Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/7WOM9Bfylkzn-4-_DERENzjPcxw.roa
File: 7WOM9Bfylkzn-4-_DERENzjPcxw.roa (raw, json)
Hash identifier: z6/ZlI/W0BrpXJdrBEyeQGf1IrmAq79cxMAOG2mZOT4=
Subject key identifier: ED:63:8C:F4:17:F2:96:4C:E7:FB:8F:BF:0C:44:44:37:38:CF:73:1C
Certificate issuer: /CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Certificate serial: 018CC94E27E6B62D41920301132FA3E5B0B9
Authority key identifier: 8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/7WOM9Bfylkzn-4-_DERENzjPcxw.roa
Signing time: Tue 02 Jan 2024 08:33:11 +0000
ROA not before: Tue 02 Jan 2024 08:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35729
IP address blocks: 87.252.126.0/23 maxlen: 24
87.252.96.0/21 maxlen: 24
87.252.104.0/23 maxlen: 24
2a01:4600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:27:e6:b6:2d:41:92:03:01:13:2f:a3:e5:b0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Validity
Not Before: Jan 2 08:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed638cf417f2964ce7fb8fbf0c44443738cf731c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:9c:cf:24:39:59:62:76:b4:2e:90:0e:8c:
cb:86:7b:e8:9a:c9:b4:5c:84:20:52:23:75:0b:15:
75:98:e9:6e:3b:7c:12:87:29:ff:7f:a1:3a:8a:ad:
ce:9d:89:28:90:a6:9f:2b:e7:53:3f:c9:52:91:45:
24:ce:51:07:d9:fe:eb:ac:17:32:a0:64:1f:67:0b:
d4:51:d9:82:3f:84:f9:bb:a4:be:8f:dd:6c:1d:dd:
3f:1e:46:a1:f7:f6:b0:c8:f0:8b:6f:ab:2d:cf:32:
c7:28:61:d0:8b:b9:13:0d:a2:5e:20:41:8b:4e:c2:
25:12:41:8f:02:e6:b6:9f:b8:cd:5b:ce:ff:c6:58:
7b:49:cb:4a:48:26:55:c9:92:da:df:03:80:62:5f:
2f:6c:ff:5d:1d:c7:84:cf:21:5a:ab:81:41:c4:e5:
56:30:a3:b9:90:c8:32:bb:d4:ca:0b:22:37:80:ba:
09:83:99:9a:41:b1:7b:97:41:84:55:ad:d6:0b:28:
3d:47:54:14:d3:b1:84:cc:10:3e:3f:f2:3e:8c:92:
9a:ed:85:1b:4e:7c:77:b0:de:68:ae:fc:9e:be:fa:
bf:9c:5f:ef:3f:d0:f5:f4:55:ec:b7:a3:b5:77:23:
bc:0f:94:9b:79:0e:db:50:a4:57:e7:e7:e9:d3:14:
f6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:63:8C:F4:17:F2:96:4C:E7:FB:8F:BF:0C:44:44:37:38:CF:73:1C
X509v3 Authority Key Identifier:
keyid:8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/7WOM9Bfylkzn-4-_DERENzjPcxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.96.0-87.252.105.255
87.252.126.0/23
IPv6:
2a01:4600::/32
Signature Algorithm: sha256WithRSAEncryption
47:64:4b:f1:6f:18:9e:0b:5f:fa:ac:38:46:94:22:d5:71:d0:
55:cc:71:a1:b5:f1:6c:34:5d:65:b1:b7:be:c4:5b:44:2d:7e:
d2:02:f1:e2:83:2e:27:29:56:67:49:6e:2f:3c:ca:0f:93:61:
3b:61:11:71:7e:4e:28:74:d6:75:7f:28:f0:5d:eb:8b:af:38:
91:38:e8:7e:f0:7b:43:87:65:70:72:ad:d9:48:01:ad:46:1b:
74:56:8d:67:d3:84:ca:80:56:97:32:1e:49:bd:c9:3b:22:1a:
ef:35:4c:40:76:fa:cb:b2:bb:93:11:d4:6b:e1:1e:7e:df:7b:
90:16:45:19:b9:88:0f:67:0f:e0:e8:d9:42:bb:4e:0c:dd:4a:
95:6a:fa:56:a3:64:52:e5:dd:9b:9e:94:f3:7c:44:6a:02:e7:
e6:e0:52:d9:1f:ed:5f:11:d2:6e:5a:74:16:8d:04:81:3a:60:
c8:bd:3e:79:1a:90:a1:82:69:9c:5b:57:b3:99:d6:90:55:7b:
74:fa:55:0e:52:94:3b:a8:36:7a:51:44:cd:fd:a5:38:ea:4d:
e8:90:52:4e:66:1f:9d:d6:6b:ec:d2:2c:c4:53:90:94:d1:d1:
07:90:41:54:99:48:91:2b:7d:84:9b:d6:4e:22:4e:7b:c4:d1:
2a:96:57:5e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJTifmti1BkgMBEy+j5bC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZWYxNjM4ZDA5MTFiYTk4ODY0ZTk3OWM4NDI2YmE0ZjQx
YTI3MmUwHhcNMjQwMTAyMDgzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDYzOGNmNDE3ZjI5NjRjZTdmYjhmYmYwYzQ0NDQzNzM4Y2Y3MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7eczyQ5WWJ2tC6QDozLhnvomsm0
XIQgUiN1CxV1mOluO3wShyn/f6E6iq3OnYkokKafK+dTP8lSkUUkzlEH2f7rrBcy
oGQfZwvUUdmCP4T5u6S+j91sHd0/Hkah9/awyPCLb6stzzLHKGHQi7kTDaJeIEGL
TsIlEkGPAua2n7jNW87/xlh7SctKSCZVyZLa3wOAYl8vbP9dHceEzyFaq4FBxOVW
MKO5kMgyu9TKCyI3gLoJg5maQbF7l0GEVa3WCyg9R1QU07GEzBA+P/I+jJKa7YUb
Tnx3sN5orvyevvq/nF/vP9D19FXst6O1dyO8D5SbeQ7bUKRX5+fp0xT2iQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO1jjPQX8pZM5/uPvwxERDc4z3McMB8GA1UdIwQY
MBaAFIrvFjjQkRupiGTpechCa6T0GicuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDIt
OTRmOTdiM2EyY2UyLzEvN1dPTTlCZnlsa3puLTQtX0RFUkVOempQY3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDItOTRmOTdiM2EyY2Uy
LzEvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAVX/GAD
BAFX/GgDBAFX/H4wDQQCAAIwBwMFACoBRgAwDQYJKoZIhvcNAQELBQADggEBAEdk
S/FvGJ4LX/qsOEaUItVx0FXMcaG18Ww0XWWxt77EW0QtftIC8eKDLicpVmdJbi88
yg+TYTthEXF+Tih01nV/KPBd64uvOJE46H7we0OHZXByrdlIAa1GG3RWjWfThMqA
VpcyHkm9yTsiGu81TEB2+suyu5MR1GvhHn7fe5AWRRm5iA9nD+Do2UK7TgzdSpVq
+lajZFLl3ZuelPN8RGoC5+bgUtkf7V8R0m5adBaNBIE6YMi9PnkakKGCaZxbV7OZ
1pBVe3T6VQ5SlDuoNnpRRM39pTjqTeiQUk5mH53Wa+zSLMRTkJTR0QeQQVSZSJEr
fYSb1k4iTnvE0SqWV14=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:05 2024 by rpki-client on console-fra.rpki-client.org