Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1-7ffaULQG14hZyzKzQKkW5l2OuI.roa
File: 1-7ffaULQG14hZyzKzQKkW5l2OuI.roa (raw, json)
Hash identifier: u6cuNliMeG8ucvKEkqmwLezQ+rM2CbXHUAQVOD3LTjc=
Subject key identifier: FB:B7:DF:69:42:D0:1B:5E:21:67:2C:CA:CD:02:A4:5B:99:76:3A:E2
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0192D3452604F0D8DD99814A7C7DC58B94D1
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1-7ffaULQG14hZyzKzQKkW5l2OuI.roa
Signing time: Mon 28 Oct 2024 13:16:17 +0000
ROA not before: Mon 28 Oct 2024 13:16:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:45:26:04:f0:d8:dd:99:81:4a:7c:7d:c5:8b:94:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 28 13:16:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbb7df6942d01b5e21672ccacd02a45b99763ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f6:68:5a:0a:36:3e:06:b5:1f:0f:c1:54:32:
22:ac:51:58:57:19:4c:22:38:51:16:13:82:8f:12:
09:df:6f:37:da:6e:64:c9:61:11:69:42:1d:be:2a:
ae:18:85:bc:16:12:6f:45:5f:30:33:59:b7:9c:b6:
bd:81:4f:4f:8d:71:12:fa:da:42:3d:41:83:3f:6e:
cd:b0:1e:14:43:2f:69:61:f6:3d:4b:98:7f:fc:54:
ba:fb:55:0d:2d:eb:aa:79:62:0a:ec:39:37:93:be:
0f:af:da:9d:9a:dd:27:c9:87:21:f2:1c:a2:b3:55:
de:bf:38:84:3c:3f:51:e2:2c:37:15:5c:91:18:5a:
59:a3:d6:3d:ae:84:da:d1:94:5a:c5:4c:4b:7c:ad:
47:8a:6e:8d:60:d0:ec:19:e5:08:dc:40:d5:1c:43:
68:8c:94:6b:fe:8e:57:37:b1:a6:ce:e7:ac:ba:5b:
52:4e:de:66:52:13:66:26:72:c3:84:8b:2e:b2:e3:
a0:29:00:df:49:4e:6b:f7:c7:b5:23:a9:5c:a1:ab:
56:5b:a9:af:f1:c8:85:01:89:15:58:48:31:45:62:
0d:ad:9f:98:75:48:4b:f9:ec:22:9e:b6:89:da:c9:
5c:b8:39:69:b2:ae:ef:7e:84:d7:19:f7:71:a0:a4:
5f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B7:DF:69:42:D0:1B:5E:21:67:2C:CA:CD:02:A4:5B:99:76:3A:E2
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1-7ffaULQG14hZyzKzQKkW5l2OuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.101.47.0/24
5.188.51.0/24
5.188.200.0/24
5.188.203.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:bd:09:c8:4a:12:46:ab:a5:f4:c9:75:5c:61:39:6a:bd:23:
73:64:3d:b8:8d:e5:65:ab:b2:78:b4:10:57:14:30:bf:87:2a:
c3:62:c6:8c:ac:42:e6:d5:00:bb:91:50:1e:4b:b5:50:86:ec:
99:cc:99:a4:17:bb:8a:a9:2d:48:69:5b:51:92:af:94:0f:f9:
0a:81:e3:6b:dd:63:cb:00:e6:3f:29:4b:78:0b:49:ff:55:f5:
0f:00:13:4a:22:0c:ca:f5:10:93:38:47:35:90:de:d0:60:5b:
d9:77:84:e2:a0:49:6e:23:33:f0:2e:9a:00:fa:a8:96:90:71:
c1:18:e2:c0:d8:69:5e:41:68:fc:45:81:21:9e:fb:49:a1:87:
02:e3:73:b7:65:8b:7a:fd:64:fc:e8:ff:cf:4d:58:df:60:d4:
c2:7b:67:17:77:a0:a9:6e:96:82:f6:09:8d:ee:36:bd:8f:d3:
69:e1:dc:ea:ae:8f:52:0c:50:48:b8:df:b9:08:97:6b:36:8f:
38:1c:65:23:4e:12:ad:40:6f:a4:9c:e9:8c:bf:bd:c5:de:02:
70:fa:32:ea:c7:d3:b7:25:2d:d1:9f:bd:8c:86:45:e5:05:db:
e2:6f:32:66:91:18:dc:11:01:dc:6d:0d:f0:db:d5:d9:2a:35:
95:37:71:ab
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZLTRSYE8NjdmYFKfH3Fi5TRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMDI4MTMxNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI3ZGY2OTQyZDAxYjVlMjE2NzJjY2FjZDAyYTQ1Yjk5NzYzYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/ZoWgo2Pga1Hw/BVDIirFFYVxlM
IjhRFhOCjxIJ32832m5kyWERaUIdviquGIW8FhJvRV8wM1m3nLa9gU9PjXES+tpC
PUGDP27NsB4UQy9pYfY9S5h//FS6+1UNLeuqeWIK7Dk3k74Pr9qdmt0nyYch8hyi
s1XevziEPD9R4iw3FVyRGFpZo9Y9roTa0ZRaxUxLfK1Him6NYNDsGeUI3EDVHENo
jJRr/o5XN7GmzuesultSTt5mUhNmJnLDhIsusuOgKQDfSU5r98e1I6lcoatWW6mv
8ciFAYkVWEgxRWINrZ+YdUhL+ewinraJ2slcuDlpsq7vfoTXGfdxoKRfgwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPu332lC0BteIWcsys0CpFuZdjriMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvMS03ZmZhVUxRRzE0aFp5ekt6UUtrVzVsMk91SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQz
Yi8xLzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAAUILAME
AAVlLwMEAAW8MwMEAAW8yAMEAAW8ywMEAAW9/jANBgkqhkiG9w0BAQsFAAOCAQEA
vL0JyEoSRqul9Ml1XGE5ar0jc2Q9uI3lZauyeLQQVxQwv4cqw2LGjKxC5tUAu5FQ
Hku1UIbsmcyZpBe7iqktSGlbUZKvlA/5CoHja91jywDmPylLeAtJ/1X1DwATSiIM
yvUQkzhHNZDe0GBb2XeE4qBJbiMz8C6aAPqolpBxwRjiwNhpXkFo/EWBIZ77SaGH
AuNzt2WLev1k/Oj/z01Y32DUwntnF3egqW6WgvYJje42vY/TaeHc6q6PUgxQSLjf
uQiXazaPOBxlI04SrUBvpJzpjL+9xd4CcPoy6sfTtyUt0Z+9jIZF5QXb4m8yZpEY
3BEB3G0N8NvV2So1lTdxqw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:08:34 2024 by rpki-client on console-fra.rpki-client.org