Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/i7PPlmZM_sxwVQI4X2Z-Togb7HQ.roa
File: i7PPlmZM_sxwVQI4X2Z-Togb7HQ.roa (raw, json)
Hash identifier: r91aYctDEOINXbhtpH4CppO7J/iAaeBBR/meNreGeAA=
Subject key identifier: 8B:B3:CF:96:66:4C:FE:CC:70:55:02:38:5F:66:7E:4E:88:1B:EC:74
Certificate issuer: /CN=d31d4b941e064b46bc29af645bc754704d3a94c1
Certificate serial: 018D45558F374AEBB5E28093136CF0B95125
Authority key identifier: D3:1D:4B:94:1E:06:4B:46:BC:29:AF:64:5B:C7:54:70:4D:3A:94:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x1LlB4GS0a8Ka9kW8dUcE06lME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/i7PPlmZM_sxwVQI4X2Z-Togb7HQ.roa
Signing time: Fri 26 Jan 2024 10:34:11 +0000
ROA not before: Fri 26 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57424
IP address blocks: 149.62.48.0/24 maxlen: 24
149.62.49.0/24 maxlen: 24
149.62.50.0/24 maxlen: 24
149.62.51.0/24 maxlen: 24
149.62.52.0/24 maxlen: 24
149.62.53.0/24 maxlen: 24
149.62.54.0/24 maxlen: 24
149.62.55.0/24 maxlen: 24
185.77.204.0/24 maxlen: 24
185.77.205.0/24 maxlen: 24
185.77.206.0/24 maxlen: 24
185.77.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/0x1LlB4GS0a8Ka9kW8dUcE06lME.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/0x1LlB4GS0a8Ka9kW8dUcE06lME.mft
rsync://rpki.ripe.net/repository/DEFAULT/0x1LlB4GS0a8Ka9kW8dUcE06lME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:55:8f:37:4a:eb:b5:e2:80:93:13:6c:f0:b9:51:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31d4b941e064b46bc29af645bc754704d3a94c1
Validity
Not Before: Jan 26 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bb3cf96664cfecc705502385f667e4e881bec74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:66:12:3d:70:bc:fe:17:f7:a9:d6:ac:65:
6b:82:fb:f0:d2:1c:6f:4a:b6:a4:b6:f2:8b:dc:e7:
fd:ea:6e:60:ee:e1:ff:d0:8e:47:ce:aa:b2:32:e3:
96:55:2c:0d:f6:7c:93:15:38:35:c1:47:8c:20:68:
8f:bb:5b:a5:20:5b:e9:64:d9:c3:0e:b2:8e:64:41:
36:07:d1:58:c7:33:46:b4:70:3f:80:e1:5f:dd:51:
12:a8:81:0b:80:60:91:56:85:75:c8:b7:f4:79:0e:
ca:d7:19:b7:9e:52:42:41:41:77:75:06:19:2e:da:
ec:23:c4:2b:0b:b6:89:79:4c:cc:c3:a1:27:94:37:
a5:44:0e:e6:e9:6a:b6:51:84:c6:08:02:d6:2f:e9:
c2:f4:55:0b:4a:ce:b7:a6:a1:5c:b1:bd:51:0a:01:
61:fa:fb:7f:1f:ea:91:84:cc:19:ca:df:98:d7:7a:
be:8d:d9:ff:70:7d:0c:2e:77:67:fb:3e:80:f0:90:
18:98:7a:dd:6a:4b:32:b9:18:d4:1f:ce:3d:1c:55:
46:e3:98:73:71:1b:a3:fa:d1:36:81:33:7b:a4:c3:
f4:26:9e:0c:7f:72:19:4e:72:c7:23:e0:d0:c5:05:
f2:85:a2:1a:db:69:6d:9c:f2:a8:32:95:c6:b5:1e:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B3:CF:96:66:4C:FE:CC:70:55:02:38:5F:66:7E:4E:88:1B:EC:74
X509v3 Authority Key Identifier:
keyid:D3:1D:4B:94:1E:06:4B:46:BC:29:AF:64:5B:C7:54:70:4D:3A:94:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x1LlB4GS0a8Ka9kW8dUcE06lME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/i7PPlmZM_sxwVQI4X2Z-Togb7HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/333113-a891-4d92-b669-705449bdeeb6/1/0x1LlB4GS0a8Ka9kW8dUcE06lME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.48.0/21
185.77.204.0/22
Signature Algorithm: sha256WithRSAEncryption
82:fb:4d:d9:c6:05:35:c7:b9:c4:f8:cf:1b:a2:f0:51:96:a6:
7e:00:74:05:21:3d:fa:88:dc:a7:a6:28:da:4b:0a:f4:d2:50:
b0:a0:38:07:9a:48:6b:32:dd:ba:4d:cc:f0:6f:1f:af:20:56:
71:ae:07:49:ca:85:6c:a5:70:e6:84:c7:a7:7e:ac:ce:2b:fd:
2a:08:7c:01:37:3c:f5:51:a6:fa:4a:8a:d1:f5:f4:2c:27:9b:
c4:0f:07:83:46:39:7e:76:b6:10:4f:2b:22:4b:86:6a:30:db:
44:23:cf:6d:2e:a8:56:0d:0e:75:a5:18:06:2b:32:6b:90:b1:
69:95:db:96:09:e0:3c:fb:0b:cf:b0:85:39:6a:2f:f2:87:d7:
b0:97:e7:08:36:ea:6c:2f:63:3f:6a:7b:81:e5:df:9d:52:3c:
59:4c:62:78:e3:b2:e9:25:ed:4c:04:41:8a:60:b3:c4:ce:07:
39:96:52:2d:69:db:d6:22:61:39:5a:ec:e2:26:85:cd:6d:b7:
99:71:0c:09:dd:1d:62:ac:52:c9:fc:6d:42:58:c9:8a:5b:2d:
df:36:55:0a:c3:8e:d2:b7:0a:5e:86:ba:2f:52:97:48:09:22:
33:07:b7:79:99:ba:03:9a:c2:7f:39:a4:5c:32:ae:b5:35:25:
04:53:37:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1FVY83Suu14oCTE2zwuVElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWQ0Yjk0MWUwNjRiNDZiYzI5YWY2NDViYzc1NDcwNGQz
YTk0YzEwHhcNMjQwMTI2MTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIzY2Y5NjY2NGNmZWNjNzA1NTAyMzg1ZjY2N2U0ZTg4MWJlYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll5mEj1wvP4X96nWrGVrgvvw0hxv
SraktvKL3Of96m5g7uH/0I5HzqqyMuOWVSwN9nyTFTg1wUeMIGiPu1ulIFvpZNnD
DrKOZEE2B9FYxzNGtHA/gOFf3VESqIELgGCRVoV1yLf0eQ7K1xm3nlJCQUF3dQYZ
LtrsI8QrC7aJeUzMw6EnlDelRA7m6Wq2UYTGCALWL+nC9FULSs63pqFcsb1RCgFh
+vt/H+qRhMwZyt+Y13q+jdn/cH0MLndn+z6A8JAYmHrdaksyuRjUH849HFVG45hz
cRuj+tE2gTN7pMP0Jp4Mf3IZTnLHI+DQxQXyhaIa22ltnPKoMpXGtR6PGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIuzz5ZmTP7McFUCOF9mfk6IG+x0MB8GA1UdIwQY
MBaAFNMdS5QeBktGvCmvZFvHVHBNOpTBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgxTGxCNEdTMGE4S2E5a1c4ZFVjRTA2bE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMzMxMTMtYTg5MS00ZDkyLWI2Njkt
NzA1NDQ5YmRlZWI2LzEvaTdQUGxtWk1fc3h3VlFJNFgyWi1Ub2diN0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMzMxMTMtYTg5MS00ZDkyLWI2NjktNzA1NDQ5YmRlZWI2
LzEvMHgxTGxCNEdTMGE4S2E5a1c4ZFVjRTA2bE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDlT4wAwQC
uU3MMA0GCSqGSIb3DQEBCwUAA4IBAQCC+03ZxgU1x7nE+M8bovBRlqZ+AHQFIT36
iNynpijaSwr00lCwoDgHmkhrMt26Tczwbx+vIFZxrgdJyoVspXDmhMenfqzOK/0q
CHwBNzz1Uab6SorR9fQsJ5vEDweDRjl+drYQTysiS4ZqMNtEI89tLqhWDQ51pRgG
KzJrkLFplduWCeA8+wvPsIU5ai/yh9ewl+cINupsL2M/anuB5d+dUjxZTGJ447Lp
Je1MBEGKYLPEzgc5llItadvWImE5WuziJoXNbbeZcQwJ3R1irFLJ/G1CWMmKWy3f
NlUKw47StwpehrovUpdICSIzB7d5mboDmsJ/OaRcMq61NSUEUzfy
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:04:07 2024 by rpki-client on console-fra.rpki-client.org