Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/7PNTtszwQw_vTtaorEKLuJRgbMk.roa
File: 7PNTtszwQw_vTtaorEKLuJRgbMk.roa (raw, json)
Hash identifier: jrhPjkMGA/h5q71S01ozpQf9Y3rMZrh4Ad+CTz2Ds7w=
Subject key identifier: EC:F3:53:B6:CC:F0:43:0F:EF:4E:D6:A8:AC:42:8B:B8:94:60:6C:C9
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 018CC64AD3E09FCCA571D54E3B715AE66681
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/7PNTtszwQw_vTtaorEKLuJRgbMk.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12322
IP address blocks: 213.228.0.0/18 maxlen: 18
78.192.0.0/10 maxlen: 11
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
62.147.0.0/16 maxlen: 16
82.64.0.0/14 maxlen: 15
212.27.32.0/19 maxlen: 19
2a01:e00::/26 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d3:e0:9f:cc:a5:71:d5:4e:3b:71:5a:e6:66:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecf353b6ccf0430fef4ed6a8ac428bb894606cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:12:12:d2:cc:ac:80:02:71:6b:fa:15:ca:
3e:6a:32:d4:25:73:1a:0f:36:1b:5f:db:04:69:e4:
9c:41:d2:13:a6:4b:47:60:4e:c9:fa:a4:ce:50:07:
ea:ec:a3:18:92:8f:55:43:bb:0b:f9:83:e5:1d:68:
45:cd:e5:d6:94:a8:91:fc:8e:bb:6d:72:16:1f:6c:
ff:5f:4f:ef:b3:1d:d1:24:73:0d:4c:a3:b8:c3:d0:
05:1f:95:44:fb:f9:0b:8c:e7:24:f0:c7:56:1f:51:
ec:37:2e:8d:41:17:37:7b:b1:84:ca:31:2a:6c:8a:
d1:2b:da:66:23:ae:7e:3f:24:df:2a:79:8b:fb:58:
26:47:b8:21:e4:7e:ee:72:06:1c:30:c3:ae:ac:ea:
2a:b1:86:ab:dc:17:60:53:e7:b9:4e:7b:17:d5:4b:
98:1d:11:59:33:0f:2a:4c:dc:86:db:1f:3c:41:dc:
d5:a5:21:82:53:92:11:48:ca:1e:4d:b7:60:f0:c4:
b7:36:35:fc:2f:e0:e8:26:98:5c:0c:7c:79:14:27:
c4:b6:56:f1:92:e9:31:01:3c:2c:41:b3:a7:65:57:
6f:b0:34:70:c8:24:0a:82:9d:2d:1a:25:2a:e6:36:
49:bc:b1:6e:25:29:33:08:b7:19:b6:a8:44:d6:3e:
49:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F3:53:B6:CC:F0:43:0F:EF:4E:D6:A8:AC:42:8B:B8:94:60:6C:C9
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/7PNTtszwQw_vTtaorEKLuJRgbMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
8e:df:c3:07:7a:2e:1c:c2:0c:51:45:30:9a:36:d8:9f:b8:26:
13:dd:88:29:2f:90:3e:11:09:ba:20:e1:94:23:f3:d1:68:d6:
d1:5e:ff:e2:f0:9a:65:91:a4:d3:34:3e:00:f6:dc:ed:1a:66:
d8:86:8e:ef:d6:16:3b:d7:47:f6:95:2c:96:9e:8f:de:05:86:
15:c7:52:c1:ed:64:e3:45:a0:95:f0:9d:a0:3f:aa:d1:f1:78:
76:d5:2c:f2:37:7e:79:03:91:bc:9e:74:7c:87:fc:22:60:cc:
6a:88:47:c4:c5:55:e0:f7:11:6e:c2:a4:b8:69:36:91:6d:54:
f3:2d:52:ec:f0:f9:52:af:e5:2a:f8:df:81:11:dc:b6:7f:6e:
e9:39:99:f1:64:52:fb:88:84:22:27:7a:99:1e:98:3b:78:6c:
eb:c6:d3:68:35:09:87:94:ac:fe:0c:a0:54:35:3f:a0:f5:6b:
2f:a6:60:28:a2:89:41:99:56:f3:0c:8c:21:e7:b1:2c:a8:d9:
c4:ec:d5:9d:c4:54:61:f1:6c:b0:30:f3:8f:68:dc:f7:7e:ab:
e9:90:2e:3d:2a:44:0f:5a:df:36:24:46:70:94:8e:3d:49:08:
04:da:fa:6f:bc:25:a9:f5:77:c7:79:cd:ff:7c:63:19:32:d4:
1b:2c:ab:43
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzGStPgn8ylcdVOO3Fa5maBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2YzNTNiNmNjZjA0MzBmZWY0ZWQ2YThhYzQyOGJiODk0NjA2Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAMSEtLMrIACcWv6Fco+ajLUJXMa
DzYbX9sEaeScQdITpktHYE7J+qTOUAfq7KMYko9VQ7sL+YPlHWhFzeXWlKiR/I67
bXIWH2z/X0/vsx3RJHMNTKO4w9AFH5VE+/kLjOck8MdWH1HsNy6NQRc3e7GEyjEq
bIrRK9pmI65+PyTfKnmL+1gmR7gh5H7ucgYcMMOurOoqsYar3BdgU+e5TnsX1UuY
HRFZMw8qTNyG2x88QdzVpSGCU5IRSMoeTbdg8MS3NjX8L+DoJphcDHx5FCfEtlbx
kukxATwsQbOnZVdvsDRwyCQKgp0tGiUq5jZJvLFuJSkzCLcZtqhE1j5JrwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOzzU7bM8EMP707WqKxCi7iUYGzJMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvN1BOVHRzendRd192VHRhb3JFS0x1SlJnYk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwMAPpMDAwZO
wAMDAlJAAwMFUuADAwVYoAMEBdQbIAMEBtXkADANBAIAAjAHAwUGKgEOADANBgkq
hkiG9w0BAQsFAAOCAQEAjt/DB3ouHMIMUUUwmjbYn7gmE92IKS+QPhEJuiDhlCPz
0WjW0V7/4vCaZZGk0zQ+APbc7Rpm2IaO79YWO9dH9pUslp6P3gWGFcdSwe1k40Wg
lfCdoD+q0fF4dtUs8jd+eQORvJ50fIf8ImDMaohHxMVV4PcRbsKkuGk2kW1U8y1S
7PD5Uq/lKvjfgRHctn9u6TmZ8WRS+4iEIid6mR6YO3hs68bTaDUJh5Ss/gygVDU/
oPVrL6ZgKKKJQZlW8wyMIeexLKjZxOzVncRUYfFssDDzj2jc936r6ZAuPSpED1rf
NiRGcJSOPUkIBNr6b7wlqfV3x3nN/3xjGTLUGyyrQw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:14:37 2024 by rpki-client on console-ams.rpki-client.org