Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/hRdR_qZjwgpFDKqeBVpcWvWwQ_0.roa
File: hRdR_qZjwgpFDKqeBVpcWvWwQ_0.roa (raw, json)
Hash identifier: tNKoGXWN0DB+5WeBZXFKgfIrfFRSZOX+kYKderAZHzg=
Subject key identifier: 85:17:51:FE:A6:63:C2:0A:45:0C:AA:9E:05:5A:5C:5A:F5:B0:43:FD
Certificate issuer: /CN=7d68de7c4702fe50932d7ecda2f278391f4b9ace
Certificate serial: 018DEF76AC55A6E5EC7FAB8F816A12B65844
Authority key identifier: 7D:68:DE:7C:47:02:FE:50:93:2D:7E:CD:A2:F2:78:39:1F:4B:9A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/hRdR_qZjwgpFDKqeBVpcWvWwQ_0.roa
Signing time: Wed 28 Feb 2024 11:25:48 +0000
ROA not before: Wed 28 Feb 2024 11:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59701
IP address blocks: 79.171.144.0/21 maxlen: 21
185.147.72.0/22 maxlen: 22
195.5.160.0/24 maxlen: 24
2a06:d480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:76:ac:55:a6:e5:ec:7f:ab:8f:81:6a:12:b6:58:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d68de7c4702fe50932d7ecda2f278391f4b9ace
Validity
Not Before: Feb 28 11:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=851751fea663c20a450caa9e055a5c5af5b043fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f4:60:50:88:e4:73:bd:44:fa:0b:88:ed:a9:
55:a6:e5:62:96:79:0f:18:c4:d2:4c:88:7f:c6:38:
cb:85:20:2b:ee:df:75:be:09:40:ba:5d:32:5e:36:
9a:52:b3:6d:cd:87:ab:0b:37:6d:cc:6b:ed:a7:c3:
7a:32:fb:45:7e:78:bc:02:e5:6f:d7:47:52:e9:c4:
01:7f:c2:7e:21:75:0a:a3:cf:42:c9:79:60:46:7c:
ef:ec:94:60:98:f4:90:9b:01:8d:b7:ad:df:31:36:
12:84:db:55:9d:a9:77:c2:ac:11:2f:a3:90:78:02:
12:a4:ed:18:6b:25:06:c9:e4:00:85:69:3e:ce:a0:
44:49:40:fc:b0:f6:27:9b:1d:f9:29:1f:93:8e:4f:
e8:1e:c6:7c:87:dd:f7:c1:3e:e6:91:95:e4:ff:4d:
eb:fc:0a:b9:d4:33:34:88:05:3b:0f:09:fd:75:88:
33:bb:e9:db:ae:05:f7:f6:8b:cc:27:23:72:71:ac:
64:15:8e:c0:9b:7f:0b:b6:a0:a1:e3:d0:c3:49:00:
a0:66:e4:ab:70:b2:8a:f9:55:bd:66:c5:bc:0d:72:
32:99:4f:b0:a8:0c:97:cc:62:27:f0:b1:93:d4:28:
a8:dd:07:70:f8:d6:74:6b:ce:2e:e4:d3:8a:a0:20:
09:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:17:51:FE:A6:63:C2:0A:45:0C:AA:9E:05:5A:5C:5A:F5:B0:43:FD
X509v3 Authority Key Identifier:
keyid:7D:68:DE:7C:47:02:FE:50:93:2D:7E:CD:A2:F2:78:39:1F:4B:9A:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWjefEcC_lCTLX7NovJ4OR9Lms4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/hRdR_qZjwgpFDKqeBVpcWvWwQ_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82be99-5195-4774-8254-0c0246c6f623/1/fWjefEcC_lCTLX7NovJ4OR9Lms4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.144.0/21
185.147.72.0/22
195.5.160.0/24
IPv6:
2a06:d480::/29
Signature Algorithm: sha256WithRSAEncryption
52:2c:62:1e:6e:0b:95:68:94:18:1c:84:6d:6f:5b:c6:2f:1d:
0e:4b:c4:f4:47:79:8d:42:bb:29:d5:43:de:09:6c:16:3f:74:
63:32:68:1e:2b:11:ac:58:e7:75:62:97:d4:bb:09:0b:d4:d3:
80:35:9a:72:fc:7e:06:b0:d6:ce:1f:8d:26:98:c2:5a:92:5a:
99:4e:fb:e5:7e:de:4a:df:02:12:8d:2b:f1:c3:e9:69:08:d2:
ae:2d:73:7d:21:1c:80:39:bd:bd:24:12:52:cd:eb:eb:fe:0e:
41:40:cb:79:14:ec:62:d5:43:91:38:68:51:e0:93:8c:79:1c:
e2:c5:0e:b0:fb:d1:e4:30:89:87:bc:c2:9f:24:1c:83:d8:33:
55:56:be:db:ff:11:05:70:59:7b:a0:6b:38:72:40:ef:e6:90:
86:63:ea:59:c0:5c:47:f6:2d:ba:98:74:08:26:f1:7f:12:f9:
fa:75:87:53:bf:a2:a0:e3:71:56:45:f9:6e:c7:87:97:16:ad:
24:e8:1e:52:19:ae:bd:ad:7f:df:74:23:4d:90:e6:5f:c4:5b:
e6:76:a7:cb:57:e6:b9:10:c5:30:cb:9c:02:2c:8f:9a:e5:c5:
e6:06:53:8f:07:e8:d3:7c:73:af:73:64:a2:0b:c4:bc:44:41:
b6:56:e7:58
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3vdqxVpuXsf6uPgWoStlhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjhkZTdjNDcwMmZlNTA5MzJkN2VjZGEyZjI3ODM5MWY0
YjlhY2UwHhcNMjQwMjI4MTEyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE3NTFmZWE2NjNjMjBhNDUwY2FhOWUwNTVhNWM1YWY1YjA0M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vRgUIjkc71E+guI7alVpuVilnkP
GMTSTIh/xjjLhSAr7t91vglAul0yXjaaUrNtzYerCzdtzGvtp8N6MvtFfni8AuVv
10dS6cQBf8J+IXUKo89CyXlgRnzv7JRgmPSQmwGNt63fMTYShNtVnal3wqwRL6OQ
eAISpO0YayUGyeQAhWk+zqBESUD8sPYnmx35KR+Tjk/oHsZ8h933wT7mkZXk/03r
/Aq51DM0iAU7Dwn9dYgzu+nbrgX39ovMJyNycaxkFY7Am38LtqCh49DDSQCgZuSr
cLKK+VW9ZsW8DXIymU+wqAyXzGIn8LGT1Cio3Qdw+NZ0a84u5NOKoCAJ3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIUXUf6mY8IKRQyqngVaXFr1sEP9MB8GA1UdIwQY
MBaAFH1o3nxHAv5Qky1+zaLyeDkfS5rOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldqZWZFY0NfbENUTFg3Tm92SjRPUjlMbXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmJlOTktNTE5NS00Nzc0LTgyNTQt
MGMwMjQ2YzZmNjIzLzEvaFJkUl9xWmp3Z3BGREtxZUJWcGNXdld3UV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmJlOTktNTE5NS00Nzc0LTgyNTQtMGMwMjQ2YzZmNjIz
LzEvZldqZWZFY0NfbENUTFg3Tm92SjRPUjlMbXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT6uQAwQC
uZNIAwQAwwWgMA0EAgACMAcDBQMqBtSAMA0GCSqGSIb3DQEBCwUAA4IBAQBSLGIe
bguVaJQYHIRtb1vGLx0OS8T0R3mNQrsp1UPeCWwWP3RjMmgeKxGsWOd1YpfUuwkL
1NOANZpy/H4GsNbOH40mmMJaklqZTvvlft5K3wISjSvxw+lpCNKuLXN9IRyAOb29
JBJSzevr/g5BQMt5FOxi1UOROGhR4JOMeRzixQ6w+9HkMImHvMKfJByD2DNVVr7b
/xEFcFl7oGs4ckDv5pCGY+pZwFxH9i26mHQIJvF/Evn6dYdTv6Kg43FWRflux4eX
Fq0k6B5SGa69rX/fdCNNkOZfxFvmdqfLV+a5EMUwy5wCLI+a5cXmBlOPB+jTfHOv
c2SiC8S8REG2VudY
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:20:22 2024 by rpki-client on console-ams.rpki-client.org