Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1_S8E0TkmwPTj-CZLb6i1LQlqt8.roa
File: 1_S8E0TkmwPTj-CZLb6i1LQlqt8.roa (raw, json)
Hash identifier: gxGZo9I4msPca3/f/m0rffKypTqSgvbEmgrnfg1FA64=
Subject key identifier: D7:F4:BC:13:44:E4:9B:03:D3:8F:E0:99:2D:BE:A2:D4:B4:25:AA:DF
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018ED6462C45361A7B0547453B05684F0D53
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1_S8E0TkmwPTj-CZLb6i1LQlqt8.roa
Signing time: Sat 13 Apr 2024 07:05:06 +0000
ROA not before: Sat 13 Apr 2024 07:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:46:2c:45:36:1a:7b:05:47:45:3b:05:68:4f:0d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 13 07:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7f4bc1344e49b03d38fe0992dbea2d4b425aadf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:07:65:3e:60:d7:08:c4:54:73:92:a8:6d:bd:
f0:32:bc:86:70:a9:42:1e:84:74:6f:3b:03:82:7d:
f4:c0:4e:75:6c:86:e0:35:b2:cf:c9:af:0e:08:7b:
02:2e:f8:65:39:c5:4f:c4:fe:d0:fe:2a:c6:4e:d8:
56:db:bc:36:3c:af:77:7b:f4:a7:ed:a9:7d:c1:59:
02:3f:ea:8d:32:1d:97:ca:aa:b0:ef:80:15:ca:5c:
95:7b:89:74:29:9e:c1:8f:6f:61:b6:60:bd:88:a1:
3d:7a:af:8c:d6:95:35:6f:c2:ca:a4:8e:58:99:5d:
2b:41:8e:93:34:1c:6d:37:50:93:79:7c:72:19:7d:
6a:b9:96:82:c9:41:5f:c7:42:6b:96:d7:4f:bf:d3:
13:12:ec:c9:92:d3:9c:80:d4:be:57:04:53:a3:6e:
40:c9:9e:3f:4c:cf:4b:b7:a1:a9:05:fa:74:40:00:
61:25:d0:95:bc:8c:e5:1e:f0:8b:e2:b6:27:5e:45:
5d:a5:91:b5:a3:02:a2:83:f3:91:59:0e:fe:4b:64:
49:eb:33:b3:38:17:02:11:f6:0a:83:81:2b:e7:99:
ed:f0:58:78:f8:d0:d2:e6:9b:a3:83:a4:dc:82:0f:
85:e2:b0:58:f8:57:1c:a1:c6:68:8f:d1:f5:22:94:
a0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F4:BC:13:44:E4:9B:03:D3:8F:E0:99:2D:BE:A2:D4:B4:25:AA:DF
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1_S8E0TkmwPTj-CZLb6i1LQlqt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
84:89:94:09:4b:21:bf:ca:2e:94:c3:bb:ee:2f:7e:e5:72:bf:
31:f1:60:9c:69:ba:b5:0e:c2:fc:3a:d3:79:65:18:e5:07:2b:
ec:b7:f9:0a:af:d8:49:30:bf:5b:1f:45:24:3c:ed:86:34:d1:
f5:7c:d0:a8:00:f0:c1:f0:e7:c8:62:c3:f5:c6:5d:2e:69:3b:
b9:1e:a6:49:21:61:49:1c:ba:2b:6d:62:4c:8f:3a:15:58:8c:
18:06:7d:eb:bd:e9:d4:37:34:01:81:27:55:66:ef:b2:d6:61:
fe:a4:a3:3b:32:11:f2:a8:c7:3c:1c:9d:ec:b2:53:d7:52:0d:
18:15:2e:8f:13:64:89:44:ca:5b:69:fe:74:7b:6b:f7:7d:16:
27:4d:0e:67:e3:5c:6b:eb:c8:cf:68:0e:05:0a:f4:fb:1c:4e:
28:93:a7:01:95:60:3a:f4:d1:07:b0:2d:b8:2b:f3:d6:b8:75:
7f:0e:4c:b0:42:55:4f:1e:ae:09:a5:e4:c8:1a:83:47:36:95:
42:ba:1e:b0:6c:73:d5:1e:a8:a0:18:4b:52:62:76:32:90:47:
dd:01:6c:35:c9:bd:24:6b:e9:5c:84:24:70:40:dd:16:7d:89:
ad:da:6c:6e:f5:9f:75:06:c1:34:29:f5:6a:e3:5f:f7:b0:33:
54:6f:a2:d4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY7WRixFNhp7BUdFOwVoTw1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDEzMDcwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y0YmMxMzQ0ZTQ5YjAzZDM4ZmUwOTkyZGJlYTJkNGI0MjVhYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwdlPmDXCMRUc5Kobb3wMryGcKlC
HoR0bzsDgn30wE51bIbgNbLPya8OCHsCLvhlOcVPxP7Q/irGTthW27w2PK93e/Sn
7al9wVkCP+qNMh2Xyqqw74AVylyVe4l0KZ7Bj29htmC9iKE9eq+M1pU1b8LKpI5Y
mV0rQY6TNBxtN1CTeXxyGX1quZaCyUFfx0JrltdPv9MTEuzJktOcgNS+VwRTo25A
yZ4/TM9Lt6GpBfp0QABhJdCVvIzlHvCL4rYnXkVdpZG1owKig/ORWQ7+S2RJ6zOz
OBcCEfYKg4Er55nt8Fh4+NDS5pujg6Tcgg+F4rBY+FccocZoj9H1IpSgSwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNf0vBNE5JsD04/gmS2+otS0JarfMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMV9TOEUwVGttd1BUai1DWkxiNmkxTFFscXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW+QMMAwD
BAVemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAISJlAlLIb/KLpTDu+4vfuVy
vzHxYJxpurUOwvw603llGOUHK+y3+Qqv2Ekwv1sfRSQ87YY00fV80KgA8MHw58hi
w/XGXS5pO7kepkkhYUkcuittYkyPOhVYjBgGfeu96dQ3NAGBJ1Vm77LWYf6kozsy
EfKoxzwcneyyU9dSDRgVLo8TZIlEyltp/nR7a/d9FidNDmfjXGvryM9oDgUK9Psc
TiiTpwGVYDr00QewLbgr89a4dX8OTLBCVU8ergml5Mgag0c2lUK6HrBsc9UeqKAY
S1JidjKQR90BbDXJvSRr6VyEJHBA3RZ9ia3abG71n3UGwTQp9WrjX/ewM1RvotQ=
-----END CERTIFICATE-----
Generated at Thu May 23 04:32:12 2024 by rpki-client on console-ams.rpki-client.org