Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/7LCEYLUBoVwk3JmN5h-Un1tRYTE.roa
File: 7LCEYLUBoVwk3JmN5h-Un1tRYTE.roa (raw, json)
Hash identifier: Kqy2MBbDkZdJ7476qhNJnkg6PJd9soiDyKyj932huOw=
Subject key identifier: EC:B0:84:60:B5:01:A1:5C:24:DC:99:8D:E6:1F:94:9F:5B:51:61:31
Certificate issuer: /CN=32facf5d02730268d3b1e76c96b0f8588d998b4f
Certificate serial: 018F0EBD75F2603C47B650A5F6DBD699FCC6
Authority key identifier: 32:FA:CF:5D:02:73:02:68:D3:B1:E7:6C:96:B0:F8:58:8D:99:8B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MvrPXQJzAmjTsedslrD4WI2Zi08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/7LCEYLUBoVwk3JmN5h-Un1tRYTE.roa
Signing time: Wed 24 Apr 2024 06:14:08 +0000
ROA not before: Wed 24 Apr 2024 06:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43754
IP address blocks: 185.162.217.0/24 maxlen: 24
185.162.218.0/24 maxlen: 24
185.162.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/MvrPXQJzAmjTsedslrD4WI2Zi08.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/MvrPXQJzAmjTsedslrD4WI2Zi08.mft
rsync://rpki.ripe.net/repository/DEFAULT/MvrPXQJzAmjTsedslrD4WI2Zi08.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:bd:75:f2:60:3c:47:b6:50:a5:f6:db:d6:99:fc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32facf5d02730268d3b1e76c96b0f8588d998b4f
Validity
Not Before: Apr 24 06:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecb08460b501a15c24dc998de61f949f5b516131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e0:a6:65:6c:8f:7a:8b:bd:1c:be:a7:f6:09:
4a:cb:a5:52:17:94:97:8b:3b:8a:73:fc:a9:6c:3e:
64:4f:61:0d:dc:73:28:fc:7f:1b:aa:a8:66:3a:60:
70:cf:c0:cc:e7:6a:ed:e1:b0:9f:ca:da:31:72:1b:
61:4b:7b:38:0e:7a:22:f1:6b:37:65:d4:e7:d1:6e:
e5:57:80:e1:b2:a3:ad:47:40:d2:ae:ea:f3:c0:98:
7a:f1:95:37:78:4e:22:f4:6a:0a:c8:b8:15:c7:92:
ff:33:96:eb:51:b3:0b:16:e0:d2:35:b3:69:0f:ee:
15:bb:42:f5:84:bf:ec:bf:05:df:05:b8:a1:73:f7:
d5:6e:09:3a:2c:57:55:cf:74:db:9f:1a:3a:3e:f9:
e2:57:81:01:f3:31:62:4e:e2:09:0a:9d:4b:a2:6b:
e6:47:0c:da:b8:68:95:7c:77:d3:42:75:8f:0a:09:
33:60:23:a4:79:91:5e:db:25:61:3b:4c:1d:75:4c:
3e:ef:64:a7:ac:37:21:c1:69:92:43:6f:d1:39:5f:
67:bd:da:57:92:92:f9:88:35:c9:fd:eb:47:4d:06:
82:cc:47:cd:4b:7c:33:b5:22:14:73:0c:0b:bf:ad:
c6:32:b3:9e:ec:d3:33:e4:10:19:1f:d4:65:46:c1:
59:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B0:84:60:B5:01:A1:5C:24:DC:99:8D:E6:1F:94:9F:5B:51:61:31
X509v3 Authority Key Identifier:
keyid:32:FA:CF:5D:02:73:02:68:D3:B1:E7:6C:96:B0:F8:58:8D:99:8B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MvrPXQJzAmjTsedslrD4WI2Zi08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/7LCEYLUBoVwk3JmN5h-Un1tRYTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/MvrPXQJzAmjTsedslrD4WI2Zi08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.217.0-185.162.219.255
Signature Algorithm: sha256WithRSAEncryption
85:49:20:3e:1f:b1:91:a3:24:53:a9:e3:f3:cb:e6:26:b8:64:
42:ea:30:f6:b0:e5:83:e3:aa:9c:77:46:b5:df:87:53:48:ff:
19:0d:d9:bf:5c:af:94:78:4d:f9:b1:d6:dd:35:8d:77:5d:2a:
16:cb:11:5b:87:ba:35:9d:9e:83:f7:74:3d:cb:7d:0f:b9:e0:
46:4b:47:0f:57:2e:d9:cb:6b:ed:4e:c0:37:1b:fd:6e:49:ad:
3e:67:4a:b3:c3:1e:f0:12:20:d3:d3:15:71:74:ca:31:81:5c:
86:86:bf:d1:1f:58:51:c4:08:6b:58:a7:2e:7c:6e:8c:88:a2:
f6:db:4a:2e:35:ad:f2:35:f3:3d:f2:e5:58:ed:9a:9a:c5:c8:
9f:85:7d:f6:88:76:f0:43:20:9d:c0:8b:70:02:ae:1d:04:fc:
d6:d0:48:90:8e:43:c1:dc:7e:76:d3:0c:51:bf:2d:e5:c4:03:
b7:5b:90:3e:07:23:cf:93:d1:03:c3:8a:04:71:f1:b0:c8:79:
ef:61:f4:5a:70:46:87:37:bd:2a:6d:1a:63:b8:52:18:49:db:
86:1c:c7:8e:66:02:11:15:fe:57:58:5b:01:b4:71:ab:ab:09:
bb:3b:95:a3:0b:d8:de:5c:b6:04:3b:42:9b:7e:46:a9:91:10:
45:55:72:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8OvXXyYDxHtlCl9tvWmfzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZmFjZjVkMDI3MzAyNjhkM2IxZTc2Yzk2YjBmODU4OGQ5
OThiNGYwHhcNMjQwNDI0MDYxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IwODQ2MGI1MDFhMTVjMjRkYzk5OGRlNjFmOTQ5ZjViNTE2MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeCmZWyPeou9HL6n9glKy6VSF5SX
izuKc/ypbD5kT2EN3HMo/H8bqqhmOmBwz8DM52rt4bCfytoxchthS3s4Dnoi8Ws3
ZdTn0W7lV4DhsqOtR0DSrurzwJh68ZU3eE4i9GoKyLgVx5L/M5brUbMLFuDSNbNp
D+4Vu0L1hL/svwXfBbihc/fVbgk6LFdVz3Tbnxo6PvniV4EB8zFiTuIJCp1Lomvm
RwzauGiVfHfTQnWPCgkzYCOkeZFe2yVhO0wddUw+72SnrDchwWmSQ2/ROV9nvdpX
kpL5iDXJ/etHTQaCzEfNS3wztSIUcwwLv63GMrOe7NMz5BAZH9RlRsFZGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOywhGC1AaFcJNyZjeYflJ9bUWExMB8GA1UdIwQY
MBaAFDL6z10CcwJo07HnbJaw+FiNmYtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXZyUFhRSnpBbWpUc2Vkc2xyRDRXSTJaaTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNGNiOTUtOTEyNy00ODY5LThmOTAt
OWU0ZTQ2ZjYwYTY4LzEvN0xDRVlMVUJvVndrM0ptTjVoLVVuMXRSWVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNGNiOTUtOTEyNy00ODY5LThmOTAtOWU0ZTQ2ZjYwYTY4
LzEvTXZyUFhRSnpBbWpUc2Vkc2xyRDRXSTJaaTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5otkD
BAK5otgwDQYJKoZIhvcNAQELBQADggEBAIVJID4fsZGjJFOp4/PL5ia4ZELqMPaw
5YPjqpx3RrXfh1NI/xkN2b9cr5R4Tfmx1t01jXddKhbLEVuHujWdnoP3dD3LfQ+5
4EZLRw9XLtnLa+1OwDcb/W5JrT5nSrPDHvASINPTFXF0yjGBXIaGv9EfWFHECGtY
py58boyIovbbSi41rfI18z3y5VjtmprFyJ+FffaIdvBDIJ3Ai3ACrh0E/NbQSJCO
Q8HcfnbTDFG/LeXEA7dbkD4HI8+T0QPDigRx8bDIee9h9FpwRoc3vSptGmO4UhhJ
24Ycx45mAhEV/ldYWwG0caurCbs7laML2N5ctgQ7Qpt+RqmREEVVcpA=
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:57:50 2024 by rpki-client on console-fra.rpki-client.org