Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7qgwC05sYb_sUofHBI2M2iN02zw.roa
File: 7qgwC05sYb_sUofHBI2M2iN02zw.roa (raw, json)
Hash identifier: SKOeV4foi1VQNQi5q/fgUNPb68AZmKPByWpPdU3Vy/o=
Subject key identifier: EE:A8:30:0B:4E:6C:61:BF:EC:52:87:C7:04:8D:8C:DA:23:74:DB:3C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DC54D1ED763126FCAC3957E1E48F73CA9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7qgwC05sYb_sUofHBI2M2iN02zw.roa
Signing time: Tue 20 Feb 2024 06:56:22 +0000
ROA not before: Tue 20 Feb 2024 06:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29066
IP address blocks: 5.253.66.0/23 maxlen: 23
92.119.124.0/22 maxlen: 24
93.123.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:4d:1e:d7:63:12:6f:ca:c3:95:7e:1e:48:f7:3c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 20 06:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea8300b4e6c61bfec5287c7048d8cda2374db3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f3:c5:7a:50:d8:de:d2:de:3f:b8:41:39:9d:
3d:a0:1e:8f:5a:ec:19:58:44:92:bf:6e:38:84:f2:
97:9a:b0:ca:69:11:4c:ec:f3:15:74:64:59:da:21:
eb:76:a1:e7:67:f4:44:4d:6c:c7:ac:2f:1b:db:ba:
f7:eb:d6:5b:40:0c:b8:4c:b7:54:1b:ab:40:1d:62:
0f:1c:53:85:59:f5:04:00:33:8c:c8:bd:26:73:e3:
ad:01:fc:3f:8b:17:87:f7:ea:a0:fa:25:24:df:72:
fe:a2:da:ad:aa:3b:a5:ff:2f:2e:84:d2:ec:22:9e:
15:40:f1:c1:2a:16:6d:fb:ab:e5:71:ca:4d:28:38:
49:dd:cd:cd:7d:65:03:c3:8c:a8:5f:b6:00:b2:84:
de:00:0d:c2:15:fa:a7:5c:54:60:27:76:a8:0d:1f:
7d:16:9f:b7:17:81:b7:5f:57:db:7d:67:54:a5:51:
0a:85:85:4f:14:2c:68:85:44:ed:ea:b9:82:24:28:
c7:78:fb:97:5b:78:b1:9d:53:c8:7d:af:16:12:00:
31:b6:be:9d:5c:b9:6a:06:3b:88:50:cc:de:5d:1f:
9e:8d:79:85:48:d3:69:8d:6f:9a:74:49:40:16:68:
cf:27:e0:05:da:83:7d:f8:dd:f5:37:6a:38:fc:40:
10:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A8:30:0B:4E:6C:61:BF:EC:52:87:C7:04:8D:8C:DA:23:74:DB:3C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7qgwC05sYb_sUofHBI2M2iN02zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.66.0/23
92.119.124.0/22
93.123.100.0/23
Signature Algorithm: sha256WithRSAEncryption
01:42:b8:3b:2f:5f:99:bf:d3:66:41:ca:48:bf:f5:bb:61:c9:
3a:06:fa:e0:c4:50:a7:02:64:a9:11:d7:d7:6f:77:da:6c:ba:
97:8a:87:f7:b7:f6:96:a1:6e:1f:2b:b4:ba:47:e9:4f:c9:ad:
ef:93:32:7e:53:04:a8:b3:4b:e7:1d:e3:9c:4c:ac:9a:70:96:
2f:be:95:65:ae:98:4a:fc:4e:fc:ef:78:d1:0d:53:91:dd:f5:
82:6c:fe:e7:d6:90:db:c4:d6:bc:85:49:2e:ca:d9:38:d4:c7:
83:24:d1:1f:b1:3d:dc:ec:bc:ce:09:7c:27:de:87:8c:99:e3:
91:0d:a1:f9:00:af:e5:07:d3:13:02:ff:d5:7b:91:41:87:09:
ad:27:58:fe:81:95:88:bc:a3:15:e1:48:72:51:9c:df:27:c4:
69:f9:8c:a7:05:df:d4:31:60:e7:3d:3e:8e:d2:a0:60:ca:f1:
b1:e6:2d:1f:f0:d7:34:31:47:63:b4:b5:e9:ac:f1:45:e4:1f:
1c:2f:d3:79:c9:36:cd:de:f7:51:38:37:a6:80:12:83:0d:db:
21:76:d3:1c:b7:be:42:6d:b0:9c:af:8b:f5:a1:ae:06:89:42:
d9:f7:b7:d4:fe:90:e8:52:90:f3:57:81:98:0e:d7:1a:54:b2:
14:9c:37:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3FTR7XYxJvysOVfh5I9zypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIwMDY1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE4MzAwYjRlNmM2MWJmZWM1Mjg3YzcwNDhkOGNkYTIzNzRkYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/PFelDY3tLeP7hBOZ09oB6PWuwZ
WESSv244hPKXmrDKaRFM7PMVdGRZ2iHrdqHnZ/RETWzHrC8b27r369ZbQAy4TLdU
G6tAHWIPHFOFWfUEADOMyL0mc+OtAfw/ixeH9+qg+iUk33L+otqtqjul/y8uhNLs
Ip4VQPHBKhZt+6vlccpNKDhJ3c3NfWUDw4yoX7YAsoTeAA3CFfqnXFRgJ3aoDR99
Fp+3F4G3X1fbfWdUpVEKhYVPFCxohUTt6rmCJCjHePuXW3ixnVPIfa8WEgAxtr6d
XLlqBjuIUMzeXR+ejXmFSNNpjW+adElAFmjPJ+AF2oN9+N31N2o4/EAQ0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO6oMAtObGG/7FKHxwSNjNojdNs8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN3Fnd0MwNXNZYl9zVW9mSEJJMk0yaU4wMnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBf1CAwQC
XHd8AwQBXXtkMA0GCSqGSIb3DQEBCwUAA4IBAQABQrg7L1+Zv9NmQcpIv/W7Yck6
BvrgxFCnAmSpEdfXb3fabLqXiof3t/aWoW4fK7S6R+lPya3vkzJ+UwSos0vnHeOc
TKyacJYvvpVlrphK/E7873jRDVOR3fWCbP7n1pDbxNa8hUkuytk41MeDJNEfsT3c
7LzOCXwn3oeMmeORDaH5AK/lB9MTAv/Ve5FBhwmtJ1j+gZWIvKMV4UhyUZzfJ8Rp
+YynBd/UMWDnPT6O0qBgyvGx5i0f8Nc0MUdjtLXprPFF5B8cL9N5yTbN3vdRODem
gBKDDdshdtMct75CbbCcr4v1oa4GiULZ97fU/pDoUpDzV4GYDtcaVLIUnDe2
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:18 2024 by rpki-client on console-ams.rpki-client.org