y2MyMmMzMzQ1MTliMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vposKqbNP/hRjk4C7QSkUjGvD9b
q4nkHVOXmQyBwkdbOZR9UqSOS0QNp/BNy9BuR+J3RehuxzbZ3cr/0u5t72mMNRaH
zqcMiUWEfQpQWAZhDbVUy2AC3PvlE/a1W8AbfFR6cDX1S8I+ru0OpsEThFpfQmYn
/0FgAhDaj7XzXQa3SvLr3cFnR1bNzsnyhVa5Eq50AgMXla8mtuoL/clprARd6KF+
LBaRnrko820wBUOr/QJPHwsSh9XRiT+Yk7UvJU/pKTSf+fQamSlm1uSflPhjGVEF
9xfD+OXXVnRiIi2P+m/i7lXu6VfOh9CWCARi1Ifui+Mwyc3WjUR/hMq42wIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFK/tM6EoBZBxn35443zCLDNFGbFfMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvci0wem9TZ0ZrSEdmZm5qamZNSXNNMFVac1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQAT6zK
AwQCT6zoAwQCVBUAAwQAVBUJAwQAVBUOAwQAVBURMAwDBABUFRUDBABUFR4wDAME
AFflAQMEAVflBAMEAFflDQMEAFflGTAMAwQAV+UbAwQAV+UeAwQBV+UuAwQAV+Ux
AwQAV+VtAwQAsu7WAwQBsu7aMA8EAgACMAkDBwAqAgcwIAAwDQYJKoZIhvcNAQEL
BQADggEBAAif+dAAOWGP29i9IKTBUyXtabZw4snmp6tcgOWk5KTg/zQJjPcj43rL
MmY1MmZIB+1uMvq1R1AN7MX9c+MTFzJ4/lhggcQ3OBx9x+sZXcDSzQoxsKe855so
LivUlw3cLV9jnBsVBtg95pdE070wdnP10E0yDWm03DYc7Y/tZKkBkTsp3mW/1UDk
3AanHcotQk/Jzud4hf2/SI7Lu1wczwvIkn58omkQaPeSab2C1sEi0AQWEiJInLix
hzX46/pNIi8y+Omun8e6Wk3PneNO14VDiyHzPQ3TrBn7Jb0Z84+PlzzCN9vEyPPi
iumRa1c9KrkdZDWzyT6Eq2zTgoTW8JQ=
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:27:54 2024 by rpki-client on console-fra.rpki-client.org