Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/7n7khlCd0Fe377a_7BFAy-ElhPg.roa
File: 7n7khlCd0Fe377a_7BFAy-ElhPg.roa (raw, json)
Hash identifier: pojtKwUIeC4IcA2byTJdImkBFiuADn2EJMeYIINz6OE=
Subject key identifier: EE:7E:E4:86:50:9D:D0:57:B7:EF:B6:BF:EC:11:40:CB:E1:25:84:F8
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D43E5992D254B506E02955FBEB35
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/7n7khlCd0Fe377a_7BFAy-ElhPg.roa
Signing time: Mon 01 Jan 2024 06:29:48 +0000
ROA not before: Mon 01 Jan 2024 06:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207710
IP address blocks: 178.171.48.0/23 maxlen: 23
178.171.50.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.104.0/24 maxlen: 24
178.171.0.0/20 maxlen: 20
178.171.119.0/24 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d4:3e:59:92:d2:54:b5:06:e0:29:55:fb:eb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee7ee486509dd057b7efb6bfec1140cbe12584f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:64:1a:b0:89:ed:87:b6:8d:3e:d3:07:79:
0b:8f:a5:81:b9:17:95:d3:f0:00:5e:d0:ed:ee:36:
85:12:65:ea:c1:f3:99:82:67:fc:0e:40:ea:00:d3:
00:79:30:e6:c6:7e:5a:2d:2a:0f:19:9d:b5:aa:60:
04:ab:99:1f:42:71:d7:53:1e:dd:5b:79:29:0e:ad:
74:e3:35:31:af:23:d9:85:b6:fb:8e:4f:ff:29:c4:
16:32:0e:70:38:0e:92:67:a2:f2:6b:4b:17:b3:3d:
b9:41:e0:d1:7c:5c:57:77:01:78:5b:42:6a:b8:08:
17:61:50:36:ff:75:0f:17:d7:40:0f:93:06:d3:07:
35:d2:70:29:6f:44:52:09:7c:b7:be:d5:fa:79:da:
89:2c:30:a0:fb:81:4a:1f:20:95:c5:d6:c0:ee:b7:
bd:ca:e9:43:97:fa:9c:ad:74:bc:8b:3e:02:8f:1f:
4a:10:bb:ae:8d:a4:61:0b:63:a1:20:23:30:b3:aa:
dc:af:7d:ec:de:1d:2e:62:4b:bb:87:d0:7e:3a:16:
8f:80:67:47:e5:6d:9f:28:96:86:16:d1:fc:10:23:
b5:b1:bd:c7:70:13:6b:3c:36:76:3a:ed:cc:6c:42:
28:e5:71:10:99:66:21:d4:1a:ef:81:9c:28:32:a9:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7E:E4:86:50:9D:D0:57:B7:EF:B6:BF:EC:11:40:CB:E1:25:84:F8
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/7n7khlCd0Fe377a_7BFAy-ElhPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/22
158.46.196.0/22
178.171.0.0/20
178.171.20.0/22
178.171.32.0/22
178.171.48.0/22
178.171.60.0/22
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
55:30:af:5b:33:5a:c4:d1:92:8b:04:46:aa:9c:7f:1c:3d:c8:
fa:24:2e:8e:55:b4:04:9b:5d:f5:17:18:0a:cf:34:7d:79:68:
3f:8c:f0:3f:b2:e4:c3:b9:49:ac:8f:42:ca:a5:aa:da:a8:b2:
73:c4:7b:75:80:32:9b:ef:3b:34:55:7d:6c:62:d5:39:83:89:
af:03:78:5e:a0:d3:f2:b3:75:e8:3b:cb:f7:12:a4:e9:8b:8b:
a2:10:32:94:65:c9:55:73:ff:40:a4:e7:60:f4:39:a1:3f:97:
77:4a:e8:72:7e:dc:84:88:77:0c:5f:38:b6:3e:5f:92:59:3e:
d1:b3:8a:e1:31:66:30:d0:1b:03:ac:97:ac:f4:4f:25:e7:27:
28:1d:19:00:ac:47:5d:18:60:9d:f0:39:a6:c1:ac:d6:87:90:
03:e2:dc:33:94:1a:ea:06:7a:08:76:09:01:06:89:a1:60:71:
94:75:b2:15:c9:9b:08:9d:b6:27:7f:65:ea:b4:9b:7a:08:db:
f9:f8:6b:f6:01:fe:de:6e:eb:9d:7d:08:70:34:1c:16:04:79:
dd:42:04:f0:28:5c:6c:74:16:5b:cd:b6:5c:a7:06:c8:a3:1f:
3c:5b:eb:38:81:32:e6:42:fe:7e:d0:a9:54:95:30:8e:1a:cb:
0b:22:72:94
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzDttQ+WZLSVLUG4ClV++s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTdlZTQ4NjUwOWRkMDU3YjdlZmI2YmZlYzExNDBjYmUxMjU4NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZBkGrCJ7Ye2jT7TB3kLj6WBuReV
0/AAXtDt7jaFEmXqwfOZgmf8DkDqANMAeTDmxn5aLSoPGZ21qmAEq5kfQnHXUx7d
W3kpDq104zUxryPZhbb7jk//KcQWMg5wOA6SZ6Lya0sXsz25QeDRfFxXdwF4W0Jq
uAgXYVA2/3UPF9dAD5MG0wc10nApb0RSCXy3vtX6edqJLDCg+4FKHyCVxdbA7re9
yulDl/qcrXS8iz4Cjx9KELuujaRhC2OhICMws6rcr33s3h0uYku7h9B+OhaPgGdH
5W2fKJaGFtH8ECO1sb3HcBNrPDZ2Ou3MbEIo5XEQmWYh1BrvgZwoMql2MwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFO5+5IZQndBXt++2v+wRQMvhJYT4MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvN243a2hsQ2QwRmUzNzdhXzdCRkF5LUVsaFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCni68AwQC
ni7EAwQEsqsAAwQCsqsUAwQCsqsgAwQCsqswAwQCsqs8AwQAsqtoAwQAsqt3MA0G
CSqGSIb3DQEBCwUAA4IBAQBVMK9bM1rE0ZKLBEaqnH8cPcj6JC6OVbQEm131FxgK
zzR9eWg/jPA/suTDuUmsj0LKparaqLJzxHt1gDKb7zs0VX1sYtU5g4mvA3heoNPy
s3XoO8v3EqTpi4uiEDKUZclVc/9ApOdg9DmhP5d3SuhyftyEiHcMXzi2Pl+SWT7R
s4rhMWYw0BsDrJes9E8l5ycoHRkArEddGGCd8DmmwazWh5AD4twzlBrqBnoIdgkB
BomhYHGUdbIVyZsInbYnf2XqtJt6CNv5+Gv2Af7ebuudfQhwNBwWBHndQgTwKFxs
dBZbzbZcpwbIox88W+s4gTLmQv5+0KlUlTCOGssLInKU
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:44:26 2024 by rpki-client on console-ams.rpki-client.org