Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7J3obNT1sj4ezmRdqqN4pvgBbMo.roa
File: 7J3obNT1sj4ezmRdqqN4pvgBbMo.roa (raw, json)
Hash identifier: 8eUAW7a3cwhL3h7UC2cLsdGUMdka9NupbsSPqDA4ihs=
Subject key identifier: EC:9D:E8:6C:D4:F5:B2:3E:1E:CE:64:5D:AA:A3:78:A6:F8:01:6C:CA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019362D079A0C1F6AF2985DFCD78EB16EDA5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7J3obNT1sj4ezmRdqqN4pvgBbMo.roa
Signing time: Mon 25 Nov 2024 10:14:09 +0000
ROA not before: Mon 25 Nov 2024 10:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.157.208.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.226.181.0/24 maxlen: 24
185.250.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:d0:79:a0:c1:f6:af:29:85:df:cd:78:eb:16:ed:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 25 10:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec9de86cd4f5b23e1ece645daaa378a6f8016cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:9d:44:7f:38:7d:23:91:cf:cd:e9:01:2e:
49:b6:4b:9c:1c:23:5a:a7:d4:d5:92:46:64:6b:ee:
6c:6c:c4:13:dc:54:42:90:7d:b3:e4:b7:b0:03:0c:
49:28:d5:7d:a6:a2:d7:06:63:8d:e7:31:f8:f4:8b:
a9:11:61:d2:ca:04:71:2a:85:90:29:7f:1d:8e:40:
5c:34:47:6b:6a:c9:9f:fb:9d:7c:12:e2:ca:9c:ae:
86:59:32:63:66:8f:ab:f3:bd:04:eb:8c:1c:93:13:
e1:fe:f5:46:1a:de:15:94:1f:39:9a:00:e6:6f:87:
81:60:8e:6f:87:40:78:be:21:04:5a:ba:ca:24:d5:
a6:e9:c4:b8:a0:95:2c:eb:e0:76:79:a3:a9:cd:09:
8e:48:37:70:bf:37:e1:dc:b2:ef:05:7d:0a:18:73:
11:fc:12:73:ed:48:49:b9:61:4c:7e:f0:03:a0:b3:
3c:64:94:5b:fb:05:3d:dd:0d:bf:d6:73:57:25:14:
ac:7b:ee:9f:2d:b2:7d:80:8e:32:20:56:a2:08:75:
92:11:0a:6b:d6:25:a8:a4:2f:ba:d1:df:83:fe:52:
cf:27:c8:ba:ef:c5:71:d8:a2:d0:38:c4:6b:c3:ba:
49:c3:a7:94:bc:7d:eb:c9:47:d4:f5:b1:6e:44:ab:
3d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9D:E8:6C:D4:F5:B2:3E:1E:CE:64:5D:AA:A3:78:A6:F8:01:6C:CA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/7J3obNT1sj4ezmRdqqN4pvgBbMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.208.0/24
185.199.213.0/24
185.221.26.0/24
185.226.181.0/24
185.250.27.0/24
Signature Algorithm: sha256WithRSAEncryption
93:37:b8:34:46:48:66:14:f0:18:1c:2a:a9:a8:9f:05:80:8d:
3a:b7:e9:fc:0f:a6:4e:d2:82:c7:46:71:84:dd:5d:56:bc:f1:
4c:81:a5:06:c5:9b:0b:6d:3f:aa:a5:e7:2b:c8:f3:21:e6:4d:
a1:e2:34:fe:45:c0:94:c9:2c:15:83:45:61:f4:01:6c:d5:cc:
c5:b1:ea:ed:5f:c1:3a:ad:18:5b:a2:aa:2d:b9:db:17:ca:f6:
dc:fc:5a:0f:3f:21:92:40:9e:7a:25:ee:0d:07:93:d1:73:68:
6a:23:a4:f8:5f:69:4c:bd:8f:f6:ef:ac:2a:71:a2:e4:7b:4a:
0d:6b:48:b8:fb:44:3a:04:60:78:07:09:7c:cb:d2:14:ba:8b:
96:2d:20:11:57:79:80:f8:f1:56:e2:52:04:97:0d:79:c3:6b:
3e:bc:cb:0f:32:6c:8b:88:e5:fa:ad:d4:c9:e9:27:f6:41:82:
a4:3e:1e:d6:3c:c4:d9:f5:c2:06:cc:e7:6d:0d:07:56:d0:9c:
89:88:d2:2c:9a:63:d9:a5:a8:44:62:a5:a8:9c:a7:b3:c6:c9:
19:59:a2:32:7d:f6:f2:e5:f1:ef:94:35:81:b0:5f:e3:d3:34:
c1:db:19:8d:d3:a0:77:f7:a1:d0:cf:e4:4a:05:4e:9c:15:9e:
c6:a7:c4:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNi0HmgwfavKYXfzXjrFu2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMTI1MTAxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzlkZTg2Y2Q0ZjViMjNlMWVjZTY0NWRhYWEzNzhhNmY4MDE2Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN6dRH84fSORz83pAS5JtkucHCNa
p9TVkkZka+5sbMQT3FRCkH2z5LewAwxJKNV9pqLXBmON5zH49IupEWHSygRxKoWQ
KX8djkBcNEdrasmf+518EuLKnK6GWTJjZo+r870E64wckxPh/vVGGt4VlB85mgDm
b4eBYI5vh0B4viEEWrrKJNWm6cS4oJUs6+B2eaOpzQmOSDdwvzfh3LLvBX0KGHMR
/BJz7UhJuWFMfvADoLM8ZJRb+wU93Q2/1nNXJRSse+6fLbJ9gI4yIFaiCHWSEQpr
1iWopC+60d+D/lLPJ8i678Vx2KLQOMRrw7pJw6eUvH3ryUfU9bFuRKs9gwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOyd6GzU9bI+Hs5kXaqjeKb4AWzKMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvN0ozb2JOVDFzajRlem1SZHFxTjRwdmdCYk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZ3QAwQA
ucfVAwQAud0aAwQAueK1AwQAufobMA0GCSqGSIb3DQEBCwUAA4IBAQCTN7g0Rkhm
FPAYHCqpqJ8FgI06t+n8D6ZO0oLHRnGE3V1WvPFMgaUGxZsLbT+qpecryPMh5k2h
4jT+RcCUySwVg0Vh9AFs1czFsertX8E6rRhboqotudsXyvbc/FoPPyGSQJ56Je4N
B5PRc2hqI6T4X2lMvY/276wqcaLke0oNa0i4+0Q6BGB4Bwl8y9IUuouWLSARV3mA
+PFW4lIElw15w2s+vMsPMmyLiOX6rdTJ6Sf2QYKkPh7WPMTZ9cIGzOdtDQdW0JyJ
iNIsmmPZpahEYqWonKezxskZWaIyffby5fHvlDWBsF/j0zTB2xmN06B396HQz+RK
BU6cFZ7Gp8QQ
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:15 2024 by rpki-client on console-fra.rpki-client.org