Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/7-Yg20M_Ye3yBcih56zR45G_65E.roa
File: 7-Yg20M_Ye3yBcih56zR45G_65E.roa (raw, json)
Hash identifier: OQ2noUmL21ZQ32gRmGYGz3A4iwpa3rKMLk56zsRdssU=
Subject key identifier: EF:E6:20:DB:43:3F:61:ED:F2:05:C8:A1:E7:AC:D1:E3:91:BF:EB:91
Certificate issuer: /CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Certificate serial: 018CCA2A89BBD5BB03D56D3E19DCECAB854D
Authority key identifier: 84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/7-Yg20M_Ye3yBcih56zR45G_65E.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35691
IP address blocks: 147.78.4.0/24 maxlen: 24
147.78.5.0/24 maxlen: 24
2a09:19c0::/48 maxlen: 48
2a09:19c0:1::/48 maxlen: 48
2a09:19c0:180::/42 maxlen: 42
2a09:19c0:140::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:89:bb:d5:bb:03:d5:6d:3e:19:dc:ec:ab:85:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efe620db433f61edf205c8a1e7acd1e391bfeb91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:65:72:c3:e4:50:76:8a:f9:49:7b:0e:96:
05:37:26:74:22:7a:e1:41:0d:c5:68:aa:66:0c:c8:
74:00:a1:5b:fb:32:7e:a5:cb:27:f3:c1:7f:ef:37:
91:ad:50:73:88:50:44:5c:76:0f:16:0d:8a:fa:1c:
dd:4e:f2:bd:c5:79:80:d5:93:2f:d5:14:28:ee:a8:
fa:2d:ae:08:d9:05:21:a1:b3:db:61:0e:94:d9:79:
b2:a9:b7:4f:03:9b:c2:24:fb:c7:d3:0c:8c:ee:05:
f2:c3:50:7f:46:53:88:c8:8c:b3:0e:29:31:eb:5d:
8f:8d:85:5b:76:41:69:99:ba:37:a7:eb:3f:c2:f9:
6a:51:3d:13:af:42:5a:94:72:d8:1f:09:d3:00:b9:
10:c2:05:d0:da:91:e2:71:44:15:12:1d:03:3f:b6:
ff:de:85:39:5a:2d:fd:a0:ce:dc:d6:a2:44:dd:d5:
17:73:97:58:2b:cb:6b:0b:3e:5f:71:fd:09:0e:09:
eb:c4:66:5a:bb:2e:6c:4d:5e:37:99:c2:6e:46:53:
35:d5:d5:0c:5f:d1:4f:54:af:eb:63:f4:97:98:e7:
ac:07:06:33:2e:25:43:54:42:f9:25:eb:6f:da:c5:
c6:a0:64:cc:e3:42:67:63:7f:22:d3:67:46:b4:a4:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E6:20:DB:43:3F:61:ED:F2:05:C8:A1:E7:AC:D1:E3:91:BF:EB:91
X509v3 Authority Key Identifier:
keyid:84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/7-Yg20M_Ye3yBcih56zR45G_65E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.4.0/23
IPv6:
2a09:19c0::/47
2a09:19c0:140::-2a09:19c0:1bf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3e:f0:d8:6b:7f:84:12:1c:46:27:23:03:6e:c6:f3:53:e0:5e:
b9:b3:5f:e2:ec:24:c7:2c:d4:75:b0:79:79:c8:2f:f8:ff:34:
29:f5:58:3b:bc:46:5d:63:9a:5c:16:68:dd:a0:ed:7d:3c:9a:
1c:96:33:40:57:73:b8:1c:f3:7f:bc:92:57:99:02:ef:da:ce:
4a:c7:48:41:e4:c4:69:f8:d3:98:28:9d:06:ed:11:00:26:f9:
7d:a0:21:34:65:a3:69:b2:2e:54:be:63:c3:5b:8a:1e:66:c0:
f7:a9:06:48:ca:d9:76:e0:e0:67:41:95:27:c9:dc:f7:f5:a1:
17:a3:b9:6c:d6:20:c1:83:79:24:3e:e7:3c:21:67:96:56:4d:
aa:84:14:84:6c:82:e4:31:41:c7:b3:f5:87:c4:6d:f3:2f:67:
9a:7f:b0:ae:64:48:01:3b:8d:40:79:44:0e:1d:63:00:cb:46:
39:8a:f0:96:b8:05:cb:d0:e1:ae:99:c5:2a:93:c6:c9:f5:88:
28:a5:6f:44:89:b9:68:79:f7:62:e0:d6:0c:42:f2:7a:10:a6:
87:a6:6b:88:55:6d:ba:7a:5d:c0:cf:26:ed:90:39:99:c6:6b:
ce:b3:65:be:ee:0e:f7:28:d1:2b:65:28:03:bd:6f:23:ff:f7:
e1:3c:6f:07
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzKKom71bsD1W0+Gdzsq4VNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDU4MmNhNzA0NzE3ZWIwYzk0YmU0ZDg5NDEzZjRiYzJk
OGI4ZTUwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU2MjBkYjQzM2Y2MWVkZjIwNWM4YTFlN2FjZDFlMzkxYmZlYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr41lcsPkUHaK+Ul7DpYFNyZ0Inrh
QQ3FaKpmDMh0AKFb+zJ+pcsn88F/7zeRrVBziFBEXHYPFg2K+hzdTvK9xXmA1ZMv
1RQo7qj6La4I2QUhobPbYQ6U2XmyqbdPA5vCJPvH0wyM7gXyw1B/RlOIyIyzDikx
612PjYVbdkFpmbo3p+s/wvlqUT0Tr0JalHLYHwnTALkQwgXQ2pHicUQVEh0DP7b/
3oU5Wi39oM7c1qJE3dUXc5dYK8trCz5fcf0JDgnrxGZauy5sTV43mcJuRlM11dUM
X9FPVK/rY/SXmOesBwYzLiVDVEL5Jetv2sXGoGTM40JnY38i02dGtKSh5wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFO/mINtDP2Ht8gXIoees0eORv+uRMB8GA1UdIwQY
MBaAFIRFgspwRxfrDJS+TYlBP0vC2LjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAt
ZjIzZjY2ZjhkMjQyLzEvNy1ZZzIwTV9ZZTN5QmNpaDU2elI0NUdfNjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAtZjIzZjY2ZjhkMjQy
LzEvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQBk04EMCME
AgACMB0DBwEqCRnAAAAwEgMHBioJGcABQAMHBioJGcABgDANBgkqhkiG9w0BAQsF
AAOCAQEAPvDYa3+EEhxGJyMDbsbzU+BeubNf4uwkxyzUdbB5ecgv+P80KfVYO7xG
XWOaXBZo3aDtfTyaHJYzQFdzuBzzf7ySV5kC79rOSsdIQeTEafjTmCidBu0RACb5
faAhNGWjabIuVL5jw1uKHmbA96kGSMrZduDgZ0GVJ8nc9/WhF6O5bNYgwYN5JD7n
PCFnllZNqoQUhGyC5DFBx7P1h8Rt8y9nmn+wrmRIATuNQHlEDh1jAMtGOYrwlrgF
y9DhrpnFKpPGyfWIKKVvRIm5aHn3YuDWDELyehCmh6ZriFVtunpdwM8m7ZA5mcZr
zrNlvu4O9yjRK2UoA71vI//34TxvBw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:19 2024 by rpki-client on console-fra.rpki-client.org