Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/n7EbXX9By3q1NEoSUnI7lQZOXK8.roa
File: n7EbXX9By3q1NEoSUnI7lQZOXK8.roa (raw, json)
Hash identifier: HUK/zmpilWg7c8ah3WabDZJyPmhnynLMqxe5rIZu7vk=
Subject key identifier: 9F:B1:1B:5D:7F:41:CB:7A:B5:34:4A:12:52:72:3B:95:06:4E:5C:AF
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC79451AD0DCF74659D79A8EE0F547014
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/n7EbXX9By3q1NEoSUnI7lQZOXK8.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 78.39.47.0/24 maxlen: 24
2.189.242.0/23 maxlen: 23
2.189.242.0/24 maxlen: 24
2.189.243.0/24 maxlen: 24
2.189.254.0/23 maxlen: 23
2.189.254.0/24 maxlen: 24
2.189.255.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:51:ad:0d:cf:74:65:9d:79:a8:ee:0f:54:70:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fb11b5d7f41cb7ab5344a1252723b95064e5caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a2:86:3c:7c:ae:b2:5c:28:6b:74:b2:d3:1f:
ee:48:4b:9b:4d:22:6b:65:6c:73:2a:2c:35:5f:bd:
51:d3:d2:81:5c:3a:ab:b5:ae:89:53:0d:29:83:01:
d5:be:3c:26:1b:4c:b8:11:b7:0b:c9:8e:58:a5:e6:
79:27:0f:2b:ab:ce:d1:e7:ee:eb:28:36:bf:21:7f:
3e:57:fc:59:69:5e:26:bf:78:52:06:e0:3e:c5:e9:
27:56:eb:61:41:dc:6e:8a:90:37:cb:09:b1:af:0d:
86:42:e1:6b:f5:b4:4c:eb:7d:4e:86:a4:76:7d:ab:
b2:9e:c9:a4:a6:ca:6e:73:ca:e5:d3:72:f9:2b:6e:
fc:fe:ae:48:c6:ad:64:68:12:75:24:2a:aa:7a:15:
3b:f6:c6:b3:0a:a6:5f:d8:f2:d1:0d:c5:48:df:a8:
b9:24:25:1f:00:6a:9f:ae:bd:55:6f:19:12:39:0b:
55:47:2e:01:0c:03:33:9a:56:bd:95:67:2d:7c:26:
f9:13:6b:8f:22:b5:a9:92:8d:1f:da:65:81:78:0b:
db:e0:27:e8:68:7c:5a:cf:37:47:14:ce:4e:ce:34:
4d:9a:f7:3f:d8:53:87:1b:fa:0a:16:a6:70:ab:ca:
be:2e:8b:58:c4:20:b3:16:fd:68:1a:b4:30:99:c7:
3e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B1:1B:5D:7F:41:CB:7A:B5:34:4A:12:52:72:3B:95:06:4E:5C:AF
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/n7EbXX9By3q1NEoSUnI7lQZOXK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.58.0/24
2.189.242.0/23
2.189.254.0/23
78.39.47.0/24
Signature Algorithm: sha256WithRSAEncryption
35:97:0c:5a:4d:95:09:b5:f3:06:01:0b:65:3c:d5:d2:03:cf:
fe:5f:bd:36:02:0e:9f:9d:71:e3:b2:49:37:65:3f:b4:10:d5:
4e:e7:b0:19:8c:f7:66:4f:96:4f:63:5f:5a:a3:10:cf:51:29:
42:2d:85:2f:22:da:03:10:cc:28:01:0c:61:e0:5f:7c:d6:8b:
fd:81:52:b1:0a:2f:6b:7d:71:11:e8:8b:d1:7b:7d:c5:40:62:
f5:1c:64:43:c0:56:87:4d:69:2f:6e:27:a6:44:3b:9f:94:03:
df:73:7d:7b:08:07:f8:e0:ea:51:1f:e8:5e:97:32:8b:e6:8a:
01:27:35:b9:09:92:bc:c9:aa:e2:6f:b3:ce:d4:40:98:70:d7:
fb:0b:68:2a:ae:99:b8:a2:e4:68:fe:9d:39:9e:5c:81:2c:a2:
92:ef:e9:fa:3c:63:9b:bd:82:2b:5d:89:19:de:8d:2f:cb:66:
c7:f3:11:bf:da:c9:7a:44:6e:c9:ba:eb:8b:76:f9:c2:e4:3c:
86:82:b1:87:fe:57:9d:bc:49:da:71:fe:bc:e5:3c:41:da:a2:
10:37:7b:45:99:b5:14:40:7e:2a:35:55:98:3b:c4:9c:07:c8:
6c:48:2d:49:ec:ba:7f:3a:69:cd:85:ca:71:74:24:90:91:6f:
e6:e3:be:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlFGtDc90ZZ15qO4PVHAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIxMWI1ZDdmNDFjYjdhYjUzNDRhMTI1MjcyM2I5NTA2NGU1Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaKGPHyuslwoa3Sy0x/uSEubTSJr
ZWxzKiw1X71R09KBXDqrta6JUw0pgwHVvjwmG0y4EbcLyY5YpeZ5Jw8rq87R5+7r
KDa/IX8+V/xZaV4mv3hSBuA+xeknVuthQdxuipA3ywmxrw2GQuFr9bRM631OhqR2
fauynsmkpspuc8rl03L5K278/q5Ixq1kaBJ1JCqqehU79sazCqZf2PLRDcVI36i5
JCUfAGqfrr1VbxkSOQtVRy4BDAMzmla9lWctfCb5E2uPIrWpko0f2mWBeAvb4Cfo
aHxazzdHFM5OzjRNmvc/2FOHG/oKFqZwq8q+LotYxCCzFv1oGrQwmcc+DQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ+xG11/Qct6tTRKElJyO5UGTlyvMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvbjdFYlhYOUJ5M3ExTkVvU1VuSTdsUVpPWEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAr06AwQB
Ar3yAwQBAr3+AwQATicvMA0GCSqGSIb3DQEBCwUAA4IBAQA1lwxaTZUJtfMGAQtl
PNXSA8/+X702Ag6fnXHjskk3ZT+0ENVO57AZjPdmT5ZPY19aoxDPUSlCLYUvItoD
EMwoAQxh4F981ov9gVKxCi9rfXER6IvRe33FQGL1HGRDwFaHTWkvbiemRDuflAPf
c317CAf44OpRH+helzKL5ooBJzW5CZK8yarib7PO1ECYcNf7C2gqrpm4ouRo/p05
nlyBLKKS7+n6PGObvYIrXYkZ3o0vy2bH8xG/2sl6RG7JuuuLdvnC5DyGgrGH/led
vEnacf685TxB2qIQN3tFmbUUQH4qNVWYO8ScB8hsSC1J7Lp/OmnNhcpxdCSQkW/m
474i
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:48:04 2024 by rpki-client on console-ams.rpki-client.org