Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7hjE2u-0fh8rt5wC0NBffCswIr4.roa
File: 7hjE2u-0fh8rt5wC0NBffCswIr4.roa (raw, json)
Hash identifier: AIyugPsdAlYKxxfy/XlGuCRZ2I31Pj7SrxMBc/b0AyY=
Subject key identifier: EE:18:C4:DA:EF:B4:7E:1F:2B:B7:9C:02:D0:D0:5F:7C:2B:30:22:BE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D7A8E801E574519DBD158AED1CF7BA00E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7hjE2u-0fh8rt5wC0NBffCswIr4.roa
Signing time: Mon 05 Feb 2024 18:36:15 +0000
ROA not before: Mon 05 Feb 2024 18:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 147.45.40.0/22 maxlen: 32
147.45.68.0/22 maxlen: 32
147.45.72.0/21 maxlen: 24
193.233.133.0/24 maxlen: 24
193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:8e:80:1e:57:45:19:db:d1:58:ae:d1:cf:7b:a0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 5 18:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee18c4daefb47e1f2bb79c02d0d05f7c2b3022be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:71:8b:d1:70:49:d3:c5:7b:cd:af:51:f7:5c:
27:67:73:98:e6:dd:89:4e:c4:46:49:d9:07:79:08:
53:70:06:66:30:fd:10:2a:ab:41:7e:2e:58:2b:a4:
83:c8:f6:29:3f:54:db:8e:c6:59:e1:1a:ab:bf:58:
fe:fc:6b:c2:17:78:dd:67:ac:b7:3f:ae:8a:c3:63:
0f:00:50:f0:2b:6f:41:12:d7:3b:6c:f2:39:00:ec:
27:ea:9f:8e:39:bf:a9:5f:84:6a:05:d2:db:46:36:
b4:66:f6:0d:a5:0d:e2:25:0a:fc:c5:e6:0c:94:0a:
4a:94:9f:f7:88:d7:85:77:84:67:f3:1f:ae:a7:5a:
db:6a:20:4d:c2:21:b5:5d:25:11:bf:28:e9:47:2b:
f4:cc:10:68:f1:42:86:63:3b:8d:15:a3:7b:3f:f0:
76:60:81:53:8f:06:14:35:fa:6a:04:0d:65:59:b3:
7c:d9:f5:e7:f1:69:d5:f2:ef:5c:7b:57:54:a7:11:
3a:89:bc:df:c3:d6:1c:aa:a9:41:ed:3f:f4:73:d8:
13:14:9d:f1:1d:51:3c:73:25:3d:89:4d:87:53:5b:
6d:e7:c5:d3:57:ae:14:d5:71:20:07:27:5c:36:a0:
83:5a:c8:f4:76:d0:f5:e5:80:76:d4:ad:af:1c:1e:
6f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:18:C4:DA:EF:B4:7E:1F:2B:B7:9C:02:D0:D0:5F:7C:2B:30:22:BE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7hjE2u-0fh8rt5wC0NBffCswIr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.40.0/22
147.45.68.0-147.45.79.255
193.233.133.0/24
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
52:fb:35:07:a6:c2:07:95:ab:f0:4d:41:53:e7:36:80:40:f7:
2a:f3:1e:c5:be:f0:83:f0:4b:f5:0d:be:ca:10:f6:2f:34:cb:
2a:ab:22:1d:32:cf:17:b1:00:ad:be:7a:40:ba:14:bf:e6:9b:
e1:71:4d:fa:51:9f:8a:0f:8b:42:51:dc:08:31:68:f5:81:2e:
54:c5:5a:d5:91:ee:08:8f:85:a1:4d:04:fc:68:b9:a7:20:17:
c0:1f:31:06:be:5f:fa:db:f7:0c:d1:84:d9:6f:58:d0:a6:23:
cd:fe:e4:99:2e:41:71:f0:8b:0e:a0:ca:53:5b:41:5f:c1:3d:
b8:91:53:63:bd:1a:6f:2d:83:3a:f7:55:c8:95:f4:14:92:17:
69:fc:09:c3:b7:d8:e5:dd:e6:49:e7:0f:4e:de:a4:ac:93:e3:
b1:09:63:95:eb:32:6b:01:65:b6:ee:96:cf:5a:de:2c:3c:6d:
3b:77:38:43:9c:a0:6b:22:a1:f8:b4:f2:9e:96:9c:b3:a2:ae:
b2:c0:b0:34:79:d8:f6:25:d5:31:56:24:53:7f:ff:c3:fb:14:
da:a7:95:e4:af:fa:b0:47:a9:2f:64:8f:a5:3a:34:24:6b:9b:
3b:2d:7d:93:0e:37:b9:fe:34:32:77:c6:2a:be:4e:2d:b5:dc:
29:cc:b3:13
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY16joAeV0UZ29FYrtHPe6AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjA1MTgzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE4YzRkYWVmYjQ3ZTFmMmJiNzljMDJkMGQwNWY3YzJiMzAyMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3GL0XBJ08V7za9R91wnZ3OY5t2J
TsRGSdkHeQhTcAZmMP0QKqtBfi5YK6SDyPYpP1TbjsZZ4Rqrv1j+/GvCF3jdZ6y3
P66Kw2MPAFDwK29BEtc7bPI5AOwn6p+OOb+pX4RqBdLbRja0ZvYNpQ3iJQr8xeYM
lApKlJ/3iNeFd4Rn8x+up1rbaiBNwiG1XSURvyjpRyv0zBBo8UKGYzuNFaN7P/B2
YIFTjwYUNfpqBA1lWbN82fXn8WnV8u9ce1dUpxE6ibzfw9YcqqlB7T/0c9gTFJ3x
HVE8cyU9iU2HU1tt58XTV64U1XEgBydcNqCDWsj0dtD15YB21K2vHB5v/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO4YxNrvtH4fK7ecAtDQX3wrMCK+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvN2hqRTJ1LTBmaDhydDV3QzBOQmZmQ3N3SXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCky0oMAwD
BAKTLUQDBASTLUADBADB6YUDBAHB6egwDQYJKoZIhvcNAQELBQADggEBAFL7NQem
wgeVq/BNQVPnNoBA9yrzHsW+8IPwS/UNvsoQ9i80yyqrIh0yzxexAK2+ekC6FL/m
m+FxTfpRn4oPi0JR3AgxaPWBLlTFWtWR7giPhaFNBPxouacgF8AfMQa+X/rb9wzR
hNlvWNCmI83+5JkuQXHwiw6gylNbQV/BPbiRU2O9Gm8tgzr3VciV9BSSF2n8CcO3
2OXd5knnD07epKyT47EJY5XrMmsBZbbuls9a3iw8bTt3OEOcoGsiofi08p6WnLOi
rrLAsDR52PYl1TFWJFN//8P7FNqnleSv+rBHqS9kj6U6NCRrmzstfZMON7n+NDJ3
xiq+Ti213CnMsxM=
-----END CERTIFICATE-----
Generated at Sun May 5 00:15:45 2024 by rpki-client on console-fra.rpki-client.org