Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/7kf1Kgp_VBHLsACwCdQsOibMjpE.roa
File: 7kf1Kgp_VBHLsACwCdQsOibMjpE.roa (raw, json)
Hash identifier: KdE9VKQvdPoDGTjZPu+QF2OtY2ePQ34h6NLVBoiJflo=
Subject key identifier: EE:47:F5:2A:0A:7F:54:11:CB:B0:00:B0:09:D4:2C:3A:26:CC:8E:91
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CE67358B977B1BC5BCF7179DE267A52FC
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/7kf1Kgp_VBHLsACwCdQsOibMjpE.roa
Signing time: Mon 08 Jan 2024 00:22:48 +0000
ROA not before: Mon 08 Jan 2024 00:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
92.50.0.0/19 maxlen: 19
92.50.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e6:73:58:b9:77:b1:bc:5b:cf:71:79:de:26:7a:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 8 00:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee47f52a0a7f5411cbb000b009d42c3a26cc8e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:88:d6:2d:e5:91:3a:45:3f:d4:f0:a4:7f:
b2:f6:b3:32:aa:29:ae:bc:9f:e2:01:8d:ff:00:74:
92:a7:17:2d:e1:f0:29:e7:ae:5c:c0:11:85:bb:51:
16:59:dc:35:97:5d:9b:02:07:1e:8a:6c:ea:f4:77:
68:a6:86:69:5b:86:12:6d:1a:ce:d3:f3:d9:f4:94:
ae:05:99:85:bd:bf:b4:1d:e3:b9:7a:06:2d:40:1a:
97:0c:c0:39:98:4e:cb:69:2b:bb:71:c6:f1:37:b7:
84:c9:cc:3c:99:6b:9e:58:8a:75:2a:3e:78:60:77:
4c:dd:2a:73:36:e9:9f:cd:28:54:5d:7e:0a:60:90:
60:88:0a:a5:60:17:77:08:1c:41:ec:d7:e0:32:b1:
2c:fd:30:72:12:84:3d:93:b6:1d:ad:3e:77:0c:49:
7a:f1:3d:15:42:c7:22:db:36:8a:54:7b:38:9f:40:
6d:34:06:f7:f1:69:09:a9:a2:07:3d:1b:c3:c9:f5:
7a:2c:9a:3a:60:70:7d:a6:9b:9f:82:18:b8:a1:84:
c8:1e:dc:a2:b0:d9:8f:bc:98:54:24:b7:0c:55:9e:
53:18:d9:e2:63:97:ee:da:59:63:ee:55:35:8f:55:
7d:56:ed:ec:b1:bd:a7:fc:55:9d:86:3a:42:ee:b6:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:47:F5:2A:0A:7F:54:11:CB:B0:00:B0:09:D4:2C:3A:26:CC:8E:91
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/7kf1Kgp_VBHLsACwCdQsOibMjpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.50.0.0/18
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:38:c4:4f:b7:d0:8a:38:fb:70:5d:d1:59:a5:f0:a0:49:38:
8b:99:8e:6c:0a:d9:4b:5f:a3:9b:8c:1e:4b:d9:4e:94:87:9e:
ce:21:9e:1c:7f:4b:17:cc:f5:e4:28:80:d1:ea:1a:25:70:de:
94:3f:5a:cb:99:e8:91:56:1b:67:f3:1e:46:78:83:8d:9f:f9:
be:05:ef:33:90:0a:0a:13:42:64:be:b7:c9:53:b0:09:0a:ae:
88:b9:82:3b:08:28:bf:80:2b:61:19:39:f7:73:8e:c2:35:09:
cb:6f:cc:76:c5:78:84:cf:82:eb:bc:b3:46:c5:a4:eb:88:bb:
e4:d5:67:fa:f2:7c:83:77:6c:cd:e6:a7:49:f7:60:fc:be:a0:
94:34:e5:ee:57:38:c1:e8:d1:2e:6e:ab:b4:a7:9d:d8:c7:dc:
54:77:9d:48:a0:93:45:64:b9:fb:80:8a:b4:35:97:79:e9:a6:
93:db:01:98:9c:d1:fb:f8:ca:77:8f:56:e9:e4:a1:4c:bc:a7:
72:b9:47:2a:90:67:e4:22:20:21:42:f0:59:b9:d4:85:77:2e:
d1:90:b7:33:5f:ac:22:e8:75:64:e2:50:ee:d7:23:64:82:ba:
a4:89:bc:47:b9:05:47:38:0e:4e:d8:56:dc:1b:67:de:29:30:
7e:8d:cf:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzmc1i5d7G8W89xed4melL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTA4MDAyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQ3ZjUyYTBhN2Y1NDExY2JiMDAwYjAwOWQ0MmMzYTI2Y2M4ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtiI1i3lkTpFP9TwpH+y9rMyqimu
vJ/iAY3/AHSSpxct4fAp565cwBGFu1EWWdw1l12bAgceimzq9HdopoZpW4YSbRrO
0/PZ9JSuBZmFvb+0HeO5egYtQBqXDMA5mE7LaSu7ccbxN7eEycw8mWueWIp1Kj54
YHdM3SpzNumfzShUXX4KYJBgiAqlYBd3CBxB7NfgMrEs/TByEoQ9k7YdrT53DEl6
8T0VQsci2zaKVHs4n0BtNAb38WkJqaIHPRvDyfV6LJo6YHB9ppufghi4oYTIHtyi
sNmPvJhUJLcMVZ5TGNniY5fu2llj7lU1j1V9Vu3ssb2n/FWdhjpC7rZRRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO5H9SoKf1QRy7AAsAnULDomzI6RMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvN2tmMUtncF9WQkhMc0FDd0NkUXNPaWJNanBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGXDIAAwQC
k4hEAwQCk4hMAwQCk4hUMA0GCSqGSIb3DQEBCwUAA4IBAQB8OMRPt9CKOPtwXdFZ
pfCgSTiLmY5sCtlLX6ObjB5L2U6Uh57OIZ4cf0sXzPXkKIDR6holcN6UP1rLmeiR
Vhtn8x5GeIONn/m+Be8zkAoKE0JkvrfJU7AJCq6IuYI7CCi/gCthGTn3c47CNQnL
b8x2xXiEz4LrvLNGxaTriLvk1Wf68nyDd2zN5qdJ92D8vqCUNOXuVzjB6NEubqu0
p53Yx9xUd51IoJNFZLn7gIq0NZd56aaT2wGYnNH7+Mp3j1bp5KFMvKdyuUcqkGfk
IiAhQvBZudSFdy7RkLczX6wi6HVk4lDu1yNkgrqkibxHuQVHOA5O2FbcG2feKTB+
jc+H
-----END CERTIFICATE-----
Generated at Thu May 2 13:04:51 2024 by rpki-client on console-ams.rpki-client.org