Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/e7kmI7k7f8MnGsQBpn8TU2sX_TY.roa
File: e7kmI7k7f8MnGsQBpn8TU2sX_TY.roa (raw, json)
Hash identifier: 0WVAvhfUu0D595RKpMRHn3ncYQ6wgIm2+IXCdr+xBRw=
Subject key identifier: 7B:B9:26:23:B9:3B:7F:C3:27:1A:C4:01:A6:7F:13:53:6B:17:FD:36
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018CC72772E397A886D12C146650C23C91C1
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/e7kmI7k7f8MnGsQBpn8TU2sX_TY.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200590
IP address blocks: 185.121.83.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:72:e3:97:a8:86:d1:2c:14:66:50:c2:3c:91:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bb92623b93b7fc3271ac401a67f13536b17fd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:70:7f:40:d5:a9:24:2d:a6:70:78:4e:91:46:
59:69:3e:87:1f:2f:b9:87:d4:ac:0e:3d:51:73:17:
1b:90:da:4b:d9:ae:e5:88:70:79:29:d9:ac:a9:6a:
ed:b5:ea:72:dc:94:b8:d5:06:4b:b6:3f:c7:8f:39:
28:41:59:a2:f3:41:f8:bf:45:a5:0b:86:0c:9d:00:
73:b2:8a:b5:7a:1b:20:37:23:b6:85:18:99:1f:12:
47:82:06:1c:ff:cd:56:45:ae:a7:4c:19:db:73:2c:
35:17:65:2e:59:29:a2:6e:4e:72:a2:d9:18:a1:5c:
f3:76:ad:f0:60:f2:4b:18:ad:af:88:b6:2d:80:8d:
d4:23:88:e3:29:44:7f:75:b5:1d:99:94:ae:00:cf:
5a:43:5c:6e:6b:64:7b:2f:94:ee:d8:51:a0:47:1e:
38:62:69:f3:c9:79:a0:de:11:62:66:92:ec:3d:aa:
e9:e3:fc:10:c4:2f:0b:a7:84:d6:16:3d:cd:91:7a:
e8:59:6c:e6:56:f7:15:23:99:97:f4:8d:65:a8:9c:
7d:3a:18:f5:c8:74:3d:4f:37:32:03:f5:ec:52:ff:
8a:de:da:00:e0:f1:01:32:4c:3b:b9:11:d4:ac:eb:
80:5d:1b:a9:b9:cb:8a:33:1b:64:53:b9:ef:a9:21:
af:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B9:26:23:B9:3B:7F:C3:27:1A:C4:01:A6:7F:13:53:6B:17:FD:36
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/e7kmI7k7f8MnGsQBpn8TU2sX_TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.192.0/22
185.121.80.0/22
Signature Algorithm: sha256WithRSAEncryption
48:cc:ee:cb:ad:45:1b:34:49:9b:7a:14:ac:34:ce:9c:dc:5b:
2c:45:67:8f:f4:75:13:02:df:dd:2a:f0:62:9d:b3:e2:39:82:
c8:a0:d6:07:ea:fa:1c:91:a3:a3:cb:24:c8:31:cb:d8:77:94:
f2:ff:53:4e:a2:1d:c6:d4:f9:56:3d:2b:bf:e3:b9:5f:3e:16:
48:88:86:86:ae:9f:c3:f3:8d:eb:97:46:5b:ff:02:2e:9e:d2:
db:4d:c7:f7:aa:b7:ae:95:d0:fd:a3:3b:9e:88:7c:29:bb:a5:
5a:b3:91:d2:2e:5b:c1:f1:03:9f:db:c5:01:ef:40:4b:e5:e8:
2d:99:a5:24:cf:39:80:f8:db:f4:2e:54:3c:d9:30:ac:9e:03:
3f:97:39:89:e7:3e:a9:cc:2d:83:e4:ce:6e:6f:6b:3e:dd:ec:
7a:29:e1:f6:de:79:69:0c:5b:9f:c4:7b:cb:bb:be:7d:b5:11:
d5:24:71:8a:9b:a7:16:f2:ba:28:cd:b1:3d:55:6b:c4:1f:ae:
73:45:54:15:f3:73:0e:a7:a1:67:d9:cf:66:93:4a:c1:d3:05:
41:be:28:63:6e:90:21:46:89:ed:12:1d:eb:41:d8:e8:63:12:
1c:f8:ed:8f:3d:ee:1e:3d:54:27:dc:83:76:01:95:c0:be:15:
c1:63:44:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ3Ljl6iG0SwUZlDCPJHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI5MjYyM2I5M2I3ZmMzMjcxYWM0MDFhNjdmMTM1MzZiMTdmZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinB/QNWpJC2mcHhOkUZZaT6HHy+5
h9SsDj1RcxcbkNpL2a7liHB5KdmsqWrttepy3JS41QZLtj/HjzkoQVmi80H4v0Wl
C4YMnQBzsoq1ehsgNyO2hRiZHxJHggYc/81WRa6nTBnbcyw1F2UuWSmibk5yotkY
oVzzdq3wYPJLGK2viLYtgI3UI4jjKUR/dbUdmZSuAM9aQ1xua2R7L5Tu2FGgRx44
YmnzyXmg3hFiZpLsParp4/wQxC8Lp4TWFj3NkXroWWzmVvcVI5mX9I1lqJx9Ohj1
yHQ9TzcyA/XsUv+K3toA4PEBMkw7uRHUrOuAXRupucuKMxtkU7nvqSGvvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHu5JiO5O3/DJxrEAaZ/E1NrF/02MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvZTdrbUk3azdmOE1uR3NRQnBuOFRVMnNYX1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXTAAwQC
uXlQMA0GCSqGSIb3DQEBCwUAA4IBAQBIzO7LrUUbNEmbehSsNM6c3FssRWeP9HUT
At/dKvBinbPiOYLIoNYH6vockaOjyyTIMcvYd5Ty/1NOoh3G1PlWPSu/47lfPhZI
iIaGrp/D843rl0Zb/wIuntLbTcf3qreuldD9ozueiHwpu6Vas5HSLlvB8QOf28UB
70BL5egtmaUkzzmA+Nv0LlQ82TCsngM/lzmJ5z6pzC2D5M5ub2s+3ex6KeH23nlp
DFufxHvLu759tRHVJHGKm6cW8roozbE9VWvEH65zRVQV83MOp6Fn2c9mk0rB0wVB
vihjbpAhRontEh3rQdjoYxIc+O2PPe4ePVQn3IN2AZXAvhXBY0Rr
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:12 2024 by rpki-client on console-ams.rpki-client.org