Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/7_Z8FutV6uGyCZnS2119A9FDN0c.roa
File: 7_Z8FutV6uGyCZnS2119A9FDN0c.roa (raw, json)
Hash identifier: qEldnwQRrztjpAJKQH8lFRxSAiB8ceY4VoGt4uDr1PM=
Subject key identifier: EF:F6:7C:16:EB:55:EA:E1:B2:09:99:D2:DB:5D:7D:03:D1:43:37:47
Certificate issuer: /CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Certificate serial: 01910AABEC4AB7F0024375AE970974EEB2AD
Authority key identifier: 60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/7_Z8FutV6uGyCZnS2119A9FDN0c.roa
Signing time: Wed 31 Jul 2024 21:22:04 +0000
ROA not before: Wed 31 Jul 2024 21:22:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39402
IP address blocks: 185.130.136.0/24 maxlen: 24
185.130.137.0/24 maxlen: 24
185.130.138.0/24 maxlen: 24
185.130.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0a:ab:ec:4a:b7:f0:02:43:75:ae:97:09:74:ee:b2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Validity
Not Before: Jul 31 21:22:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eff67c16eb55eae1b20999d2db5d7d03d1433747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:a3:af:7d:be:d6:89:34:6b:3c:2e:89:f2:
a7:a9:2c:2a:4d:c6:7a:5f:a0:0d:f6:92:84:aa:9d:
af:d3:2f:d4:4d:ac:60:2c:89:e3:5b:bb:59:3d:44:
a0:7f:bb:23:ab:3f:61:2b:9d:cd:b6:38:ee:35:c3:
9e:0f:fa:6c:2b:d5:19:6c:a8:94:81:82:65:66:ed:
81:c7:f7:db:9e:c6:2a:ba:46:95:59:4f:dc:84:d1:
96:ea:4b:fc:68:91:02:df:52:0c:12:80:92:3f:59:
e5:5b:6f:69:7f:51:11:05:0e:d1:7b:7e:cf:83:ef:
ec:af:e5:9d:1c:f1:82:97:7a:aa:5e:b9:32:ad:16:
0f:cd:da:0b:8b:f7:e1:61:89:9f:3e:d0:30:5b:03:
40:32:06:b8:1a:21:0b:3b:b2:b5:48:e1:2e:be:7b:
0c:a8:84:e6:d6:44:f9:84:6c:6a:10:24:70:04:0f:
5f:ff:a0:2b:5d:13:13:bc:22:f6:1a:08:39:90:a5:
66:5e:7f:2f:62:78:fb:52:c1:95:58:c7:ff:92:b7:
23:c7:c3:e2:ea:34:79:19:4b:a5:d0:1d:33:4e:83:
1a:ae:59:89:01:38:c4:07:77:a6:0a:ed:4f:98:53:
15:bd:ec:86:b6:4e:57:b1:c0:d2:73:91:53:e3:10:
ec:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F6:7C:16:EB:55:EA:E1:B2:09:99:D2:DB:5D:7D:03:D1:43:37:47
X509v3 Authority Key Identifier:
keyid:60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/7_Z8FutV6uGyCZnS2119A9FDN0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.136.0/22
Signature Algorithm: sha256WithRSAEncryption
45:1f:f3:b7:00:04:bf:63:0c:bd:24:c6:87:b8:33:a9:f1:89:
44:e4:66:86:d2:61:4a:c5:07:2b:25:f4:63:43:b6:77:9e:0a:
3d:9a:1a:a4:49:78:f7:5c:26:b8:5a:f8:9c:15:65:5e:17:4f:
ca:b1:3a:34:2f:d2:de:0c:d8:21:e3:c1:a2:4a:9e:37:66:ea:
1c:3e:25:a4:74:2d:7b:4c:02:e7:d7:41:95:36:7f:74:d4:03:
c7:d9:f9:1e:52:3f:22:92:b5:a5:9b:f3:3e:41:cf:0e:9e:dc:
c5:03:79:95:20:dc:1b:cb:5d:2a:6a:a4:76:92:ef:48:bf:ab:
aa:69:bd:88:29:89:27:2b:29:fe:49:4e:fe:6d:6c:69:cd:f0:
9a:86:ac:fc:11:46:3f:62:cd:d1:17:50:01:13:4b:da:ed:d0:
dd:c5:54:bb:9d:35:a7:3c:bf:92:88:05:d3:3c:57:58:a2:0b:
ac:87:83:e5:4d:37:a5:e0:14:8f:f8:e6:01:51:0f:c9:fd:24:
80:0e:1a:57:e8:03:21:ad:3c:60:6d:1b:f0:89:0c:48:4f:f3:
8e:53:51:fb:34:67:4f:90:47:c3:38:c8:f7:08:0b:e7:5a:7b:
14:53:88:6c:e7:c8:7a:8b:43:37:aa:7e:c9:b8:64:6a:96:f6:
20:11:ba:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEKq+xKt/ACQ3Wulwl07rKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzhkNTc3NDdmNzI5NzAwZWYyZjU2MTRmNmRmZGVjOGQx
MTlmMmQwHhcNMjQwNzMxMjEyMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmY2N2MxNmViNTVlYWUxYjIwOTk5ZDJkYjVkN2QwM2QxNDMzNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNKjr32+1ok0azwuifKnqSwqTcZ6
X6AN9pKEqp2v0y/UTaxgLInjW7tZPUSgf7sjqz9hK53NtjjuNcOeD/psK9UZbKiU
gYJlZu2Bx/fbnsYqukaVWU/chNGW6kv8aJEC31IMEoCSP1nlW29pf1ERBQ7Re37P
g+/sr+WdHPGCl3qqXrkyrRYPzdoLi/fhYYmfPtAwWwNAMga4GiELO7K1SOEuvnsM
qITm1kT5hGxqECRwBA9f/6ArXRMTvCL2Ggg5kKVmXn8vYnj7UsGVWMf/krcjx8Pi
6jR5GUul0B0zToMarlmJATjEB3emCu1PmFMVveyGtk5XscDSc5FT4xDsmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/2fBbrVerhsgmZ0ttdfQPRQzdHMB8GA1UdIwQY
MBaAFGDI1XdH9ylwDvL1YU9t/eyNEZ8tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgt
ZDc1ZjU5NWZhN2MzLzEvN19aOEZ1dFY2dUd5Q1puUzIxMTlBOUZETjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgtZDc1ZjU5NWZhN2Mz
LzEvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYKIMA0G
CSqGSIb3DQEBCwUAA4IBAQBFH/O3AAS/Ywy9JMaHuDOp8YlE5GaG0mFKxQcrJfRj
Q7Z3ngo9mhqkSXj3XCa4WvicFWVeF0/KsTo0L9LeDNgh48GiSp43ZuocPiWkdC17
TALn10GVNn901APH2fkeUj8ikrWlm/M+Qc8OntzFA3mVINwby10qaqR2ku9Iv6uq
ab2IKYknKyn+SU7+bWxpzfCahqz8EUY/Ys3RF1ABE0va7dDdxVS7nTWnPL+SiAXT
PFdYogush4PlTTel4BSP+OYBUQ/J/SSADhpX6AMhrTxgbRvwiQxIT/OOU1H7NGdP
kEfDOMj3CAvnWnsUU4hs58h6i0M3qn7JuGRqlvYgEbrd
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:17:02 2024 by rpki-client on console-fra.rpki-client.org