Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/7pWnyk23Vjj4NNEiCc-cqztR34E.roa
File: 7pWnyk23Vjj4NNEiCc-cqztR34E.roa (raw, json)
Hash identifier: P3qdoryeXznjt6QZyLx/b5He5ZQmSpjbDDpCF4trDtc=
Subject key identifier: EE:95:A7:CA:4D:B7:56:38:F8:34:D1:22:09:CF:9C:AB:3B:51:DF:81
Certificate issuer: /CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Certificate serial: 018CC3B67F88426977D31B5E30E9BE74D2D8
Authority key identifier: 75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/7pWnyk23Vjj4NNEiCc-cqztR34E.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51269
IP address blocks: 194.147.47.0/24 maxlen: 24
185.32.70.0/24 maxlen: 24
194.147.67.0/24 maxlen: 24
194.146.126.0/24 maxlen: 24
185.163.124.0/22 maxlen: 22
2a0b:b800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.mft
rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7f:88:42:69:77:d3:1b:5e:30:e9:be:74:d2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee95a7ca4db75638f834d12209cf9cab3b51df81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d2:ba:bf:b1:e3:f8:84:f7:66:cf:7d:46:85:
63:92:d8:f9:51:06:13:8e:20:b9:9f:f8:24:e9:98:
e6:bb:7b:4c:68:38:03:4b:ab:9c:c1:06:c6:e8:63:
24:d9:d2:08:0e:63:f7:49:8a:17:17:12:f5:0c:d9:
b6:00:f1:84:56:e4:86:1f:4a:25:1f:99:4d:ef:81:
2a:27:3d:1d:2c:79:d6:6a:50:34:13:08:13:32:fa:
00:8b:ed:1c:e9:79:8e:1f:64:e1:79:5d:c6:64:05:
a6:25:2d:86:9c:4e:14:46:72:31:61:b6:d7:b4:e2:
d8:ae:59:f0:31:f5:dd:b5:ff:db:43:4a:02:5a:2e:
7c:02:cc:90:41:fb:e8:43:7e:3c:e7:59:62:87:6c:
56:05:01:b1:13:83:c8:97:cf:9c:4c:fe:16:88:55:
bd:2d:b9:20:06:92:99:3c:3b:eb:92:17:16:43:70:
82:81:54:16:00:40:7e:46:45:4c:12:5b:42:97:1d:
df:68:d6:7f:0d:17:53:a6:d1:5b:b9:85:74:a0:ca:
c7:6a:92:a6:4d:8d:e5:73:be:f3:de:6b:77:06:57:
c0:9d:6e:6c:b9:6e:f2:16:a5:e5:b0:51:82:86:21:
18:b8:bc:92:5e:12:e2:51:12:b0:6c:c5:50:b9:f1:
ad:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:95:A7:CA:4D:B7:56:38:F8:34:D1:22:09:CF:9C:AB:3B:51:DF:81
X509v3 Authority Key Identifier:
keyid:75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/7pWnyk23Vjj4NNEiCc-cqztR34E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.70.0/24
185.163.124.0/22
194.146.126.0/24
194.147.47.0/24
194.147.67.0/24
IPv6:
2a0b:b800::/29
Signature Algorithm: sha256WithRSAEncryption
6e:52:4f:0a:b9:96:be:36:47:95:5e:53:88:74:9f:ad:f9:93:
e0:14:fc:6c:8b:20:b1:e8:c6:a4:92:29:00:af:61:a7:5d:34:
85:f7:c9:77:73:78:a2:91:4a:e7:33:49:c8:07:c8:92:77:9b:
e4:4b:18:38:08:63:44:d4:b4:7c:72:24:f6:ef:64:bc:d4:bd:
e5:88:29:8f:78:2a:f5:6b:5b:a3:53:03:9d:93:d3:ec:38:1c:
4e:82:84:c5:be:39:bf:b4:82:eb:f2:5b:48:1a:47:f6:85:1d:
55:64:0a:52:e1:8c:59:8f:ee:5d:2f:02:11:51:b1:17:ec:93:
6e:82:49:2a:14:e7:af:50:ac:43:39:4d:99:07:b4:cc:66:52:
18:c1:9a:95:8f:28:09:9c:16:dc:69:c1:e8:d6:05:55:0a:39:
26:8d:44:8c:32:81:44:22:1f:45:e4:09:d0:25:01:12:4b:de:
2e:0a:fb:2c:5d:61:4e:2a:0f:15:51:b1:cd:92:08:48:10:6d:
5f:1c:71:1a:4c:30:69:46:5c:3f:ad:4d:e4:b6:27:40:7f:03:
bd:ff:e6:ad:52:e7:98:f5:c8:12:51:08:6e:f1:04:4b:d3:60:
3f:56:fd:46:c9:4e:18:59:af:b5:56:a6:75:09:f0:cd:83:2a:
b5:be:10:f4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtn+IQml30xteMOm+dNLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Mzg2YTZmYWUxZTU1ZjU3NmE0MDViZDc0YjdmMDhlN2E2
YzQ2NTMwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTk1YTdjYTRkYjc1NjM4ZjgzNGQxMjIwOWNmOWNhYjNiNTFkZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltK6v7Hj+IT3Zs99RoVjktj5UQYT
jiC5n/gk6Zjmu3tMaDgDS6ucwQbG6GMk2dIIDmP3SYoXFxL1DNm2APGEVuSGH0ol
H5lN74EqJz0dLHnWalA0EwgTMvoAi+0c6XmOH2TheV3GZAWmJS2GnE4URnIxYbbX
tOLYrlnwMfXdtf/bQ0oCWi58AsyQQfvoQ34851lih2xWBQGxE4PIl8+cTP4WiFW9
LbkgBpKZPDvrkhcWQ3CCgVQWAEB+RkVMEltClx3faNZ/DRdTptFbuYV0oMrHapKm
TY3lc77z3mt3BlfAnW5suW7yFqXlsFGChiEYuLySXhLiURKwbMVQufGtbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFO6Vp8pNt1Y4+DTRIgnPnKs7Ud+BMB8GA1UdIwQY
MBaAFHU4am+uHlX1dqQFvXS38I56bEZTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEt
Zjg3OTJmNTc3YjlhLzEvN3BXbnlrMjNWamo0Tk5FaUNjLWNxenRSMzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEtZjg3OTJmNTc3Yjlh
LzEvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuSBGAwQC
uaN8AwQAwpJ+AwQAwpMvAwQAwpNDMA0EAgACMAcDBQMqC7gAMA0GCSqGSIb3DQEB
CwUAA4IBAQBuUk8KuZa+NkeVXlOIdJ+t+ZPgFPxsiyCx6MakkikAr2GnXTSF98l3
c3iikUrnM0nIB8iSd5vkSxg4CGNE1LR8ciT272S81L3liCmPeCr1a1ujUwOdk9Ps
OBxOgoTFvjm/tILr8ltIGkf2hR1VZApS4YxZj+5dLwIRUbEX7JNugkkqFOevUKxD
OU2ZB7TMZlIYwZqVjygJnBbcacHo1gVVCjkmjUSMMoFEIh9F5AnQJQESS94uCvss
XWFOKg8VUbHNkghIEG1fHHEaTDBpRlw/rU3ktidAfwO9/+atUueY9cgSUQhu8QRL
02A/Vv1GyU4YWa+1VqZ1CfDNgyq1vhD0
-----END CERTIFICATE-----
Generated at Wed May 22 23:41:51 2024 by rpki-client on console-fra.rpki-client.org