Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/I7UEQcahFiTL_hXagXAvMcJg_1s.roa
File: I7UEQcahFiTL_hXagXAvMcJg_1s.roa (raw, json)
Hash identifier: 7mknka8wigF2DY3wOFgJ2bGg3Bz35970qsqHVM5sIyA=
Subject key identifier: 23:B5:04:41:C6:A1:16:24:CB:FE:15:DA:81:70:2F:31:C2:60:FF:5B
Certificate issuer: /CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Certificate serial: 018CCA2A3E54EA7A936A3A9170039BE1D39A
Authority key identifier: 9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/I7UEQcahFiTL_hXagXAvMcJg_1s.roa
Signing time: Tue 02 Jan 2024 12:33:35 +0000
ROA not before: Tue 02 Jan 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50825
IP address blocks: 185.63.96.0/22 maxlen: 24
5.181.92.0/22 maxlen: 24
78.24.96.0/22 maxlen: 24
178.17.0.0/20 maxlen: 24
2a03:c20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3e:54:ea:7a:93:6a:3a:91:70:03:9b:e1:d3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Validity
Not Before: Jan 2 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23b50441c6a11624cbfe15da81702f31c260ff5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:8f:d2:33:d3:10:a7:04:03:ed:0b:41:65:
1c:ed:6b:16:8a:ba:a9:eb:00:a3:c3:8f:85:59:e0:
ad:89:9a:61:5f:7a:59:34:8f:f6:d5:c8:1a:c7:8a:
cb:cb:2d:d6:d9:f5:83:52:95:7f:f0:05:94:25:dd:
66:9a:59:9d:9c:4e:08:27:16:6b:9d:d1:6e:1a:bf:
32:b8:5a:ec:05:49:fc:84:ba:6d:42:c8:b4:58:4d:
0c:ef:f1:b2:67:f9:37:c8:99:97:18:e2:dd:04:91:
c1:8c:f6:c7:59:f6:07:48:0b:33:d1:00:8a:50:f9:
82:4e:76:b7:f0:21:de:fe:89:a6:57:37:35:3c:76:
c9:23:cb:24:86:c3:4a:67:12:3a:30:c6:5f:15:f2:
59:fd:da:b6:be:f1:a8:55:e0:38:c3:06:6f:97:bc:
20:c7:07:a0:57:56:17:58:92:91:f1:47:13:4f:73:
1b:a8:cc:34:cc:ed:c3:f8:ca:b0:ee:4b:39:34:69:
99:5c:bb:a5:62:0b:85:47:92:9b:46:22:c3:58:65:
5c:61:27:ce:b0:b4:d4:99:4d:57:a8:6f:59:0a:0a:
3b:47:c2:47:f9:23:6c:94:f8:65:46:02:e3:97:81:
5b:f2:de:0b:0f:d6:8c:13:a3:bd:c3:fc:8f:38:bb:
9b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B5:04:41:C6:A1:16:24:CB:FE:15:DA:81:70:2F:31:C2:60:FF:5B
X509v3 Authority Key Identifier:
keyid:9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/I7UEQcahFiTL_hXagXAvMcJg_1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.92.0/22
78.24.96.0/22
178.17.0.0/20
185.63.96.0/22
IPv6:
2a03:c20::/29
Signature Algorithm: sha256WithRSAEncryption
16:11:a5:ef:3b:00:0c:5e:f6:eb:d6:75:8e:b5:f9:94:b6:24:
a2:05:7d:08:d5:01:ed:b5:a6:f0:d3:58:b4:ee:04:0b:4f:fb:
af:74:3a:26:99:35:92:69:c6:02:4c:6e:d0:10:85:c5:e7:1c:
2b:7a:01:2b:ec:b2:29:8a:78:29:bc:e4:93:44:01:2c:e2:d0:
fa:3d:1c:d6:6a:33:5b:e8:5b:2d:8b:60:1d:ed:43:41:7a:1e:
60:58:7e:5d:51:8f:38:f0:40:8f:4b:b6:7c:0f:e2:a7:4f:fa:
3b:06:9e:e1:22:a5:43:65:e6:bd:0c:bd:4d:28:d6:dd:29:80:
7a:84:e2:77:b4:82:22:12:26:f8:74:35:ef:58:fc:a9:86:8e:
9c:1c:b2:24:b3:bb:ec:cf:f8:74:63:53:73:f6:ca:01:22:41:
24:c6:ab:df:9e:93:d2:d6:bc:3d:91:37:26:ec:66:7a:f4:4c:
af:0a:69:14:1f:c0:40:61:ca:5a:40:7c:41:b1:08:51:7b:af:
1c:dd:7b:92:44:c8:08:7c:f1:12:92:fb:26:1a:10:f6:52:7e:
92:c8:b3:21:6b:36:1a:43:61:99:1b:2c:bf:b1:ba:47:ec:81:
b0:6c:57:59:2e:8b:d1:8d:a5:5b:6d:f7:d8:e6:ed:b6:96:9e:
ef:3d:05:91
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKj5U6nqTajqRcAOb4dOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmFlNmUzZWQ3NjZkZTQ3YWJhNjY5M2JiNWFmOGE2NDg5
NzQzMTAwHhcNMjQwMTAyMTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I1MDQ0MWM2YTExNjI0Y2JmZTE1ZGE4MTcwMmYzMWMyNjBmZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaGP0jPTEKcEA+0LQWUc7WsWirqp
6wCjw4+FWeCtiZphX3pZNI/21cgax4rLyy3W2fWDUpV/8AWUJd1mmlmdnE4IJxZr
ndFuGr8yuFrsBUn8hLptQsi0WE0M7/GyZ/k3yJmXGOLdBJHBjPbHWfYHSAsz0QCK
UPmCTna38CHe/ommVzc1PHbJI8skhsNKZxI6MMZfFfJZ/dq2vvGoVeA4wwZvl7wg
xwegV1YXWJKR8UcTT3MbqMw0zO3D+Mqw7ks5NGmZXLulYguFR5KbRiLDWGVcYSfO
sLTUmU1XqG9ZCgo7R8JH+SNslPhlRgLjl4Fb8t4LD9aME6O9w/yPOLubTQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCO1BEHGoRYky/4V2oFwLzHCYP9bMB8GA1UdIwQY
MBaAFJu65uPtdm3kerpmk7ta+KZIl0MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQt
OTg1YzY0ZmUyN2VlLzEvSTdVRVFjYWhGaVRMX2hYYWdYQXZNY0pnXzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQtOTg1YzY0ZmUyN2Vl
LzEvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbVcAwQC
ThhgAwQEshEAAwQCuT9gMA0EAgACMAcDBQMqAwwgMA0GCSqGSIb3DQEBCwUAA4IB
AQAWEaXvOwAMXvbr1nWOtfmUtiSiBX0I1QHttabw01i07gQLT/uvdDommTWSacYC
TG7QEIXF5xwregEr7LIpingpvOSTRAEs4tD6PRzWajNb6Fsti2Ad7UNBeh5gWH5d
UY848ECPS7Z8D+KnT/o7Bp7hIqVDZea9DL1NKNbdKYB6hOJ3tIIiEib4dDXvWPyp
ho6cHLIks7vsz/h0Y1Nz9soBIkEkxqvfnpPS1rw9kTcm7GZ69EyvCmkUH8BAYcpa
QHxBsQhRe68c3XuSRMgIfPESkvsmGhD2Un6SyLMhazYaQ2GZGyy/sbpH7IGwbFdZ
LovRjaVbbffY5u22lp7vPQWR
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:59:47 2024 by rpki-client on console-ams.rpki-client.org