Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/59Q38f6pBeHAvEs2OjRKsrne1Kc.roa
File: 59Q38f6pBeHAvEs2OjRKsrne1Kc.roa (raw, json)
Hash identifier: iZWzVZQjDBxzGTjmx23p+rx0NIf11wzvEPjUNNztrNI=
Subject key identifier: E7:D4:37:F1:FE:A9:05:E1:C0:BC:4B:36:3A:34:4A:B2:B9:DE:D4:A7
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 018CC64B78C8E0AD4757B3CC8061BE0A60D3
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/59Q38f6pBeHAvEs2OjRKsrne1Kc.roa
Signing time: Mon 01 Jan 2024 18:31:23 +0000
ROA not before: Mon 01 Jan 2024 18:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 217.145.236.0/22 maxlen: 24
79.110.168.0/22 maxlen: 24
139.28.204.0/22 maxlen: 24
2a06:1e80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:78:c8:e0:ad:47:57:b3:cc:80:61:be:0a:60:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 1 18:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7d437f1fea905e1c0bc4b363a344ab2b9ded4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b2:7d:f9:b8:39:22:59:ae:0a:26:ab:f8:34:
43:41:01:bf:f9:fd:80:da:3c:6b:fd:86:56:df:ba:
f6:9c:e8:a2:83:26:45:99:36:33:d7:93:5a:1d:8d:
63:70:7a:d9:22:c2:e5:45:a8:72:ad:de:aa:54:9a:
dd:dc:56:79:5b:e8:09:85:7f:d5:52:06:74:53:ec:
c1:3f:ed:39:42:36:24:6c:d1:74:d5:cf:e5:d6:4c:
92:6b:57:cd:8e:6d:78:8a:2a:af:51:6b:c3:b0:60:
4f:4a:6c:5f:ad:c6:65:5b:a7:1d:45:59:3d:1a:30:
0e:db:4e:40:57:8b:88:70:4b:db:54:7f:f3:82:ee:
09:a0:5e:77:41:90:3b:ba:57:83:8f:4e:fb:72:6b:
e1:8a:47:e6:eb:cf:c0:e9:bf:27:62:02:b6:16:f5:
09:f7:59:ee:aa:9d:da:07:c6:e3:7e:e7:19:f9:71:
17:7e:e1:80:9b:5d:98:a6:d7:33:02:bb:82:59:70:
64:0e:05:89:1e:57:80:14:cd:cf:6d:07:3b:6e:99:
44:75:6f:67:70:eb:40:c7:c0:59:12:d4:f8:bf:59:
c1:7e:14:87:cb:49:bd:1c:c2:8b:3d:3b:96:39:fd:
e9:f1:bd:d2:ba:3b:63:9a:a9:4b:27:4c:f5:0d:05:
aa:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D4:37:F1:FE:A9:05:E1:C0:BC:4B:36:3A:34:4A:B2:B9:DE:D4:A7
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/59Q38f6pBeHAvEs2OjRKsrne1Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/22
139.28.204.0/22
217.145.236.0/22
IPv6:
2a06:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
65:af:59:b8:f1:19:fe:cd:08:00:ba:b2:1c:05:c1:d6:60:70:
34:e6:08:49:89:aa:e3:3b:64:30:d4:15:7d:a3:bc:d5:86:b6:
d4:1c:ea:e4:18:7a:5b:ff:a3:bc:fa:94:62:1e:b4:db:f5:ab:
f8:33:df:aa:c6:8b:c6:21:86:18:1c:26:ce:45:10:c6:72:66:
f2:9c:09:f8:fc:3b:3b:f1:ab:c5:2c:1d:d3:94:0d:86:9a:dc:
8c:c5:d3:34:81:c7:90:97:75:ae:3b:cc:ea:9b:aa:82:e4:6a:
65:99:ee:72:6c:9d:2c:4d:56:6a:45:a6:6c:e9:c3:50:24:f2:
ea:6d:40:b7:44:4f:18:7b:77:8c:72:4d:17:8c:88:fb:2a:8b:
cd:e7:cd:c4:cb:39:6c:96:c7:58:08:cd:91:8e:a0:cb:bd:1b:
08:7e:56:ae:af:34:0e:be:23:bc:ba:83:ee:21:34:a9:09:f4:
19:84:40:b9:a1:cd:0b:73:b5:f8:97:a6:77:d4:fd:38:88:1b:
1c:1a:6d:3e:de:55:94:88:fa:17:bc:49:b2:0f:9c:f6:5f:46:
49:09:e0:dc:99:65:80:6d:3d:3a:22:7b:ca:fe:4c:92:a8:9b:
a6:5c:d8:c8:6f:b4:ff:29:0e:60:68:20:17:46:0b:24:7b:49:
04:07:e0:ab
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS3jI4K1HV7PMgGG+CmDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjQwMTAxMTgzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q0MzdmMWZlYTkwNWUxYzBiYzRiMzYzYTM0NGFiMmI5ZGVkNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibJ9+bg5IlmuCiar+DRDQQG/+f2A
2jxr/YZW37r2nOiigyZFmTYz15NaHY1jcHrZIsLlRahyrd6qVJrd3FZ5W+gJhX/V
UgZ0U+zBP+05QjYkbNF01c/l1kySa1fNjm14iiqvUWvDsGBPSmxfrcZlW6cdRVk9
GjAO205AV4uIcEvbVH/zgu4JoF53QZA7uleDj077cmvhikfm68/A6b8nYgK2FvUJ
91nuqp3aB8bjfucZ+XEXfuGAm12YptczAruCWXBkDgWJHleAFM3PbQc7bplEdW9n
cOtAx8BZEtT4v1nBfhSHy0m9HMKLPTuWOf3p8b3SujtjmqlLJ0z1DQWq1wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOfUN/H+qQXhwLxLNjo0SrK53tSnMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvNTlRMzhmNnBCZUhBdkVzMk9qUktzcm5lMUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCT26oAwQC
ixzMAwQC2ZHsMA0EAgACMAcDBQMqBh6AMA0GCSqGSIb3DQEBCwUAA4IBAQBlr1m4
8Rn+zQgAurIcBcHWYHA05ghJiarjO2Qw1BV9o7zVhrbUHOrkGHpb/6O8+pRiHrTb
9av4M9+qxovGIYYYHCbORRDGcmbynAn4/Ds78avFLB3TlA2GmtyMxdM0gceQl3Wu
O8zqm6qC5Gplme5ybJ0sTVZqRaZs6cNQJPLqbUC3RE8Ye3eMck0XjIj7KovN583E
yzlslsdYCM2RjqDLvRsIflaurzQOviO8uoPuITSpCfQZhEC5oc0Lc7X4l6Z31P04
iBscGm0+3lWUiPoXvEmyD5z2X0ZJCeDcmWWAbT06InvK/kySqJumXNjIb7T/KQ5g
aCAXRgske0kEB+Cr
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:26:40 2024 by rpki-client on console-fra.rpki-client.org