Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/7f1Wfma3S1jcviiVtx5pWgtMU1M.roa
File: 7f1Wfma3S1jcviiVtx5pWgtMU1M.roa (raw, json)
Hash identifier: IyEtV/ZlN2S6nL2dUZ1BEipcro3Cma7lBWJL+35FnD4=
Subject key identifier: ED:FD:56:7E:66:B7:4B:58:DC:BE:28:95:B7:1E:69:5A:0B:4C:53:53
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191EA0A9A848C096AD8C8D0D65DBEA7F383
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/7f1Wfma3S1jcviiVtx5pWgtMU1M.roa
Signing time: Fri 13 Sep 2024 06:20:49 +0000
ROA not before: Fri 13 Sep 2024 06:20:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 31.170.55.0/24 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:0a:9a:84:8c:09:6a:d8:c8:d0:d6:5d:be:a7:f3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 13 06:20:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edfd567e66b74b58dcbe2895b71e695a0b4c5353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b3:bc:65:ca:7a:fc:db:00:36:a3:ee:e0:58:
50:fe:ec:ce:76:56:35:01:e6:b1:08:50:5b:70:8f:
f8:18:26:7c:67:24:4c:ff:43:5a:99:f5:97:a7:bf:
17:56:7a:61:c2:bb:07:55:1c:5a:34:3f:aa:b0:32:
36:f7:a6:af:80:10:1b:8e:b5:42:79:87:d8:8a:7a:
1d:77:00:0b:48:fc:de:03:28:b5:d9:5b:59:64:cd:
3a:eb:a2:2b:0b:8c:24:9f:dd:86:00:1c:50:52:3b:
09:7e:1a:19:71:78:b4:dd:ec:78:b9:5b:8e:be:ac:
c8:fd:6b:5d:e4:b4:29:2f:66:1a:b5:bc:8f:68:45:
9e:5f:1a:15:e2:5b:3b:9f:30:c7:e1:d6:86:36:30:
1a:61:e3:fa:a7:2b:0d:ec:90:81:4e:34:cd:07:b2:
62:a0:70:80:cb:e5:9d:bb:66:ca:16:ca:4a:51:fd:
6e:87:f0:50:6e:3c:90:7c:a6:03:1c:43:80:9f:3a:
5e:86:0c:7d:a7:cd:13:f5:e0:11:63:44:14:21:1c:
bd:e2:bc:46:d8:c5:b4:76:e6:12:54:52:74:17:bd:
40:ee:79:41:7d:9f:f2:f3:d8:5a:f3:44:17:b9:2b:
bb:83:d9:b6:88:41:40:d6:ae:5e:cc:65:dc:86:ee:
2e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FD:56:7E:66:B7:4B:58:DC:BE:28:95:B7:1E:69:5A:0B:4C:53:53
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/7f1Wfma3S1jcviiVtx5pWgtMU1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.145.0/24
37.49.147.0/24
37.49.151.0/24
94.74.147.0/24
94.74.168.0/24
94.74.173.0/24
109.203.160.0/23
176.46.129.0-176.46.130.255
176.46.133.0-176.46.135.255
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
70:19:a7:a3:71:c7:60:4b:b5:28:a7:d1:9a:d0:76:ea:62:90:
ec:40:2f:ea:31:df:6e:21:e5:81:ab:58:2e:b1:ff:68:e7:75:
38:51:1b:9a:72:e6:d5:8a:76:da:be:7f:dd:97:22:51:db:cc:
8c:ef:00:80:af:de:93:aa:d0:f0:6a:c5:74:af:d6:99:ac:7c:
75:39:c0:18:18:9f:3f:fc:74:fa:05:8c:96:32:ea:3c:c0:67:
84:fc:5f:5c:9f:73:69:ba:33:dd:7a:76:e6:51:4e:85:e9:87:
68:87:24:f3:03:c1:cc:43:6f:54:50:90:01:30:fc:df:77:bf:
bb:b4:53:d3:67:4b:12:6c:79:ed:d8:be:86:4a:14:dc:56:17:
52:8b:dc:4e:3c:46:b9:7f:3d:65:2e:1d:fa:c5:4a:98:18:fc:
69:c7:5c:8b:21:b2:91:dd:66:9c:6a:5a:a4:96:90:59:c3:5c:
86:fb:a7:72:04:e3:1f:9a:35:a5:81:4c:08:6c:e8:56:97:5e:
31:e1:14:7c:d5:ae:7b:f7:ac:94:6d:fa:e3:19:65:67:a5:c3:
60:a1:9e:3f:60:8e:3e:18:fc:c2:95:96:39:76:f4:14:2c:99:
b6:81:c4:d2:de:d9:c2:26:68:b4:bf:1d:cf:2d:b3:cb:c0:d6:
08:b8:67:7d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZHqCpqEjAlq2MjQ1l2+p/ODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTEzMDYyMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGZkNTY3ZTY2Yjc0YjU4ZGNiZTI4OTViNzFlNjk1YTBiNGM1MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bO8Zcp6/NsANqPu4FhQ/uzOdlY1
AeaxCFBbcI/4GCZ8ZyRM/0NamfWXp78XVnphwrsHVRxaND+qsDI296avgBAbjrVC
eYfYinoddwALSPzeAyi12VtZZM0666IrC4wkn92GABxQUjsJfhoZcXi03ex4uVuO
vqzI/Wtd5LQpL2YatbyPaEWeXxoV4ls7nzDH4daGNjAaYeP6pysN7JCBTjTNB7Ji
oHCAy+Wdu2bKFspKUf1uh/BQbjyQfKYDHEOAnzpehgx9p80T9eARY0QUIRy94rxG
2MW0duYSVFJ0F71A7nlBfZ/y89ha80QXuSu7g9m2iEFA1q5ezGXchu4uOQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFO39Vn5mt0tY3L4olbceaVoLTFNTMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvN2YxV2ZtYTNTMWpjdmlpVnR4NXBXZ3RNVTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAH6o3AwQA
JTGRAwQAJTGTAwQAJTGXAwQAXkqTAwQAXkqoAwQAXkqtAwQBbcugMAwDBACwLoED
BACwLoIwDAMEALAuhQMEA7AugAMEALAukzANBgkqhkiG9w0BAQsFAAOCAQEAcBmn
o3HHYEu1KKfRmtB26mKQ7EAv6jHfbiHlgatYLrH/aOd1OFEbmnLm1Yp22r5/3Zci
UdvMjO8AgK/ek6rQ8GrFdK/Wmax8dTnAGBifP/x0+gWMljLqPMBnhPxfXJ9zaboz
3Xp25lFOhemHaIck8wPBzENvVFCQATD833e/u7RT02dLEmx57di+hkoU3FYXUovc
TjxGuX89ZS4d+sVKmBj8acdciyGykd1mnGpapJaQWcNchvuncgTjH5o1pYFMCGzo
VpdeMeEUfNWue/eslG364xllZ6XDYKGeP2COPhj8wpWWOXb0FCyZtoHE0t7ZwiZo
tL8dzy2zy8DWCLhnfQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:46:40 2024 by rpki-client on console-ams.rpki-client.org