Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/iHuO0cvSKcVg8hbzJHc5vhcPwI4.roa
File: iHuO0cvSKcVg8hbzJHc5vhcPwI4.roa (raw, json)
Hash identifier: dEtEkNuOvPNiqJUNshsYFTUzNfqex7Yc/P606wrkQM8=
Subject key identifier: 88:7B:8E:D1:CB:D2:29:C5:60:F2:16:F3:24:77:39:BE:17:0F:C0:8E
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 018CC348D69F5BD7BA70AB153C0F3051DA45
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/iHuO0cvSKcVg8hbzJHc5vhcPwI4.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49265
IP address blocks: 94.230.76.0/24 maxlen: 24
94.230.77.0/24 maxlen: 24
94.230.78.0/24 maxlen: 24
94.230.76.0/22 maxlen: 22
94.230.79.0/24 maxlen: 24
109.104.240.0/22 maxlen: 22
109.104.240.0/24 maxlen: 24
109.104.241.0/24 maxlen: 24
109.104.242.0/24 maxlen: 24
109.104.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d6:9f:5b:d7:ba:70:ab:15:3c:0f:30:51:da:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=887b8ed1cbd229c560f216f3247739be170fc08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:88:b1:94:dd:28:d2:e1:27:d1:31:be:89:2c:
25:b4:7c:a8:70:e2:57:8f:08:cd:34:c0:1e:2d:58:
01:67:b6:b6:e9:61:5f:82:78:b5:aa:4e:42:9b:34:
23:d4:9b:f9:89:d5:19:c1:21:7e:f2:9c:d0:bc:7a:
e9:f0:2f:aa:95:52:6b:7a:2a:51:ad:6f:4b:89:ba:
51:77:86:a5:15:78:e2:99:ac:40:79:8a:a3:9c:72:
64:4a:79:44:07:73:ec:05:ea:0c:68:00:74:10:8b:
5d:69:63:81:2b:d5:bb:2a:5a:2d:7d:17:dc:c1:d0:
1c:46:39:99:05:d0:a1:d3:4f:a4:34:2d:54:3b:8e:
b6:e2:b8:3a:39:a6:8d:60:d7:83:ee:6f:76:ab:90:
25:c4:6e:21:32:3f:3d:38:38:48:de:7f:14:12:41:
31:bc:d0:be:0a:78:b7:78:cf:70:07:9a:08:08:3e:
d4:4c:25:dc:4e:00:a7:31:c6:1e:b4:d9:69:53:4c:
c6:d8:1d:f9:17:15:8b:26:3a:db:61:51:9d:32:14:
34:7b:d9:0e:3b:20:fd:3f:29:f4:bd:86:5d:8e:96:
cd:59:87:31:f8:a5:ec:34:5a:0f:05:59:6e:ba:6c:
8a:14:8e:d7:30:3a:f8:c6:db:fa:88:a1:f5:80:55:
1d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7B:8E:D1:CB:D2:29:C5:60:F2:16:F3:24:77:39:BE:17:0F:C0:8E
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/iHuO0cvSKcVg8hbzJHc5vhcPwI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.76.0/22
109.104.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:51:4d:45:21:12:5b:41:e1:7b:0c:c1:50:d3:83:a5:e2:78:
ad:3f:b3:53:8f:aa:cf:6e:2c:c0:7f:d9:09:2c:c3:a9:28:3d:
52:7f:50:78:ae:a3:de:f1:3c:e6:de:3b:56:86:41:1d:00:eb:
cb:88:07:ed:62:ae:9a:37:01:b8:8e:30:cd:c9:84:e1:e4:bd:
89:61:3b:9f:f2:37:36:97:ab:41:82:6b:52:12:2c:89:88:c8:
dc:dd:54:64:09:8f:d1:c2:ef:2a:e6:8a:15:f1:e9:4f:f6:1c:
14:1b:38:4b:aa:70:a9:ec:be:42:da:78:c3:33:7e:0e:9c:79:
33:8b:ba:16:ca:e5:32:8d:e3:09:4c:14:9c:23:c8:11:1d:16:
f4:01:99:a4:69:43:f4:33:bf:5b:9b:74:eb:d6:75:18:93:e8:
43:80:dd:cf:33:50:aa:02:e0:5d:97:c5:16:e8:9e:1b:4d:87:
24:0d:51:64:01:92:f4:b3:cd:75:30:f1:5c:03:a3:46:49:73:
dc:39:18:63:fd:98:24:23:9f:14:97:bf:ce:2e:99:53:fa:fb:
43:f0:03:97:04:8c:3c:19:8e:8c:45:9e:28:6e:f8:ed:d8:50:
e1:b1:21:86:2a:5d:d9:69:7c:da:24:24:45:78:b1:87:2b:1f:
36:de:33:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSNafW9e6cKsVPA8wUdpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdiOGVkMWNiZDIyOWM1NjBmMjE2ZjMyNDc3MzliZTE3MGZjMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoixlN0o0uEn0TG+iSwltHyocOJX
jwjNNMAeLVgBZ7a26WFfgni1qk5CmzQj1Jv5idUZwSF+8pzQvHrp8C+qlVJreipR
rW9LibpRd4alFXjimaxAeYqjnHJkSnlEB3PsBeoMaAB0EItdaWOBK9W7KlotfRfc
wdAcRjmZBdCh00+kNC1UO4624rg6OaaNYNeD7m92q5AlxG4hMj89ODhI3n8UEkEx
vNC+Cni3eM9wB5oICD7UTCXcTgCnMcYetNlpU0zG2B35FxWLJjrbYVGdMhQ0e9kO
OyD9Pyn0vYZdjpbNWYcx+KXsNFoPBVluumyKFI7XMDr4xtv6iKH1gFUd9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIh7jtHL0inFYPIW8yR3Ob4XD8COMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvaUh1TzBjdlNLY1ZnOGhiekpIYzV2aGNQd0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXuZMAwQC
bWjwMA0GCSqGSIb3DQEBCwUAA4IBAQAeUU1FIRJbQeF7DMFQ04Ol4nitP7NTj6rP
bizAf9kJLMOpKD1Sf1B4rqPe8Tzm3jtWhkEdAOvLiAftYq6aNwG4jjDNyYTh5L2J
YTuf8jc2l6tBgmtSEiyJiMjc3VRkCY/Rwu8q5ooV8elP9hwUGzhLqnCp7L5C2njD
M34OnHkzi7oWyuUyjeMJTBScI8gRHRb0AZmkaUP0M79bm3Tr1nUYk+hDgN3PM1Cq
AuBdl8UW6J4bTYckDVFkAZL0s811MPFcA6NGSXPcORhj/ZgkI58Ul7/OLplT+vtD
8AOXBIw8GY6MRZ4obvjt2FDhsSGGKl3ZaXzaJCRFeLGHKx823jOw
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:29:22 2024 by rpki-client on console-ams.rpki-client.org