Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/7O5jQHghzXyVtUiFNbwts_9_pLY.roa
File: 7O5jQHghzXyVtUiFNbwts_9_pLY.roa (raw, json)
Hash identifier: G1JkQ3Zg01+feH0cFaFtB0Bht4FTbljuzsVm1m6rDUw=
Subject key identifier: EC:EE:63:40:78:21:CD:7C:95:B5:48:85:35:BC:2D:B3:FF:7F:A4:B6
Certificate issuer: /CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Certificate serial: 018CC64A9AD2E467E75F8851FA7717AE2DB2
Authority key identifier: 37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/7O5jQHghzXyVtUiFNbwts_9_pLY.roa
Signing time: Mon 01 Jan 2024 18:30:27 +0000
ROA not before: Mon 01 Jan 2024 18:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201510
IP address blocks: 185.73.92.0/24 maxlen: 24
185.73.94.0/24 maxlen: 24
185.73.93.0/24 maxlen: 24
2a03:41e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:9a:d2:e4:67:e7:5f:88:51:fa:77:17:ae:2d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Validity
Not Before: Jan 1 18:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecee63407821cd7c95b5488535bc2db3ff7fa4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a6:f4:fb:61:b6:54:8e:34:f5:51:84:39:eb:
4d:ff:b5:32:ab:f5:24:75:a9:8c:cb:63:aa:60:82:
5b:86:2e:a4:91:4d:bd:7f:1c:3d:b3:ea:08:80:af:
01:7f:99:10:20:33:73:85:66:ba:d2:41:dc:95:0d:
86:4e:62:76:1a:f7:01:13:75:a2:46:7a:15:71:85:
b0:c1:57:f8:26:da:47:0f:3b:27:4b:87:e1:41:43:
ff:37:8a:1a:92:9f:ee:24:dd:92:88:a2:07:6d:f1:
d5:d0:a0:53:92:f3:c6:cf:11:f5:3c:34:94:61:67:
30:d4:e1:bd:b5:34:c8:7c:af:1a:c4:58:23:77:0b:
e4:c4:cd:03:0b:75:4d:28:b8:2a:62:b1:03:49:7a:
10:fa:2a:ac:87:45:5c:94:e2:41:8d:f3:bd:29:3b:
e1:32:1b:96:31:80:52:fc:0c:36:1c:45:fb:63:02:
82:f9:33:57:dd:9f:fb:0c:9b:61:f2:de:7d:30:33:
21:5d:33:59:a1:26:66:35:f0:76:f3:41:64:01:77:
dc:45:ba:f6:bb:f8:c9:3f:c8:eb:2a:1f:81:51:e5:
4c:47:74:c0:15:c1:f5:73:11:ee:f7:53:53:47:36:
6c:b9:3b:e0:dd:f2:f0:38:66:1e:c9:a5:90:a1:33:
cb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:EE:63:40:78:21:CD:7C:95:B5:48:85:35:BC:2D:B3:FF:7F:A4:B6
X509v3 Authority Key Identifier:
keyid:37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/7O5jQHghzXyVtUiFNbwts_9_pLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.92.0-185.73.94.255
IPv6:
2a03:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:50:33:97:34:ce:97:38:9c:78:a0:47:21:7c:25:3f:26:dd:
6b:52:4e:44:e6:74:27:b9:1a:cb:a2:34:b6:89:38:de:f5:66:
75:84:3a:66:1f:c5:90:44:7b:d7:7e:a8:12:5b:5f:4a:30:98:
0a:ed:a8:85:46:45:0a:bd:bf:51:26:00:9e:f7:b1:5c:73:c5:
dc:71:63:e4:22:c7:81:69:25:15:4d:c1:96:a6:df:13:71:a4:
12:e3:67:dd:05:37:bb:a9:ce:4f:55:be:22:9d:41:07:3e:c1:
04:93:1c:b3:8b:a7:da:e6:1d:ba:b6:1a:aa:07:a1:bf:d0:da:
ae:3e:c1:91:10:59:ba:84:13:98:81:3b:53:63:a9:29:bc:01:
ea:72:0a:6e:42:60:dd:26:17:30:5d:be:1e:49:c2:4c:26:39:
c5:d1:ce:ae:1c:6c:3c:f3:6a:b2:da:7e:75:99:4c:72:20:15:
9f:94:e6:9e:c8:f7:08:65:c3:8c:d7:67:e0:47:c8:14:9c:ab:
99:be:56:47:46:d9:56:96:2f:fb:9d:f1:93:2f:d2:26:22:c8:
2d:e3:85:9d:e8:a2:85:8c:7a:86:b8:c5:9d:6e:5f:9a:4a:4c:
0b:9e:18:32:80:f5:16:29:8e:ca:0d:b6:5f:64:be:b5:08:ac:
c8:9c:68:eb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSprS5GfnX4hR+ncXri2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGMyNjE3YTM3MmU0NjZlOThkNDI1MzJkZDBiZDhlNWNk
ZDk5M2QwHhcNMjQwMTAxMTgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2VlNjM0MDc4MjFjZDdjOTViNTQ4ODUzNWJjMmRiM2ZmN2ZhNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgab0+2G2VI409VGEOetN/7Uyq/Uk
damMy2OqYIJbhi6kkU29fxw9s+oIgK8Bf5kQIDNzhWa60kHclQ2GTmJ2GvcBE3Wi
RnoVcYWwwVf4JtpHDzsnS4fhQUP/N4oakp/uJN2SiKIHbfHV0KBTkvPGzxH1PDSU
YWcw1OG9tTTIfK8axFgjdwvkxM0DC3VNKLgqYrEDSXoQ+iqsh0VclOJBjfO9KTvh
MhuWMYBS/Aw2HEX7YwKC+TNX3Z/7DJth8t59MDMhXTNZoSZmNfB280FkAXfcRbr2
u/jJP8jrKh+BUeVMR3TAFcH1cxHu91NTRzZsuTvg3fLwOGYeyaWQoTPLEQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOzuY0B4Ic18lbVIhTW8LbP/f6S2MB8GA1UdIwQY
MBaAFDdMJhejcuRm6Y1CUy3QvY5c3Zk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQt
YjhkYWQ2ZTVjM2JmLzEvN081alFIZ2h6WHlWdFVpRk5id3RzXzlfcExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQtYjhkYWQ2ZTVjM2Jm
LzEvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5SVwD
BAC5SV4wDQQCAAIwBwMFACoDQeAwDQYJKoZIhvcNAQELBQADggEBAD1QM5c0zpc4
nHigRyF8JT8m3WtSTkTmdCe5GsuiNLaJON71ZnWEOmYfxZBEe9d+qBJbX0owmArt
qIVGRQq9v1EmAJ73sVxzxdxxY+Qix4FpJRVNwZam3xNxpBLjZ90FN7upzk9VviKd
QQc+wQSTHLOLp9rmHbq2GqoHob/Q2q4+wZEQWbqEE5iBO1NjqSm8AepyCm5CYN0m
FzBdvh5JwkwmOcXRzq4cbDzzarLafnWZTHIgFZ+U5p7I9whlw4zXZ+BHyBScq5m+
VkdG2VaWL/ud8ZMv0iYiyC3jhZ3oooWMeoa4xZ1uX5pKTAueGDKA9RYpjsoNtl9k
vrUIrMicaOs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:34:37 2024 by rpki-client on console-ams.rpki-client.org