Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/dnG05iP8HvkCBtMkYE25uRxlRmA.roa
File: dnG05iP8HvkCBtMkYE25uRxlRmA.roa (raw, json)
Hash identifier: davcbu6hbjvaQ7Oigij0X6kk1u3DTWzLpPPcgc/Tvfk=
Subject key identifier: 76:71:B4:E6:23:FC:1E:F9:02:06:D3:24:60:4D:B9:B9:1C:65:46:60
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 01920A705C2F7D6F0B0FBD574CD22AAF8F17
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/dnG05iP8HvkCBtMkYE25uRxlRmA.roa
Signing time: Thu 19 Sep 2024 13:19:48 +0000
ROA not before: Thu 19 Sep 2024 13:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42000
IP address blocks: 185.99.68.0/22 maxlen: 22
2a00:1790::/29 maxlen: 29
2a00:1790:613::/48 maxlen: 48
2a00:1791::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:70:5c:2f:7d:6f:0b:0f:bd:57:4c:d2:2a:af:8f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Sep 19 13:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7671b4e623fc1ef90206d324604db9b91c654660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bc:72:84:45:c6:6f:34:2f:45:30:91:63:bc:
7c:a7:4b:1f:56:88:c4:d1:ca:42:dc:fb:6e:7a:25:
50:8c:92:7c:be:7f:bd:f5:12:9d:55:bc:8a:bc:30:
57:37:ea:0f:9c:29:c1:c3:72:74:f4:de:00:26:13:
6d:f4:ad:56:f2:b9:40:18:65:72:7a:e1:db:76:fa:
01:30:68:1d:d4:19:f1:3e:d0:de:47:03:34:af:81:
d4:ab:a0:72:d0:1e:43:19:88:98:93:08:32:65:b0:
ab:cb:35:7b:4c:06:fa:8e:31:fa:c4:be:ca:2e:69:
de:76:71:2a:90:dd:cd:7b:f2:f8:a8:dc:ca:d2:f6:
26:6c:69:00:ae:35:39:cc:c1:48:0a:c0:fc:e4:d5:
d3:26:a4:c9:75:a8:5f:9b:75:19:81:be:54:77:91:
6c:0c:62:31:46:35:98:c0:48:33:f1:27:29:4c:9f:
c3:23:78:d9:c0:2f:71:40:3c:3e:26:48:f7:13:3b:
b6:a5:00:1c:3c:aa:69:f7:c6:b1:c5:99:89:9e:aa:
f7:2c:83:20:b7:47:a8:5d:bc:24:f5:d1:49:e4:66:
cb:4a:5c:4e:70:99:97:73:0a:c0:81:8b:a2:de:cf:
e7:d0:f7:e6:27:70:58:d4:34:ac:c9:e7:b4:99:d6:
4f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:71:B4:E6:23:FC:1E:F9:02:06:D3:24:60:4D:B9:B9:1C:65:46:60
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/dnG05iP8HvkCBtMkYE25uRxlRmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.68.0/22
IPv6:
2a00:1790::/29
Signature Algorithm: sha256WithRSAEncryption
71:9a:ba:9c:34:83:66:42:26:bb:46:2e:44:0c:df:8a:2c:7c:
91:4f:12:f4:38:f4:e3:55:75:26:8b:f1:38:cb:91:4d:bb:58:
9e:28:5f:8c:cf:ee:e7:8c:0f:12:a9:36:89:b3:2c:40:85:48:
cf:09:d1:09:b6:a3:e5:c0:d0:28:42:78:0d:03:e7:8e:70:c6:
25:8e:e3:f6:ee:47:c4:df:0a:f9:9a:e5:56:3c:84:4f:0d:24:
15:1c:2d:59:89:4e:40:b7:a6:92:da:3b:60:1a:6c:36:d8:59:
81:34:6b:71:c6:a6:e7:64:a3:c7:ed:d6:e1:0b:a4:b2:76:c2:
9b:d2:25:47:59:36:08:b6:7a:c4:94:f9:76:a0:4f:b8:89:6d:
67:a5:6d:8e:5b:22:a4:e4:a9:a3:5f:68:f1:79:ab:6d:64:a0:
65:8f:43:85:bf:a2:76:80:58:07:06:a2:a9:9b:88:68:66:6e:
14:75:f9:f1:d2:15:9f:fd:40:6e:8b:e5:ef:37:da:4f:f9:c9:
f0:1d:43:47:e1:98:a8:71:52:1c:57:05:b6:e9:af:8d:55:31:
65:41:60:4f:0d:5d:1b:b3:17:35:93:16:93:25:0f:d1:a7:0c:
f0:6c:2e:fe:ad:29:5d:0d:ac:1c:9f:85:6a:d4:93:33:c1:5d:
0d:a1:61:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIKcFwvfW8LD71XTNIqr48XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjQwOTE5MTMxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjcxYjRlNjIzZmMxZWY5MDIwNmQzMjQ2MDRkYjliOTFjNjU0NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrxyhEXGbzQvRTCRY7x8p0sfVojE
0cpC3PtueiVQjJJ8vn+99RKdVbyKvDBXN+oPnCnBw3J09N4AJhNt9K1W8rlAGGVy
euHbdvoBMGgd1BnxPtDeRwM0r4HUq6By0B5DGYiYkwgyZbCryzV7TAb6jjH6xL7K
LmnednEqkN3Ne/L4qNzK0vYmbGkArjU5zMFICsD85NXTJqTJdahfm3UZgb5Ud5Fs
DGIxRjWYwEgz8ScpTJ/DI3jZwC9xQDw+Jkj3Ezu2pQAcPKpp98axxZmJnqr3LIMg
t0eoXbwk9dFJ5GbLSlxOcJmXcwrAgYui3s/n0PfmJ3BY1DSsyee0mdZP6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHZxtOYj/B75AgbTJGBNubkcZUZgMB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvZG5HMDVpUDhIdmtDQnRNa1lFMjV1UnhsUm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWNEMA0E
AgACMAcDBQMqABeQMA0GCSqGSIb3DQEBCwUAA4IBAQBxmrqcNINmQia7Ri5EDN+K
LHyRTxL0OPTjVXUmi/E4y5FNu1ieKF+Mz+7njA8SqTaJsyxAhUjPCdEJtqPlwNAo
QngNA+eOcMYljuP27kfE3wr5muVWPIRPDSQVHC1ZiU5At6aS2jtgGmw22FmBNGtx
xqbnZKPH7dbhC6SydsKb0iVHWTYItnrElPl2oE+4iW1npW2OWyKk5KmjX2jxeatt
ZKBlj0OFv6J2gFgHBqKpm4hoZm4Udfnx0hWf/UBui+XvN9pP+cnwHUNH4ZiocVIc
VwW26a+NVTFlQWBPDV0bsxc1kxaTJQ/RpwzwbC7+rSldDawcn4Vq1JMzwV0NoWEi
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:02 2024 by rpki-client on console-fra.rpki-client.org