Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/7kOO2EcY9KRJheV_ECnPzGVramk.roa
File: 7kOO2EcY9KRJheV_ECnPzGVramk.roa (raw, json)
Hash identifier: ViA3SLPnPDDxLiVkgH/9jf+H71qJYGJkDud+/ednBCQ=
Subject key identifier: EE:43:8E:D8:47:18:F4:A4:49:85:E5:7F:10:29:CF:CC:65:6B:6A:69
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018F2EB1E964F71D4809CAA88D6DC3DA1DCB
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/7kOO2EcY9KRJheV_ECnPzGVramk.roa
Signing time: Tue 30 Apr 2024 11:09:22 +0000
ROA not before: Tue 30 Apr 2024 11:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203684
IP address blocks: 91.199.9.0/24 maxlen: 24
91.199.18.0/24 maxlen: 24
91.199.27.0/24 maxlen: 24
91.199.30.0/24 maxlen: 24
109.95.60.0/24 maxlen: 24
109.95.61.0/24 maxlen: 24
109.95.62.0/24 maxlen: 24
185.186.240.0/24 maxlen: 24
185.187.86.0/23 maxlen: 23
185.187.86.0/24 maxlen: 24
185.187.87.0/24 maxlen: 24
2a11:7700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:b1:e9:64:f7:1d:48:09:ca:a8:8d:6d:c3:da:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Apr 30 11:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee438ed84718f4a44985e57f1029cfcc656b6a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2d:a3:4c:01:19:d9:6e:36:69:83:93:a1:07:
cf:d6:d6:c5:1e:ef:01:e9:0f:5d:4a:f7:e9:e1:15:
bf:e4:a8:1e:a7:ce:a4:76:79:ba:8d:57:69:03:e7:
09:64:7f:01:7a:d7:c8:c6:e9:b3:22:d3:3b:4e:d8:
23:dc:5a:a4:d1:bd:f0:b9:dd:c6:a3:8e:e7:f9:5b:
9b:ab:15:6e:c2:c3:dd:ee:7e:38:e0:e8:4f:b3:70:
a3:c1:71:c9:96:f4:b5:ee:43:a0:c3:04:e6:9f:ea:
a4:b0:66:78:87:fc:1c:ac:71:a8:87:97:75:4e:48:
29:87:44:ea:f3:db:55:01:30:50:7c:98:0e:26:4c:
ee:5d:c6:7c:5d:57:c8:c7:6b:cf:5b:c1:ae:d6:d5:
77:27:08:46:f5:64:b1:4e:8b:68:c8:19:72:ef:a6:
2c:d8:5d:94:ce:a9:f4:52:55:24:e3:48:0d:3f:c1:
48:23:4b:5f:22:62:06:e4:4f:3a:34:ad:fe:86:76:
d2:67:e1:41:8e:f3:6e:4e:76:10:19:e2:bf:07:3b:
cd:1e:94:9d:16:85:8f:29:3f:0e:a1:89:af:53:09:
29:b2:73:19:00:80:a7:72:6f:cc:a1:ff:ea:be:cc:
2f:6f:7d:1d:6c:eb:a3:8a:f5:02:21:d5:e4:18:23:
a9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:43:8E:D8:47:18:F4:A4:49:85:E5:7F:10:29:CF:CC:65:6B:6A:69
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/7kOO2EcY9KRJheV_ECnPzGVramk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.9.0/24
91.199.18.0/24
91.199.27.0/24
91.199.30.0/24
109.95.60.0-109.95.62.255
185.186.240.0/24
185.187.86.0/23
IPv6:
2a11:7700::/29
Signature Algorithm: sha256WithRSAEncryption
88:b2:96:e8:e7:df:34:db:5a:a8:9c:bf:f8:35:b6:54:b2:9c:
3b:5d:61:5f:ef:98:68:92:11:6b:df:78:35:6a:09:3e:26:7e:
11:6b:21:bb:aa:b6:fc:01:fc:57:95:d7:5c:ad:5e:30:74:40:
5a:32:a5:66:e6:f4:c5:ea:f2:e0:cf:c7:fc:23:79:3c:af:1f:
4c:c6:0a:a5:b1:e8:8b:93:51:79:b5:3c:9c:f8:9c:d4:bc:05:
65:f8:46:7b:ff:93:7f:af:57:91:fe:77:0c:a4:e8:a1:04:7a:
66:b4:a4:91:39:cc:0b:98:c7:7d:0c:24:f5:06:23:a5:9c:b2:
74:0e:71:bf:c4:11:68:c2:a2:90:71:9e:e0:f5:0e:30:6e:0e:
2b:ec:07:8c:6a:17:b9:92:cd:09:69:b1:56:b1:9a:25:a7:7e:
47:79:80:3d:a5:b0:18:23:d5:1e:ed:84:70:eb:d3:9b:fa:3d:
4d:8a:89:f3:c5:c1:2a:5b:be:7b:87:cc:36:36:d5:8e:e0:78:
9e:fe:19:91:a9:78:b1:af:81:33:ab:70:5f:b2:cb:67:3b:9c:
90:44:f5:02:e4:22:7a:b8:81:dc:8b:11:59:aa:c6:ff:c5:ef:
63:29:81:fe:9e:4d:13:fb:1c:6a:77:43:c7:1e:4e:8e:62:2e:
52:e1:4f:03
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY8uselk9x1ICcqojW3D2h3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwNDMwMTEwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQzOGVkODQ3MThmNGE0NDk4NWU1N2YxMDI5Y2ZjYzY1NmI2YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC2jTAEZ2W42aYOToQfP1tbFHu8B
6Q9dSvfp4RW/5Kgep86kdnm6jVdpA+cJZH8BetfIxumzItM7Ttgj3Fqk0b3wud3G
o47n+VubqxVuwsPd7n444OhPs3CjwXHJlvS17kOgwwTmn+qksGZ4h/wcrHGoh5d1
Tkgph0Tq89tVATBQfJgOJkzuXcZ8XVfIx2vPW8Gu1tV3JwhG9WSxTotoyBly76Ys
2F2Uzqn0UlUk40gNP8FII0tfImIG5E86NK3+hnbSZ+FBjvNuTnYQGeK/BzvNHpSd
FoWPKT8OoYmvUwkpsnMZAICncm/Mof/qvswvb30dbOujivUCIdXkGCOpewIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFO5DjthHGPSkSYXlfxApz8xla2ppMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvN2tPTzJFY1k5S1JKaGVWX0VDblB6R1ZyYW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQAW8cJAwQA
W8cSAwQAW8cbAwQAW8ceMAwDBAJtXzwDBABtXz4DBAC5uvADBAG5u1YwDQQCAAIw
BwMFAyoRdwAwDQYJKoZIhvcNAQELBQADggEBAIiylujn3zTbWqicv/g1tlSynDtd
YV/vmGiSEWvfeDVqCT4mfhFrIbuqtvwB/FeV11ytXjB0QFoypWbm9MXq8uDPx/wj
eTyvH0zGCqWx6IuTUXm1PJz4nNS8BWX4Rnv/k3+vV5H+dwyk6KEEema0pJE5zAuY
x30MJPUGI6WcsnQOcb/EEWjCopBxnuD1DjBuDivsB4xqF7mSzQlpsVaxmiWnfkd5
gD2lsBgj1R7thHDr05v6PU2KifPFwSpbvnuHzDY21Y7geJ7+GZGpeLGvgTOrcF+y
y2c7nJBE9QLkInq4gdyLEVmqxv/F72Mpgf6eTRP7HGp3Q8ceTo5iLlLhTwM=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:39:52 2024 by rpki-client on console-ams.rpki-client.org