Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/chR334qAJ6ib6ZbyYwfdIkxYu5w.roa
File: chR334qAJ6ib6ZbyYwfdIkxYu5w.roa (raw, json)
Hash identifier: p6GA3Gb1of4qLTEEHdup3bVSC5GS1b0mH1IBUG7/Jbo=
Subject key identifier: 72:14:77:DF:8A:80:27:A8:9B:E9:96:F2:63:07:DD:22:4C:58:BB:9C
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 018CC500AB5A2F57D0A5C263684CC8FB6FD4
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/chR334qAJ6ib6ZbyYwfdIkxYu5w.roa
Signing time: Mon 01 Jan 2024 12:30:04 +0000
ROA not before: Mon 01 Jan 2024 12:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198482
IP address blocks: 151.237.1.0/24 maxlen: 24
151.237.2.0/24 maxlen: 24
151.237.3.0/24 maxlen: 24
151.237.4.0/24 maxlen: 24
151.237.0.0/24 maxlen: 24
151.237.10.0/24 maxlen: 24
151.237.5.0/24 maxlen: 24
151.237.6.0/24 maxlen: 24
85.187.208.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
151.237.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ab:5a:2f:57:d0:a5:c2:63:68:4c:c8:fb:6f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 1 12:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=721477df8a8027a89be996f26307dd224c58bb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:90:5d:80:30:f6:89:a3:6f:23:27:83:d0:7d:
14:29:14:1c:d6:1c:8a:7e:18:fe:cd:13:47:e0:e5:
b7:90:85:79:37:b6:92:f1:3d:36:53:c9:46:62:ea:
7b:a1:78:1f:a7:fe:a8:b6:6c:ad:8d:43:78:b7:20:
cb:1a:35:3b:5b:78:8c:44:95:d7:1d:58:9e:2b:69:
36:9b:e5:e4:f4:69:db:9a:5c:df:b9:c7:25:40:e2:
67:36:6a:ee:9c:21:dd:b6:d1:c9:70:45:6e:84:3f:
07:38:be:84:61:6e:cf:95:25:f7:c2:c5:e6:35:f8:
37:f7:8e:67:d6:e2:c5:04:60:c2:50:d2:17:b4:5f:
7a:cb:d5:68:50:37:58:7d:35:9b:99:ad:9f:ac:cd:
ef:f2:e8:67:90:f4:2d:fa:1c:7f:fe:05:d0:52:db:
b7:ff:d3:8a:66:44:eb:7e:ee:01:be:43:25:ee:57:
e5:9f:e8:8f:30:3a:99:b7:aa:6c:e7:a7:9c:4d:30:
1c:03:46:3d:4f:89:89:96:0f:82:b7:40:59:13:fb:
ae:2f:07:59:c7:8e:c2:24:12:53:d3:75:15:c6:67:
00:67:03:4d:af:01:79:88:d9:f2:6e:50:6e:b8:fe:
da:70:a9:b6:bc:28:b3:6b:b4:f4:9b:57:5e:71:4d:
8a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:14:77:DF:8A:80:27:A8:9B:E9:96:F2:63:07:DD:22:4C:58:BB:9C
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/chR334qAJ6ib6ZbyYwfdIkxYu5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0-85.187.212.255
85.187.220.0/23
151.237.0.0-151.237.6.255
151.237.10.0/24
151.237.94.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:c4:84:5f:24:41:58:9a:a7:99:3b:53:42:3e:38:68:4f:f8:
c4:4d:34:6a:02:2a:9a:73:d2:71:0c:c3:b0:3b:c0:f7:1b:e3:
08:e2:b7:93:d6:ec:97:6e:3e:2b:18:51:f4:aa:bb:84:45:98:
19:4f:ff:0e:8a:22:eb:82:87:a5:ce:ad:0e:63:6f:92:50:84:
57:4a:66:f4:0a:86:1e:a8:d0:b8:1c:de:d0:02:49:d9:09:4d:
c9:44:17:d1:56:9f:33:3c:cb:fe:d6:40:e1:55:83:f5:d8:71:
61:d3:d7:fb:03:65:05:6a:44:68:54:dc:31:3f:58:0f:1f:52:
d4:d5:8b:51:c5:64:51:84:d4:43:d8:28:7c:dd:58:91:ac:5f:
55:55:62:d0:79:0b:87:33:8a:2e:f4:f3:b3:5b:67:d4:48:c0:
f0:40:36:9c:38:e3:10:e2:55:a0:39:1c:e9:3e:05:42:10:ba:
34:18:3b:cc:6f:72:5f:de:8d:da:7d:68:6f:ae:94:1a:16:5c:
77:75:73:ca:2d:2a:88:f3:92:cf:61:98:66:66:dc:10:1d:f8:
80:82:ca:ac:56:b8:43:21:e0:13:f5:eb:0c:e5:18:c2:2c:98:
62:a1:05:95:90:06:b7:7f:2b:09:28:fc:29:8c:d2:59:8b:ff:
cd:ed:ec:4b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFAKtaL1fQpcJjaEzI+2/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjQwMTAxMTIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE0NzdkZjhhODAyN2E4OWJlOTk2ZjI2MzA3ZGQyMjRjNThiYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipBdgDD2iaNvIyeD0H0UKRQc1hyK
fhj+zRNH4OW3kIV5N7aS8T02U8lGYup7oXgfp/6otmytjUN4tyDLGjU7W3iMRJXX
HVieK2k2m+Xk9GnbmlzfucclQOJnNmrunCHdttHJcEVuhD8HOL6EYW7PlSX3wsXm
Nfg3945n1uLFBGDCUNIXtF96y9VoUDdYfTWbma2frM3v8uhnkPQt+hx//gXQUtu3
/9OKZkTrfu4BvkMl7lfln+iPMDqZt6ps56ecTTAcA0Y9T4mJlg+Ct0BZE/uuLwdZ
x47CJBJT03UVxmcAZwNNrwF5iNnyblBuuP7acKm2vCiza7T0m1decU2K6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHIUd9+KgCeom+mW8mMH3SJMWLucMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvY2hSMzM0cUFKNmliNlpieVl3ZmRJa3hZdTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtMAwDBARVu9AD
BABVu9QDBAFVu9wwCwMDAJftAwQAl+0GAwQAl+0KAwQAl+1eMA0GCSqGSIb3DQEB
CwUAA4IBAQBbxIRfJEFYmqeZO1NCPjhoT/jETTRqAiqac9JxDMOwO8D3G+MI4reT
1uyXbj4rGFH0qruERZgZT/8OiiLrgoelzq0OY2+SUIRXSmb0CoYeqNC4HN7QAknZ
CU3JRBfRVp8zPMv+1kDhVYP12HFh09f7A2UFakRoVNwxP1gPH1LU1YtRxWRRhNRD
2Ch83ViRrF9VVWLQeQuHM4ou9POzW2fUSMDwQDacOOMQ4lWgORzpPgVCELo0GDvM
b3Jf3o3afWhvrpQaFlx3dXPKLSqI85LPYZhmZtwQHfiAgsqsVrhDIeAT9esM5RjC
LJhioQWVkAa3fysJKPwpjNJZi//N7exL
-----END CERTIFICATE-----
Generated at Wed Nov 27 09:14:32 2024 by rpki-client on console-ams.rpki-client.org