Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/a7wewogDife4s8wdlyE-gbDpMR8.roa
File: a7wewogDife4s8wdlyE-gbDpMR8.roa (raw, json)
Hash identifier: 5SHjXIDrft9jNcmB/7RPGX3K/r1cfdVk6Iufe99rvQQ=
Subject key identifier: 6B:BC:1E:C2:88:03:89:F7:B8:B3:CC:1D:97:21:3E:81:B0:E9:31:1F
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 018CC5DBF7CED5363FAB71513545272E7B1E
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/a7wewogDife4s8wdlyE-gbDpMR8.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49594
IP address blocks: 95.174.72.0/21 maxlen: 21
213.151.164.0/23 maxlen: 23
213.151.160.0/22 maxlen: 22
213.151.167.0/24 maxlen: 24
185.29.32.0/22 maxlen: 22
188.73.0.0/18 maxlen: 18
2a02:468::/29 maxlen: 29
2a03:800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f7:ce:d5:36:3f:ab:71:51:35:45:27:2e:7b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bbc1ec2880389f7b8b3cc1d97213e81b0e9311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:3d:19:d6:77:38:b1:1d:be:90:68:af:0b:
77:ce:f4:12:3e:b2:aa:69:d3:8f:0f:87:a4:a1:74:
4c:04:83:f5:69:a5:f7:db:de:2f:b7:72:a0:0d:99:
72:84:bc:30:ff:e8:d3:c7:63:96:96:12:15:7b:28:
2d:a2:8d:31:05:c2:0f:68:01:c4:94:62:4c:52:30:
a3:9b:a5:87:82:71:65:3e:82:47:ec:3a:20:a1:2b:
6d:b4:5f:bd:ea:28:c6:69:55:8f:bf:a1:04:91:51:
1d:20:9a:0c:64:71:e2:fe:c1:07:14:28:d4:25:76:
58:cd:f7:6d:51:3c:40:ed:a5:8e:a5:3f:e4:22:9b:
2f:9a:0e:6f:d3:ba:72:3d:e6:b3:7b:46:9e:8b:2e:
ce:38:36:24:3f:31:f6:8e:7b:a4:16:4b:33:b5:e3:
81:0d:21:15:81:8f:2e:c8:7a:0d:4f:59:48:c0:69:
34:13:41:b6:6d:13:11:26:91:82:26:3a:72:dc:b6:
99:9a:0d:f0:d5:98:4f:39:dc:a0:f1:6e:91:cf:33:
a4:5a:07:49:40:e4:97:aa:cf:0a:d6:93:28:da:11:
e5:56:88:d3:61:84:23:e5:c6:a7:5c:50:dc:d3:13:
8d:eb:ef:22:e3:e4:66:5d:b6:94:42:e0:f8:e2:77:
2c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BC:1E:C2:88:03:89:F7:B8:B3:CC:1D:97:21:3E:81:B0:E9:31:1F
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/a7wewogDife4s8wdlyE-gbDpMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.174.72.0/21
185.29.32.0/22
188.73.0.0/18
213.151.160.0-213.151.165.255
213.151.167.0/24
IPv6:
2a02:468::/29
2a03:800::/32
Signature Algorithm: sha256WithRSAEncryption
a9:55:29:97:45:66:4e:e6:2a:76:4e:28:93:61:52:2d:13:ec:
09:21:aa:9e:90:3a:65:6c:07:c3:b7:cc:b2:fd:c5:76:37:67:
57:67:0a:a6:6b:b2:df:fd:8c:43:a4:70:20:b2:f5:78:e5:fc:
b3:61:ee:e0:5e:72:68:ba:78:d6:0a:4a:ec:56:d7:08:d3:0e:
88:c7:b4:a9:32:6f:b0:dc:2a:ae:25:76:5b:ef:df:ca:bd:79:
0a:6d:98:5a:f4:4d:84:10:12:15:1e:db:5b:f4:8b:14:e4:17:
c2:18:2a:0e:6a:43:7c:a8:ee:29:63:5d:98:4a:49:f2:72:a9:
38:4a:67:98:d5:95:9e:90:83:22:09:f8:cc:fc:11:e4:e6:30:
7b:8b:50:f8:b9:17:6c:ee:43:04:4d:16:ee:8d:c8:58:4b:b1:
fe:40:d9:de:f5:98:c7:9a:d4:7f:bb:62:46:23:a7:28:30:c7:
fa:32:dd:81:50:b9:95:2b:28:8e:d7:42:3a:62:a6:2d:e6:7a:
f1:f7:ea:ec:07:29:51:ce:1d:67:f3:ae:a0:9f:8b:49:ed:c5:
08:a3:3c:ad:51:85:8e:d1:79:7f:11:b4:98:2e:88:f2:bb:83:
a4:a3:21:9d:88:8b:dc:7d:a2:9d:69:4a:bf:50:bb:80:f7:70:
08:dc:a5:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzF2/fO1TY/q3FRNUUnLnseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJjMWVjMjg4MDM4OWY3YjhiM2NjMWQ5NzIxM2U4MWIwZTkzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKc9GdZ3OLEdvpBorwt3zvQSPrKq
adOPD4ekoXRMBIP1aaX3294vt3KgDZlyhLww/+jTx2OWlhIVeygtoo0xBcIPaAHE
lGJMUjCjm6WHgnFlPoJH7DogoStttF+96ijGaVWPv6EEkVEdIJoMZHHi/sEHFCjU
JXZYzfdtUTxA7aWOpT/kIpsvmg5v07pyPeaze0aeiy7OODYkPzH2jnukFkszteOB
DSEVgY8uyHoNT1lIwGk0E0G2bRMRJpGCJjpy3LaZmg3w1ZhPOdyg8W6RzzOkWgdJ
QOSXqs8K1pMo2hHlVojTYYQj5canXFDc0xON6+8i4+RmXbaUQuD44ncsxQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGu8HsKIA4n3uLPMHZchPoGw6TEfMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvYTd3ZXdvZ0RpZmU0czh3ZGx5RS1nYkRwTVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQDX65IAwQC
uR0gAwQGvEkAMAwDBAXVl6ADBAHVl6QDBADVl6cwFAQCAAIwDgMFAyoCBGgDBQAq
AwgAMA0GCSqGSIb3DQEBCwUAA4IBAQCpVSmXRWZO5ip2TiiTYVItE+wJIaqekDpl
bAfDt8yy/cV2N2dXZwqma7Lf/YxDpHAgsvV45fyzYe7gXnJounjWCkrsVtcI0w6I
x7SpMm+w3CquJXZb79/KvXkKbZha9E2EEBIVHttb9IsU5BfCGCoOakN8qO4pY12Y
Sknycqk4SmeY1ZWekIMiCfjM/BHk5jB7i1D4uRds7kMETRbujchYS7H+QNne9ZjH
mtR/u2JGI6coMMf6Mt2BULmVKyiO10I6YqYt5nrx9+rsBylRzh1n866gn4tJ7cUI
ozytUYWO0Xl/EbSYLojyu4OkoyGdiIvcfaKdaUq/ULuA93AI3KVH
-----END CERTIFICATE-----
Generated at Sun Jun 23 03:23:44 2024 by rpki-client on console-fra.rpki-client.org