Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7hn_kCdBssIeV55IyMb7tskDp18.roa
File: 7hn_kCdBssIeV55IyMb7tskDp18.roa (raw, json)
Hash identifier: DkpfTcUHLFpUXBZAaGNTBtUtI7DfyWruERfHo46PQ1c=
Subject key identifier: EE:19:FF:90:27:41:B2:C2:1E:57:9E:48:C8:C6:FB:B6:C9:03:A7:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF1D61B9BAFB242755011ABB65749
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7hn_kCdBssIeV55IyMb7tskDp18.roa
Signing time: Tue 02 Jan 2024 06:29:32 +0000
ROA not before: Tue 02 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60230
IP address blocks: 31.13.244.0/24 maxlen: 24
87.120.236.0/24 maxlen: 24
94.156.191.0/24 maxlen: 24
31.13.244.99/32 maxlen: 32
2a00:1728:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f1:d6:1b:9b:af:b2:42:75:50:11:ab:b6:57:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee19ff902741b2c21e579e48c8c6fbb6c903a75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:60:6a:e1:7e:e5:00:48:1b:22:7e:d8:da:c4:
e6:8f:ac:78:dc:5e:ed:aa:43:6c:ac:ac:db:89:30:
7e:64:84:c9:c9:e3:91:60:88:f0:37:27:ea:87:88:
e3:99:3a:22:03:14:30:be:53:fa:3c:09:8b:e3:af:
3c:13:7e:dc:b6:a8:a6:c1:a4:91:47:bc:fc:41:73:
9d:bd:0e:ce:c3:d2:56:82:f3:92:86:b7:0e:79:dc:
c7:a0:af:db:27:05:fe:b6:48:25:f0:b4:1f:22:19:
b9:ab:9c:84:59:d1:3b:f3:01:37:76:6b:ca:39:4d:
03:bc:72:fb:47:51:5e:e2:52:09:40:09:ef:7a:52:
71:fc:a3:25:4a:af:59:43:08:5f:eb:28:91:62:f4:
ce:1f:1c:1b:e3:a8:f2:cf:b9:16:6d:27:cd:96:a8:
92:47:ca:64:4b:76:e7:d6:fb:17:45:91:ef:5d:98:
15:6e:69:38:7c:e8:e5:7f:fc:62:56:00:b6:99:5d:
8a:c7:f1:53:73:47:fb:2f:2b:15:39:79:e2:0b:6c:
9e:e8:f4:be:d6:e4:c2:96:10:10:0a:fd:b7:76:55:
d0:38:37:bb:19:d5:84:2f:02:cb:5f:d8:11:bf:bf:
f5:14:01:bc:89:46:32:54:4f:47:11:dd:7a:a4:7e:
22:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:19:FF:90:27:41:B2:C2:1E:57:9E:48:C8:C6:FB:B6:C9:03:A7:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7hn_kCdBssIeV55IyMb7tskDp18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.244.0/24
87.120.236.0/24
94.156.191.0/24
IPv6:
2a00:1728:a::/48
Signature Algorithm: sha256WithRSAEncryption
43:1c:12:71:e8:a8:d0:6d:c7:df:b4:dc:25:75:76:48:16:99:
7d:0f:a5:af:49:ac:2c:aa:5f:44:38:86:b0:d3:c1:f2:bc:57:
b1:9c:c1:13:7d:8d:ac:96:68:1d:59:95:96:48:43:8d:23:57:
a9:c4:87:9f:cc:9f:30:06:ae:10:9e:c8:1a:fe:5a:96:cd:44:
72:7e:4d:ce:62:34:ea:92:35:12:aa:10:c2:42:ba:09:77:e0:
db:51:0f:e0:e4:7d:07:d6:bf:2d:91:48:eb:33:46:cd:e0:8d:
e9:3c:aa:ec:6f:02:85:c6:21:61:dc:e3:4f:8d:a0:89:83:21:
a4:0f:80:1c:af:8e:f4:38:fc:ef:39:23:37:ac:19:d0:08:2e:
80:44:9f:8a:42:6a:69:eb:c1:06:ed:6c:63:43:8f:c8:70:1b:
91:22:03:a8:12:2c:36:5d:8b:0d:79:92:98:6c:fd:5c:db:3f:
8a:e9:07:95:87:f0:fd:a6:e6:b2:94:f1:35:84:d8:9a:29:97:
6c:b9:ed:6b:9c:d0:25:c6:f9:2f:ed:81:27:f3:32:2e:16:3c:
22:07:1c:36:8b:2b:77:05:ed:2f:c6:8e:dc:80:c8:aa:ff:55:
d5:7a:0a:0b:84:5a:5b:12:6c:18:c9:eb:1b:2f:3a:cd:32:45:
17:5c:e6:f4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzI3PHWG5uvskJ1UBGrtldJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE5ZmY5MDI3NDFiMmMyMWU1NzllNDhjOGM2ZmJiNmM5MDNhNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WBq4X7lAEgbIn7Y2sTmj6x43F7t
qkNsrKzbiTB+ZITJyeORYIjwNyfqh4jjmToiAxQwvlP6PAmL4688E37ctqimwaSR
R7z8QXOdvQ7Ow9JWgvOShrcOedzHoK/bJwX+tkgl8LQfIhm5q5yEWdE78wE3dmvK
OU0DvHL7R1Fe4lIJQAnvelJx/KMlSq9ZQwhf6yiRYvTOHxwb46jyz7kWbSfNlqiS
R8pkS3bn1vsXRZHvXZgVbmk4fOjlf/xiVgC2mV2Kx/FTc0f7LysVOXniC2ye6PS+
1uTClhAQCv23dlXQODe7GdWELwLLX9gRv7/1FAG8iUYyVE9HEd16pH4ifQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO4Z/5AnQbLCHleeSMjG+7bJA6dfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN2huX2tDZEJzc0llVjU1SXlNYjd0c2tEcDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHw30AwQA
V3jsAwQAXpy/MA8EAgACMAkDBwAqABcoAAowDQYJKoZIhvcNAQELBQADggEBAEMc
EnHoqNBtx9+03CV1dkgWmX0Ppa9JrCyqX0Q4hrDTwfK8V7GcwRN9jayWaB1ZlZZI
Q40jV6nEh5/MnzAGrhCeyBr+WpbNRHJ+Tc5iNOqSNRKqEMJCugl34NtRD+DkfQfW
vy2RSOszRs3gjek8quxvAoXGIWHc40+NoImDIaQPgByvjvQ4/O85IzesGdAILoBE
n4pCamnrwQbtbGNDj8hwG5EiA6gSLDZdiw15kphs/VzbP4rpB5WH8P2m5rKU8TWE
2Jopl2y57Wuc0CXG+S/tgSfzMi4WPCIHHDaLK3cF7S/GjtyAyKr/VdV6CguEWlsS
bBjJ6xsvOs0yRRdc5vQ=
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:18 2024 by rpki-client on console-ams.rpki-client.org