Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7KcXkGAxrngfn8g2AOlb7MqrD-k.roa
File: 7KcXkGAxrngfn8g2AOlb7MqrD-k.roa (raw, json)
Hash identifier: 4FgRdL7mmRY+/fHRg3eBnImSwWxHytDitaQ5telDG4s=
Subject key identifier: EC:A7:17:90:60:31:AE:78:1F:9F:C8:36:00:E9:5B:EC:CA:AB:0F:E9
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 018DAA4EB6ECDFF7E81E18B7379A03486207
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7KcXkGAxrngfn8g2AOlb7MqrD-k.roa
Signing time: Thu 15 Feb 2024 01:08:21 +0000
ROA not before: Thu 15 Feb 2024 01:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42425
IP address blocks: 2.59.6.0/24 maxlen: 24
94.125.232.0/21 maxlen: 24
94.125.234.0/24 maxlen: 24
94.125.235.0/24 maxlen: 24
94.125.236.0/24 maxlen: 24
94.125.237.0/24 maxlen: 24
94.125.238.0/24 maxlen: 24
94.125.239.0/24 maxlen: 24
178.255.184.0/21 maxlen: 21
178.255.184.0/24 maxlen: 24
178.255.185.0/24 maxlen: 24
178.255.186.0/24 maxlen: 24
178.255.187.0/24 maxlen: 24
178.255.188.0/24 maxlen: 24
178.255.189.0/24 maxlen: 24
178.255.190.0/24 maxlen: 24
178.255.191.0/24 maxlen: 24
185.28.80.0/22 maxlen: 22
185.28.80.0/24 maxlen: 24
185.28.81.0/24 maxlen: 24
185.28.82.0/24 maxlen: 24
185.28.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:aa:4e:b6:ec:df:f7:e8:1e:18:b7:37:9a:03:48:62:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Feb 15 01:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eca717906031ae781f9fc83600e95beccaab0fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:31:ac:74:f4:b7:e4:ee:14:9e:7c:1b:9c:
2e:84:41:93:ff:d5:73:70:27:bc:1b:6f:fd:2d:ad:
5a:8b:54:41:7a:c9:61:e9:c6:1f:0d:b0:80:9a:4c:
50:01:af:d5:8b:73:50:23:fa:b9:fa:d8:a8:8c:5c:
00:17:8b:35:5d:73:b7:af:71:19:fb:fa:33:a7:40:
d8:6a:0d:f2:da:08:e6:cb:ba:11:c8:e5:e0:7b:07:
83:a5:d4:05:86:68:97:b3:fe:a3:ce:3d:ae:32:93:
e8:12:2e:65:05:31:4d:92:a6:5d:e9:a8:ce:17:7f:
53:14:ae:5a:d5:59:7f:6e:c5:fc:ce:1a:da:69:d9:
cd:c1:52:eb:57:57:57:6b:4d:a6:78:da:3d:60:31:
12:9d:4d:c3:4b:5b:f8:51:51:8f:cf:3c:43:0a:14:
92:4e:15:18:82:66:ab:56:e9:c6:6c:04:70:24:d2:
12:8c:e7:71:4b:e1:45:c7:3b:5e:0b:69:b5:b5:c1:
8c:8c:4d:f3:9c:7b:7d:f4:01:d6:62:40:0b:33:43:
e0:c6:34:0e:76:0c:64:83:9b:00:e2:2a:0a:8c:ad:
01:98:7c:65:48:87:f0:40:7c:f5:70:15:15:c8:23:
c1:c1:64:04:af:68:c7:a5:35:ff:f0:f7:51:b0:f7:
96:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A7:17:90:60:31:AE:78:1F:9F:C8:36:00:E9:5B:EC:CA:AB:0F:E9
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7KcXkGAxrngfn8g2AOlb7MqrD-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.6.0/24
94.125.232.0/21
178.255.184.0/21
185.28.80.0/22
Signature Algorithm: sha256WithRSAEncryption
55:93:3b:96:c0:af:80:1f:27:05:ff:80:53:a2:65:f6:36:49:
95:4f:51:db:25:38:91:4c:05:d0:49:ad:73:43:94:9e:1e:8c:
ec:a0:e9:4a:d4:a8:86:16:79:21:b9:2c:fc:e0:08:81:8f:9f:
99:8a:c7:ca:93:76:49:2c:e7:6b:a0:f9:2d:79:e8:8e:09:07:
0c:85:ae:ad:30:cd:18:61:70:10:94:db:af:e5:84:2d:38:7d:
fb:99:67:6f:38:84:ae:c2:b9:5a:ae:c0:fa:1a:ea:3b:cd:6a:
71:f4:04:f1:9c:a8:8a:61:b4:81:19:74:12:6e:70:1b:12:6e:
44:e8:01:a9:a4:f8:a5:1c:84:11:f3:ef:25:03:0f:03:3e:5c:
fa:8b:1d:9f:53:9a:9f:f1:fc:cf:8a:85:82:22:0e:bb:b1:e0:
87:e2:e0:da:74:a1:75:6d:4d:d7:3e:22:a4:8b:f8:cd:f9:c7:
b7:16:ba:02:b6:a3:f8:2d:15:2d:b3:2e:02:8a:43:fd:f7:a9:
4e:c8:6f:7d:c6:ce:0f:d7:17:e9:c8:0e:f3:a7:d3:54:1f:01:
7a:c7:54:db:13:3f:e5:e7:df:e2:32:7f:8c:1a:60:36:67:6a:
2d:f8:61:96:fb:65:77:2e:ff:7d:40:b2:82:1f:3e:48:f8:6d:
4d:29:30:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2qTrbs3/foHhi3N5oDSGIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjQwMjE1MDEwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E3MTc5MDYwMzFhZTc4MWY5ZmM4MzYwMGU5NWJlY2NhYWIwZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDkxrHT0t+TuFJ58G5wuhEGT/9Vz
cCe8G2/9La1ai1RBeslh6cYfDbCAmkxQAa/Vi3NQI/q5+tiojFwAF4s1XXO3r3EZ
+/ozp0DYag3y2gjmy7oRyOXgeweDpdQFhmiXs/6jzj2uMpPoEi5lBTFNkqZd6ajO
F39TFK5a1Vl/bsX8zhraadnNwVLrV1dXa02meNo9YDESnU3DS1v4UVGPzzxDChSS
ThUYgmarVunGbARwJNISjOdxS+FFxzteC2m1tcGMjE3znHt99AHWYkALM0PgxjQO
dgxkg5sA4ioKjK0BmHxlSIfwQHz1cBUVyCPBwWQEr2jHpTX/8PdRsPeWAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOynF5BgMa54H5/INgDpW+zKqw/pMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvN0tjWGtHQXhybmdmbjhnMkFPbGI3TXFyRC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjsGAwQD
Xn3oAwQDsv+4AwQCuRxQMA0GCSqGSIb3DQEBCwUAA4IBAQBVkzuWwK+AHycF/4BT
omX2NkmVT1HbJTiRTAXQSa1zQ5SeHozsoOlK1KiGFnkhuSz84AiBj5+ZisfKk3ZJ
LOdroPkteeiOCQcMha6tMM0YYXAQlNuv5YQtOH37mWdvOISuwrlarsD6Guo7zWpx
9ATxnKiKYbSBGXQSbnAbEm5E6AGppPilHIQR8+8lAw8DPlz6ix2fU5qf8fzPioWC
Ig67seCH4uDadKF1bU3XPiKki/jN+ce3FroCtqP4LRUtsy4CikP996lOyG99xs4P
1xfpyA7zp9NUHwF6x1TbEz/l59/iMn+MGmA2Z2ot+GGW+2V3Lv99QLKCHz5I+G1N
KTAi
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:45:15 2024 by rpki-client on console-ams.rpki-client.org