Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/7wsQ8xTdEM0xmwIVM67-x1eExDM.roa
File: 7wsQ8xTdEM0xmwIVM67-x1eExDM.roa (raw, json)
Hash identifier: JXW7HcjIuDaBl12Gi5XEOfxaiwoKEdc4DpQk+Vcxw7k=
Subject key identifier: EF:0B:10:F3:14:DD:10:CD:31:9B:02:15:33:AE:FE:C7:57:84:C4:33
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC88BF4A4EC1D6B8984CF051647034
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/7wsQ8xTdEM0xmwIVM67-x1eExDM.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.132.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
5.183.77.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:88:bf:4a:4e:c1:d6:b8:98:4c:f0:51:64:70:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef0b10f314dd10cd319b021533aefec75784c433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f5:2a:a5:87:00:b2:83:a7:41:b0:46:3d:8e:
e9:de:dd:fa:76:b1:c4:a2:b9:09:da:0f:e0:65:38:
15:ed:06:da:0c:13:b1:95:44:09:f1:9b:75:34:00:
3a:f0:43:42:e8:70:94:a9:2f:c0:e2:22:61:8d:ed:
d9:b1:87:68:73:48:6b:09:6e:51:b8:60:08:22:6a:
1e:64:29:0c:7c:a2:70:68:2f:9e:9a:01:44:f7:65:
d3:cf:93:e5:af:6b:cf:1f:e0:16:94:ad:50:c1:ea:
b4:2b:36:6f:20:cb:5a:93:9f:cd:e2:98:c9:81:41:
64:be:d4:a7:81:29:c1:90:af:f8:e7:31:1c:0f:fb:
88:9a:74:a6:b8:01:ce:d4:2f:ed:05:32:cb:86:78:
2f:a8:2b:96:79:ec:ae:7d:ca:da:d4:b0:ef:c5:5a:
69:f9:b7:32:31:41:e4:81:c7:cb:52:8b:18:06:85:
79:d2:98:09:d9:1e:8f:ac:68:bd:e4:65:ea:26:52:
24:89:66:f5:53:45:44:80:55:b0:1d:7e:b0:9c:53:
39:a8:0c:2b:dd:40:24:6a:56:8b:36:14:36:c7:f1:
26:d3:26:e6:ec:05:04:10:8b:c3:1b:fb:7d:33:8f:
af:27:fb:01:87:f0:cf:14:7c:e6:b0:39:f3:8e:75:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0B:10:F3:14:DD:10:CD:31:9B:02:15:33:AE:FE:C7:57:84:C4:33
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/7wsQ8xTdEM0xmwIVM67-x1eExDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/23
45.14.113.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.135.0/24
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
3d:10:c5:e6:d1:62:35:79:98:47:0e:f9:3c:14:81:ba:80:67:
a7:72:3a:fc:90:ec:ee:f4:d5:85:64:ea:b3:d3:81:a2:e7:53:
98:bc:fe:5b:9a:3e:f0:25:c5:7e:c9:8d:25:6f:70:87:7e:e5:
47:81:7c:8d:7f:43:11:85:e1:a8:ba:0e:23:90:ad:a8:bb:d7:
63:3a:f1:b7:f5:17:17:f9:9a:f4:a5:61:89:43:af:67:73:dd:
69:f7:33:9e:8b:ca:26:60:03:e1:ed:12:82:86:90:42:9d:4c:
84:f5:cd:9b:5f:13:6d:7b:11:39:b0:14:9c:39:44:e3:ad:0a:
10:f9:14:55:23:2c:3d:62:ba:ce:9a:71:eb:0a:fd:dd:93:db:
de:4b:ff:01:46:79:82:6d:03:6f:68:e4:de:23:03:0b:4f:fb:
41:a8:a8:0d:08:ab:48:b4:aa:12:c9:7a:ca:d2:b1:98:cb:c9:
23:5d:67:35:f5:63:96:c8:4b:4e:33:f8:cd:d0:6c:9a:7e:79:
a5:aa:fc:1f:46:bf:59:bf:68:f7:02:57:19:cb:b3:1f:c1:d0:
e4:f9:8c:c2:5d:2e:47:12:bb:72:8f:db:3b:a3:bb:8d:db:c0:
82:5c:3c:dd:f1:11:e0:be:ed:21:a4:3b:d2:76:df:49:15:08:
ff:98:1b:1a
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzF3Ii/Sk7B1riYTPBRZHA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBiMTBmMzE0ZGQxMGNkMzE5YjAyMTUzM2FlZmVjNzU3ODRjNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/UqpYcAsoOnQbBGPY7p3t36drHE
orkJ2g/gZTgV7QbaDBOxlUQJ8Zt1NAA68ENC6HCUqS/A4iJhje3ZsYdoc0hrCW5R
uGAIImoeZCkMfKJwaC+emgFE92XTz5Plr2vPH+AWlK1Qweq0KzZvIMtak5/N4pjJ
gUFkvtSngSnBkK/45zEcD/uImnSmuAHO1C/tBTLLhngvqCuWeeyufcra1LDvxVpp
+bcyMUHkgcfLUosYBoV50pgJ2R6PrGi95GXqJlIkiWb1U0VEgFWwHX6wnFM5qAwr
3UAkalaLNhQ2x/Em0ybm7AUEEIvDG/t9M4+vJ/sBh/DPFHzmsDnzjnXaKwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFO8LEPMU3RDNMZsCFTOu/sdXhMQzMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzd3c1E4eFRkRU0weG13SVZNNjcteDFlRXhETS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ0GCCsGAQUFBwEHAQH/BIGNMIGKMDgEAgABMDIDBAEC
OAgDBAEFt0wDBAAtDnEDBACTvYAwDAMEAJO9gwMEAJO9hAMEAJO9hwMEALBv2TBO
BAIAAjBIAwcAKg4MgAADAwcAKg4MgAMjAwcAKg4MgAQDAwcAKg4MgAdDAwcAKg+Z
gAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2MA0GCSqGSIb3DQEBCwUAA4IB
AQA9EMXm0WI1eZhHDvk8FIG6gGencjr8kOzu9NWFZOqz04Gi51OYvP5bmj7wJcV+
yY0lb3CHfuVHgXyNf0MRheGoug4jkK2ou9djOvG39RcX+Zr0pWGJQ69nc91p9zOe
i8omYAPh7RKChpBCnUyE9c2bXxNtexE5sBScOUTjrQoQ+RRVIyw9YrrOmnHrCv3d
k9veS/8BRnmCbQNvaOTeIwMLT/tBqKgNCKtItKoSyXrK0rGYy8kjXWc19WOWyEtO
M/jN0GyafnmlqvwfRr9Zv2j3AlcZy7MfwdDk+YzCXS5HErtyj9s7o7uN28CCXDzd
8RHgvu0hpDvSdt9JFQj/mBsa
-----END CERTIFICATE-----
Generated at Mon May 6 08:39:58 2024 by rpki-client on console-ams.rpki-client.org