Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/escC17ZsNmuRzSoID5RDQMy-koI.roa
File: escC17ZsNmuRzSoID5RDQMy-koI.roa (raw, json)
Hash identifier: G4ValWojV5liIpwAGdz2vFU0XM20N9Vc8wrAFuJHpnI=
Subject key identifier: 7A:C7:02:D7:B6:6C:36:6B:91:CD:2A:08:0F:94:43:40:CC:BE:92:82
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018CC6B9309408F5477C87906BAA83A51CA1
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/escC17ZsNmuRzSoID5RDQMy-koI.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31654
IP address blocks: 84.44.29.0/24 maxlen: 24
84.44.30.0/24 maxlen: 24
82.150.71.0/24 maxlen: 24
84.44.42.0/24 maxlen: 24
84.44.67.0/24 maxlen: 24
84.44.68.0/24 maxlen: 24
84.44.65.0/24 maxlen: 24
84.44.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 17:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:30:94:08:f5:47:7c:87:90:6b:aa:83:a5:1c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ac702d7b66c366b91cd2a080f944340ccbe9282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2b:fc:75:99:f4:47:c9:88:ad:80:7d:0c:4a:
63:1e:bc:b8:3a:fd:bb:0d:30:d0:78:d8:30:48:8d:
4d:e9:9e:b9:2a:40:2c:1f:31:68:b6:af:80:9a:65:
9e:fc:96:0e:fe:05:2b:e2:0d:cd:74:1c:b1:2e:16:
7d:f6:0a:5a:de:79:6e:c3:77:29:5b:ee:28:d8:07:
f3:cb:3c:56:6d:ee:47:82:42:c6:91:f9:aa:9c:6b:
24:97:e7:89:a0:99:e3:0c:f7:33:64:a5:82:0b:5d:
f0:ed:8b:4d:2a:77:25:46:a1:b6:b2:21:1a:b1:bf:
c0:35:ea:4e:e3:ff:ee:12:71:e2:b6:46:0e:48:2a:
cf:fe:29:83:12:08:e6:29:06:86:8b:7b:18:85:e8:
0a:bd:02:c1:9a:1e:ce:77:a4:c8:ec:28:f9:fc:88:
0e:80:35:70:f1:60:35:08:19:79:de:ea:b5:6d:30:
19:a0:3d:27:d0:9a:d4:02:4e:e2:2b:03:81:e0:b8:
a5:92:1b:69:1a:e9:75:d0:bb:00:ae:19:97:68:56:
1d:90:25:d2:ba:f9:42:69:15:96:6d:b8:71:d4:13:
cb:6b:d8:b4:4a:9b:5c:e5:51:51:63:2c:aa:b1:60:
b2:35:14:64:0a:74:6c:ba:ec:29:df:98:96:8c:d9:
b3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C7:02:D7:B6:6C:36:6B:91:CD:2A:08:0F:94:43:40:CC:BE:92:82
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/escC17ZsNmuRzSoID5RDQMy-koI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.71.0/24
84.44.29.0-84.44.30.255
84.44.42.0/24
84.44.65.0-84.44.68.255
Signature Algorithm: sha256WithRSAEncryption
6b:53:77:c8:72:e2:89:1c:0c:e7:59:8a:69:82:85:8e:7d:ba:
a3:92:57:60:53:cc:bd:1c:b7:42:af:35:5f:b3:9f:b7:36:1c:
fe:be:a2:e5:a6:c3:96:97:c8:3f:a3:79:76:00:af:96:c1:8f:
9a:9d:78:8b:3a:d1:48:cb:4b:60:23:0c:47:b6:32:ca:92:52:
8d:f5:ad:9b:64:55:4d:2e:f6:7e:95:e4:f8:59:e9:4d:84:86:
26:ad:67:44:40:19:c4:33:a4:48:7e:b3:49:28:de:61:ca:af:
ff:2e:7c:cf:28:9c:30:60:34:81:a6:0a:90:d3:ac:f1:8a:da:
50:5c:18:66:3b:4c:ab:01:5f:15:f7:09:b3:22:7a:48:ee:a6:
d8:3b:bb:39:55:d6:29:7c:f8:4e:23:cc:af:13:0f:ce:f3:6b:
20:f6:b2:70:14:01:62:70:2c:b5:a1:58:af:59:e5:e0:33:5b:
8c:5e:d1:0a:af:dd:cf:96:5c:92:40:51:8e:19:2f:44:75:45:
9d:52:e6:6f:68:0e:e8:d0:24:50:01:b7:46:9a:65:c1:79:a4:
b8:57:29:ec:77:65:14:8b:b5:29:c3:ec:95:a4:0c:68:45:fb:
3e:57:54:bb:a1:7b:9b:11:f0:54:d2:bf:76:6d:c9:95:d4:53:
94:16:2c:2f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGuTCUCPVHfIeQa6qDpRyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM3MDJkN2I2NmMzNjZiOTFjZDJhMDgwZjk0NDM0MGNjYmU5MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yv8dZn0R8mIrYB9DEpjHry4Ov27
DTDQeNgwSI1N6Z65KkAsHzFotq+AmmWe/JYO/gUr4g3NdByxLhZ99gpa3nluw3cp
W+4o2AfzyzxWbe5HgkLGkfmqnGskl+eJoJnjDPczZKWCC13w7YtNKnclRqG2siEa
sb/ANepO4//uEnHitkYOSCrP/imDEgjmKQaGi3sYhegKvQLBmh7Od6TI7Cj5/IgO
gDVw8WA1CBl53uq1bTAZoD0n0JrUAk7iKwOB4LilkhtpGul10LsArhmXaFYdkCXS
uvlCaRWWbbhx1BPLa9i0Sptc5VFRYyyqsWCyNRRkCnRsuuwp35iWjNmzlQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHrHAte2bDZrkc0qCA+UQ0DMvpKCMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvZXNjQzE3WnNObXVSelNvSUQ1UkRRTXkta29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAUpZHMAwD
BABULB0DBABULB4DBABULCowDAMEAFQsQQMEAFQsRDANBgkqhkiG9w0BAQsFAAOC
AQEAa1N3yHLiiRwM51mKaYKFjn26o5JXYFPMvRy3Qq81X7OftzYc/r6i5abDlpfI
P6N5dgCvlsGPmp14izrRSMtLYCMMR7YyypJSjfWtm2RVTS72fpXk+FnpTYSGJq1n
REAZxDOkSH6zSSjeYcqv/y58zyicMGA0gaYKkNOs8YraUFwYZjtMqwFfFfcJsyJ6
SO6m2Du7OVXWKXz4TiPMrxMPzvNrIPaycBQBYnAstaFYr1nl4DNbjF7RCq/dz5Zc
kkBRjhkvRHVFnVLmb2gO6NAkUAG3RpplwXmkuFcp7HdlFIu1KcPslaQMaEX7PldU
u6F7mxHwVNK/dm3JldRTlBYsLw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:53:31 2024 by rpki-client on console-ams.rpki-client.org