Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/7oi22xEE6Qx30p_PmbB9QhUGXOw.roa
File: 7oi22xEE6Qx30p_PmbB9QhUGXOw.roa (raw, json)
Hash identifier: uQVbgOKmO5N4f7H7ETcrvApu/JOpmS34i0t/ARGIoGA=
Subject key identifier: EE:88:B6:DB:11:04:E9:0C:77:D2:9F:CF:99:B0:7D:42:15:06:5C:EC
Certificate issuer: /CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Certificate serial: 018CC56E4241F2826AB915712AD405CB58FF
Authority key identifier: 01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/7oi22xEE6Qx30p_PmbB9QhUGXOw.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56911
IP address blocks: 185.111.76.0/22 maxlen: 24
46.149.168.0/22 maxlen: 24
2a0d:f7c0::/32 maxlen: 34
2a06:5bc0::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:42:41:f2:82:6a:b9:15:71:2a:d4:05:cb:58:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee88b6db1104e90c77d29fcf99b07d4215065cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:e3:ea:2d:43:b8:91:70:2c:d1:5d:79:55:
35:cc:0e:58:59:15:a3:31:5a:d1:3f:16:b7:4a:0f:
52:0e:c2:ca:bb:97:c7:60:c8:a3:1a:71:57:b0:7d:
0f:f7:52:c2:67:50:5d:e7:1c:92:d0:74:92:29:d2:
62:4d:61:20:1b:1d:cf:34:4c:ec:4f:bf:92:5b:c3:
74:e7:85:bd:be:ea:ce:2c:44:35:8a:fd:7b:01:46:
c5:7a:1c:8f:4d:e1:1b:37:e9:f2:f1:07:60:76:3e:
d7:12:d9:81:1b:81:1d:53:92:de:2c:20:4d:fd:03:
fb:50:0c:62:94:ad:1d:e0:b7:74:ec:20:5f:ff:0a:
7f:c7:70:a0:b9:bf:a9:41:be:31:1f:d9:9a:f1:8f:
92:81:ec:76:85:83:0a:b2:17:06:1c:57:ca:c9:b8:
e4:ad:7d:4c:9f:e5:43:b9:d1:86:94:f5:c6:db:b2:
88:31:50:05:d0:b6:39:ee:33:0e:95:01:2e:b0:64:
26:01:13:44:c3:35:fe:54:20:4c:96:13:68:3b:0c:
94:d6:04:9c:b1:4b:95:86:d8:0d:62:4f:d6:69:36:
1a:3a:f8:7e:f5:b6:2a:96:d7:38:00:3d:87:86:64:
28:4a:e6:de:27:fd:0c:85:76:72:bf:d4:99:6c:21:
6a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:88:B6:DB:11:04:E9:0C:77:D2:9F:CF:99:B0:7D:42:15:06:5C:EC
X509v3 Authority Key Identifier:
keyid:01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/7oi22xEE6Qx30p_PmbB9QhUGXOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.168.0/22
185.111.76.0/22
IPv6:
2a06:5bc0::/29
2a0d:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
54:d5:7c:c9:ec:58:ae:0e:e8:cf:b1:e6:be:e1:49:b0:7e:a2:
79:9e:a4:0a:17:5d:97:06:0b:9c:99:e8:b3:78:02:49:9b:43:
87:d8:f2:e9:09:93:bc:03:08:f9:b0:a9:4f:43:68:87:38:eb:
22:81:a7:c4:ed:57:78:0a:fb:91:a2:b0:c4:68:94:d7:e7:68:
9e:75:f1:a9:23:56:f1:b5:5f:86:59:0e:e4:3c:f8:cf:c0:a1:
3c:40:04:1e:ea:68:8c:79:98:d3:d6:ad:a7:f1:9b:dc:2b:a6:
68:7f:02:2a:9b:ae:f2:c5:57:be:74:1a:49:dd:39:f4:31:c2:
7b:ce:ca:2a:cc:ea:8b:d6:b1:de:24:5a:6f:61:7c:c3:0c:15:
b3:d1:cb:35:85:4c:08:d0:c8:23:f1:7c:d6:3e:07:29:8f:65:
42:b2:50:b5:68:03:4f:9f:7d:c3:ff:27:e4:df:2e:e4:ef:0f:
a4:4f:a5:3f:19:bf:6c:52:4b:e8:9d:c5:5f:57:90:27:5b:fe:
8f:10:41:cb:38:94:79:cb:3f:e9:fe:22:fa:b7:a6:2c:37:71:
b6:73:7b:65:72:3a:78:bf:69:23:67:fa:ae:dc:62:61:6b:8c:
cb:00:b1:64:55:2c:aa:ec:8e:42:7b:e8:ea:69:b8:6c:1e:05:
1d:10:3b:1c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbkJB8oJquRVxKtQFy1j/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzIzNTA2NzE4ZGZjZjJhOGJkMTc2ZDRlYTI0ZTI3NTMy
MmZjZmIwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg4YjZkYjExMDRlOTBjNzdkMjlmY2Y5OWIwN2Q0MjE1MDY1Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCDj6i1DuJFwLNFdeVU1zA5YWRWj
MVrRPxa3Sg9SDsLKu5fHYMijGnFXsH0P91LCZ1Bd5xyS0HSSKdJiTWEgGx3PNEzs
T7+SW8N054W9vurOLEQ1iv17AUbFehyPTeEbN+ny8Qdgdj7XEtmBG4EdU5LeLCBN
/QP7UAxilK0d4Ld07CBf/wp/x3Cgub+pQb4xH9ma8Y+Sgex2hYMKshcGHFfKybjk
rX1Mn+VDudGGlPXG27KIMVAF0LY57jMOlQEusGQmARNEwzX+VCBMlhNoOwyU1gSc
sUuVhtgNYk/WaTYaOvh+9bYqltc4AD2HhmQoSubeJ/0MhXZyv9SZbCFqFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFO6IttsRBOkMd9Kfz5mwfUIVBlzsMB8GA1UdIwQY
MBaAFAFyNQZxjfzyqL0XbU6iTidTIvz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEt
MDUzNzNiYTk0ODNkLzEvN29pMjJ4RUU2UXgzMHBfUG1iQjlRaFVHWE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEtMDUzNzNiYTk0ODNk
LzEvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLpWoAwQC
uW9MMBQEAgACMA4DBQMqBlvAAwUAKg33wDANBgkqhkiG9w0BAQsFAAOCAQEAVNV8
yexYrg7oz7HmvuFJsH6ieZ6kChddlwYLnJnos3gCSZtDh9jy6QmTvAMI+bCpT0No
hzjrIoGnxO1XeAr7kaKwxGiU1+donnXxqSNW8bVfhlkO5Dz4z8ChPEAEHupojHmY
09atp/Gb3CumaH8CKpuu8sVXvnQaSd059DHCe87KKszqi9ax3iRab2F8wwwVs9HL
NYVMCNDII/F81j4HKY9lQrJQtWgDT599w/8n5N8u5O8PpE+lPxm/bFJL6J3FX1eQ
J1v+jxBByziUecs/6f4i+remLDdxtnN7ZXI6eL9pI2f6rtxiYWuMywCxZFUsquyO
Qnvo6mm4bB4FHRA7HA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:46 2024 by rpki-client on console-ams.rpki-client.org