Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kLRb0zkEwrTq-PPj8F4KkB7RwOQ.roa
File: kLRb0zkEwrTq-PPj8F4KkB7RwOQ.roa (raw, json)
Hash identifier: E3mpbWwFjVHB55yoLqaPtUsNP4r65fUhOokk9xwq5+s=
Subject key identifier: 90:B4:5B:D3:39:04:C2:B4:EA:F8:F3:E3:F0:5E:0A:90:1E:D1:C0:E4
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9A960B03A4EC90E3B02D7D5B44C450E
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kLRb0zkEwrTq-PPj8F4KkB7RwOQ.roa
Signing time: Mon 08 Jan 2024 15:20:40 +0000
ROA not before: Mon 08 Jan 2024 15:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43359
IP address blocks: 87.229.68.0/24 maxlen: 24
87.229.76.0/24 maxlen: 24
79.172.239.0/24 maxlen: 24
79.172.252.0/24 maxlen: 24
178.238.208.0/24 maxlen: 24
178.238.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:a9:60:b0:3a:4e:c9:0e:3b:02:d7:d5:b4:4c:45:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90b45bd33904c2b4eaf8f3e3f05e0a901ed1c0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f6:5b:ef:40:91:ba:ee:32:34:ed:dc:36:55:
12:da:8b:f9:91:e6:03:a1:76:4b:5c:3d:dd:eb:05:
33:ff:2c:cc:19:45:42:d4:6c:98:54:08:a6:b8:6a:
73:16:ec:69:56:fe:71:77:ed:92:27:9c:ee:47:03:
bc:46:62:4e:cd:70:5d:5d:c8:e5:72:e6:25:60:5d:
31:34:31:c6:94:c6:a5:9f:11:7b:83:37:bb:a0:91:
5c:80:dd:69:1d:bb:b7:bb:22:81:7d:97:d7:3a:6c:
b8:c8:92:ee:c0:d6:c6:4f:1e:b1:7b:e5:f2:be:cc:
e1:4d:45:a8:02:e8:01:bb:e5:11:e6:20:93:db:1a:
8e:b6:da:76:4e:45:eb:03:70:85:62:5c:37:ee:08:
5d:6a:72:85:0f:0f:96:e5:83:c6:9f:d9:69:93:4b:
99:c5:7a:bb:d4:39:a8:ac:95:13:91:f6:58:2c:ed:
ee:51:2b:56:5b:d7:4e:67:90:ad:ac:f1:42:53:6d:
d6:df:aa:67:58:6a:9e:14:c5:5d:45:ea:08:e8:f4:
1d:ac:e5:6f:7c:90:e7:e3:ad:36:9d:09:20:de:a6:
29:73:ed:25:3d:27:69:c8:9d:a5:21:5b:97:c5:80:
a3:6e:35:ee:a1:1e:e2:44:1d:c0:36:89:40:af:35:
30:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B4:5B:D3:39:04:C2:B4:EA:F8:F3:E3:F0:5E:0A:90:1E:D1:C0:E4
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/kLRb0zkEwrTq-PPj8F4KkB7RwOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.239.0/24
79.172.252.0/24
87.229.68.0/24
87.229.76.0/24
178.238.208.0/24
178.238.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:37:1e:13:7b:dd:66:6d:53:ca:e0:03:6e:d7:2c:cd:45:88:
9a:28:18:2e:81:78:90:43:f9:51:f3:38:78:d2:2e:fb:de:f1:
08:37:71:9c:d9:32:84:3b:d8:78:6c:82:20:ed:55:1b:4f:41:
82:30:6c:b9:f1:25:23:fb:7d:83:22:2a:54:91:ee:cf:14:63:
87:c3:5f:78:35:a1:92:69:f5:a9:be:9e:c4:30:77:79:87:dc:
f8:70:e5:e4:39:f4:61:73:5b:dc:e3:e8:9a:5e:70:1a:2c:bd:
28:ea:30:51:3d:da:c8:48:3c:57:a0:68:33:f3:1c:1b:51:16:
fc:7f:31:a3:0b:73:99:13:3f:9a:fd:4b:30:fe:5a:ed:34:6b:
05:ff:de:b8:88:09:1f:98:7a:d5:ab:7f:0b:66:ee:a8:30:32:
5d:7d:4a:c9:8c:3b:40:15:5d:d8:04:6f:4b:62:7b:cb:04:ce:
a7:74:c0:c8:1b:fb:48:7a:42:45:87:8f:50:dc:79:f7:89:de:
2c:86:29:68:aa:c6:61:7e:ef:15:67:fc:c6:d2:a3:fe:c2:c4:
31:6e:45:40:44:1c:fc:9a:40:ee:34:e7:d7:7c:43:ae:83:86:
21:f2:ad:67:d2:ca:65:91:2e:ee:d4:09:f9:9a:e6:01:85:6a:
93:f3:d7:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzpqWCwOk7JDjsC19W0TEUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTUyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI0NWJkMzM5MDRjMmI0ZWFmOGYzZTNmMDVlMGE5MDFlZDFjMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/Zb70CRuu4yNO3cNlUS2ov5keYD
oXZLXD3d6wUz/yzMGUVC1GyYVAimuGpzFuxpVv5xd+2SJ5zuRwO8RmJOzXBdXcjl
cuYlYF0xNDHGlMalnxF7gze7oJFcgN1pHbu3uyKBfZfXOmy4yJLuwNbGTx6xe+Xy
vszhTUWoAugBu+UR5iCT2xqOttp2TkXrA3CFYlw37ghdanKFDw+W5YPGn9lpk0uZ
xXq71DmorJUTkfZYLO3uUStWW9dOZ5CtrPFCU23W36pnWGqeFMVdReoI6PQdrOVv
fJDn4602nQkg3qYpc+0lPSdpyJ2lIVuXxYCjbjXuoR7iRB3ANolArzUwKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJC0W9M5BMK06vjz4/BeCpAe0cDkMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEva0xSYjB6a0V3clRxLVBQajhGNEtrQjdSd09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zvAwQA
T6z8AwQAV+VEAwQAV+VMAwQAsu7QAwQAsu7eMA0GCSqGSIb3DQEBCwUAA4IBAQBt
Nx4Te91mbVPK4ANu1yzNRYiaKBgugXiQQ/lR8zh40i773vEIN3Gc2TKEO9h4bIIg
7VUbT0GCMGy58SUj+32DIipUke7PFGOHw194NaGSafWpvp7EMHd5h9z4cOXkOfRh
c1vc4+iaXnAaLL0o6jBRPdrISDxXoGgz8xwbURb8fzGjC3OZEz+a/Usw/lrtNGsF
/964iAkfmHrVq38LZu6oMDJdfUrJjDtAFV3YBG9LYnvLBM6ndMDIG/tIekJFh49Q
3Hn3id4shiloqsZhfu8VZ/zG0qP+wsQxbkVARBz8mkDuNOfXfEOug4Yh8q1n0spl
kS7u1An5muYBhWqT89ez
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:03 2024 by rpki-client on console-fra.rpki-client.org