Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/7WJVTfeZTk2qg-T-IV1BuWvfjhs.roa
File: 7WJVTfeZTk2qg-T-IV1BuWvfjhs.roa (raw, json)
Hash identifier: Vy8PSyf8Q30yJuzTBFiXeSX+IvCVR+BSVQFELl6wfMs=
Subject key identifier: ED:62:55:4D:F7:99:4E:4D:AA:83:E4:FE:21:5D:41:B9:6B:DF:8E:1B
Certificate issuer: /CN=04747b565844e3e2fc712fab5be85924aac58643
Certificate serial: 018CC348FDDC25A9F332F88018AF403E8710
Authority key identifier: 04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/7WJVTfeZTk2qg-T-IV1BuWvfjhs.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50392
IP address blocks: 176.121.13.0/24 maxlen: 24
176.121.15.0/24 maxlen: 24
193.106.144.0/22 maxlen: 24
91.237.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/BHR7VlhE4-L8cS-rW-hZJKrFhkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/BHR7VlhE4-L8cS-rW-hZJKrFhkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fd:dc:25:a9:f3:32:f8:80:18:af:40:3e:87:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04747b565844e3e2fc712fab5be85924aac58643
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed62554df7994e4daa83e4fe215d41b96bdf8e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ca:ba:29:40:ed:8d:36:35:a5:11:48:b8:e1:
0b:f2:80:85:26:bc:5e:f9:e8:88:00:6e:06:b6:58:
23:f3:c6:30:24:c4:76:4f:ff:1e:76:af:d6:96:f7:
0b:d8:a2:33:db:fd:af:c2:38:b8:1c:04:3e:ee:9b:
c5:7d:21:78:8b:af:5d:5d:0c:72:7d:38:aa:50:4a:
0d:b1:98:65:9d:d9:f1:a0:b8:29:4e:86:db:74:0b:
dd:e1:e4:f5:fd:ad:9e:83:ea:fa:17:a5:94:db:12:
08:3d:a6:da:5f:f2:dc:1c:e5:43:43:48:d0:d9:b1:
92:f5:89:54:22:b3:04:af:91:b7:06:d9:d1:04:91:
20:fe:4e:fc:59:2e:61:f5:49:f7:59:35:36:c0:bd:
a8:a5:63:57:e2:d3:1d:91:df:c3:78:78:1e:b5:bb:
40:ce:75:cd:0b:20:bc:99:6f:17:5f:a5:62:29:f8:
58:17:c0:65:1e:4e:5f:58:2f:0f:67:2d:45:be:0e:
e3:5a:21:ad:7a:46:c0:1e:f5:0d:f5:78:ee:75:7d:
77:86:06:27:ac:df:e5:12:7f:c0:f1:5e:ab:e8:33:
c1:9e:38:20:b6:cc:7b:92:62:cf:ee:49:13:b5:ac:
8f:85:6f:a6:d6:57:ee:14:a9:f0:dd:52:93:e9:cd:
0a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:62:55:4D:F7:99:4E:4D:AA:83:E4:FE:21:5D:41:B9:6B:DF:8E:1B
X509v3 Authority Key Identifier:
keyid:04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/7WJVTfeZTk2qg-T-IV1BuWvfjhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/BHR7VlhE4-L8cS-rW-hZJKrFhkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.244.0/22
176.121.13.0/24
176.121.15.0/24
193.106.144.0/22
Signature Algorithm: sha256WithRSAEncryption
48:59:ba:24:de:0c:fe:57:71:b6:22:da:c6:ce:43:d1:f4:37:
32:85:0d:a6:a7:d0:13:5b:4e:94:f2:68:bb:25:05:29:21:2f:
59:9d:41:fe:39:33:d1:e1:63:30:e2:a0:68:1e:79:4e:f7:1b:
b6:63:06:c9:5e:8a:c8:22:7e:ce:a0:da:0a:a9:50:1f:3d:94:
fe:af:e5:db:a4:b0:5f:4e:09:cc:03:90:38:71:e2:51:de:05:
32:a8:74:0a:52:45:67:5c:36:8a:74:3a:45:85:e9:82:5e:ff:
ce:bf:2e:04:68:d4:ef:54:0e:50:af:17:b7:79:5a:88:10:d7:
f3:3c:61:8d:01:bb:9d:4f:be:3a:ef:d3:b2:02:6a:84:1e:5b:
03:30:6a:1c:e0:43:30:81:9c:bd:44:d5:70:0e:81:7d:a1:f3:
2f:1a:87:01:04:2d:d9:74:92:fb:12:c8:9f:58:84:b1:f0:1a:
a9:2c:51:65:5f:36:4a:d9:da:f0:e5:da:f2:7f:2c:d5:5c:73:
65:8e:76:73:71:97:4e:d3:84:1a:75:44:90:88:b1:96:c2:f8:
6d:4a:d8:09:6f:d8:3d:2e:11:5c:58:63:5e:4d:85:f7:75:62:
40:ff:e8:ae:7f:fe:2e:1a:65:59:e6:54:55:74:12:ee:e5:f9:
cc:70:54:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSP3cJanzMviAGK9APocQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzQ3YjU2NTg0NGUzZTJmYzcxMmZhYjViZTg1OTI0YWFj
NTg2NDMwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDYyNTU0ZGY3OTk0ZTRkYWE4M2U0ZmUyMTVkNDFiOTZiZGY4ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMq6KUDtjTY1pRFIuOEL8oCFJrxe
+eiIAG4Gtlgj88YwJMR2T/8edq/WlvcL2KIz2/2vwji4HAQ+7pvFfSF4i69dXQxy
fTiqUEoNsZhlndnxoLgpTobbdAvd4eT1/a2eg+r6F6WU2xIIPabaX/LcHOVDQ0jQ
2bGS9YlUIrMEr5G3BtnRBJEg/k78WS5h9Un3WTU2wL2opWNX4tMdkd/DeHgetbtA
znXNCyC8mW8XX6ViKfhYF8BlHk5fWC8PZy1Fvg7jWiGtekbAHvUN9XjudX13hgYn
rN/lEn/A8V6r6DPBnjggtsx7kmLP7kkTtayPhW+m1lfuFKnw3VKT6c0KtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO1iVU33mU5NqoPk/iFdQblr344bMB8GA1UdIwQY
MBaAFAR0e1ZYROPi/HEvq1voWSSqxYZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhSN1ZsaEU0LUw4Y1MtclctaFpKS3JGaGtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82NDgwMGItNTRjYy00MGYyLWE3ZWQt
OTdiMjE1N2NiYWQxLzEvN1dKVlRmZVpUazJxZy1ULUlWMUJ1V3ZmamhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82NDgwMGItNTRjYy00MGYyLWE3ZWQtOTdiMjE1N2NiYWQx
LzEvQkhSN1ZsaEU0LUw4Y1MtclctaFpKS3JGaGtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+30AwQA
sHkNAwQAsHkPAwQCwWqQMA0GCSqGSIb3DQEBCwUAA4IBAQBIWbok3gz+V3G2ItrG
zkPR9DcyhQ2mp9ATW06U8mi7JQUpIS9ZnUH+OTPR4WMw4qBoHnlO9xu2YwbJXorI
In7OoNoKqVAfPZT+r+XbpLBfTgnMA5A4ceJR3gUyqHQKUkVnXDaKdDpFhemCXv/O
vy4EaNTvVA5Qrxe3eVqIENfzPGGNAbudT74679OyAmqEHlsDMGoc4EMwgZy9RNVw
DoF9ofMvGocBBC3ZdJL7EsifWISx8BqpLFFlXzZK2drw5dryfyzVXHNljnZzcZdO
04QadUSQiLGWwvhtStgJb9g9LhFcWGNeTYX3dWJA/+iuf/4uGmVZ5lRVdBLu5fnM
cFQP
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:00 2024 by rpki-client on console-fra.rpki-client.org