Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/73rl4mj57RFsC9g8dEAAfK_Nj7Q.roa
File: 73rl4mj57RFsC9g8dEAAfK_Nj7Q.roa (raw, json)
Hash identifier: USnP+jJ2OoA+rWlPddaMSqK7IaZUconCXrZ9HwSIZj8=
Subject key identifier: EF:7A:E5:E2:68:F9:ED:11:6C:0B:D8:3C:74:40:00:7C:AF:CD:8F:B4
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 018CC26D457F951ED8D88ABEBA9F58B69FA3
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/73rl4mj57RFsC9g8dEAAfK_Nj7Q.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31357
IP address blocks: 78.140.0.0/18 maxlen: 18
78.140.0.0/19 maxlen: 19
78.140.4.0/24 maxlen: 24
46.166.253.0/24 maxlen: 24
46.166.254.0/24 maxlen: 24
95.170.96.0/20 maxlen: 20
95.170.96.0/19 maxlen: 19
95.170.104.0/21 maxlen: 21
95.170.120.0/22 maxlen: 22
95.170.120.0/21 maxlen: 21
95.170.124.0/22 maxlen: 22
78.140.48.0/20 maxlen: 20
78.140.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:45:7f:95:1e:d8:d8:8a:be:ba:9f:58:b6:9f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef7ae5e268f9ed116c0bd83c7440007cafcd8fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e1:39:de:0e:fb:c8:7e:05:c4:e8:61:38:24:
a9:5f:95:8c:a8:1c:07:e6:55:76:d0:22:b3:3a:06:
ca:5e:82:66:67:cb:32:95:a6:f5:6a:ac:bd:32:fd:
cc:63:35:8f:1f:08:ba:b3:32:f1:be:24:76:81:95:
fa:9d:15:a5:b3:38:8e:55:f8:b9:77:fc:9a:db:4a:
87:3f:05:88:d9:df:3d:84:cf:02:b2:ab:e2:59:bd:
80:4d:ea:25:ff:0d:10:0e:49:58:04:b9:8e:33:f4:
cf:b5:66:47:49:27:f3:51:47:21:a2:ae:12:97:be:
4c:66:b6:da:c5:61:e6:44:29:ec:ac:d4:97:bd:b9:
71:9d:5d:85:94:9c:37:67:b2:50:9d:cf:f7:45:87:
b2:6a:f9:8b:70:42:11:a6:9e:d6:b0:f8:90:cd:6c:
95:7f:e9:ad:f2:d5:6a:2d:54:71:00:55:55:33:6f:
68:36:ca:02:e8:e2:7d:3c:de:28:c1:c1:42:51:23:
19:1a:52:28:4a:59:8e:e4:d5:a3:9b:20:10:7a:5d:
0e:81:f2:fd:b8:3a:77:cf:10:09:23:1a:86:7c:a3:
1f:03:df:87:fe:1b:8e:11:a7:d3:ae:b1:5b:94:40:
8f:25:e4:f6:dc:e8:c0:f7:74:10:f9:33:af:ff:85:
b3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7A:E5:E2:68:F9:ED:11:6C:0B:D8:3C:74:40:00:7C:AF:CD:8F:B4
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/73rl4mj57RFsC9g8dEAAfK_Nj7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.253.0-46.166.254.255
78.140.0.0/18
95.170.96.0/19
Signature Algorithm: sha256WithRSAEncryption
57:8b:4a:07:45:99:64:84:39:8e:3a:a7:9a:86:9d:6b:16:f2:
97:2c:64:81:bb:9d:4e:0b:11:e7:81:ea:65:3c:e1:62:e6:19:
55:f4:32:e2:06:c1:27:c7:c7:b0:e8:86:9f:f1:4c:30:2c:a8:
10:24:97:0c:6d:7e:f2:35:81:7c:b1:25:10:e1:35:ff:c1:6c:
d0:72:5c:a4:66:b3:ba:31:1d:51:27:f0:f6:1e:73:ef:32:db:
68:54:00:4c:0b:36:3a:b3:e7:95:71:db:20:dd:7c:cc:43:bf:
07:b8:15:da:4b:c6:d3:fe:31:f9:ea:1a:75:12:64:84:e9:27:
e5:1a:f8:ae:79:65:f7:2f:28:b9:de:4f:78:ec:86:77:81:36:
37:c0:4c:b3:21:a0:43:bb:e3:ef:18:2d:6e:a1:51:b4:e9:50:
c8:48:1f:cc:5a:a9:20:45:b3:20:72:84:76:06:69:73:5c:4f:
7a:42:6b:b6:34:50:2f:c1:6f:f4:1b:b9:c5:7d:a3:47:eb:a5:
1d:49:cd:1e:4b:92:f6:24:56:2e:a2:c5:15:e1:4d:34:29:8b:
4d:bd:51:f3:36:f8:1a:cb:09:f5:76:83:a8:47:32:85:9d:ed:
bb:15:92:1f:a5:57:75:61:08:ff:e9:b7:3b:43:ac:56:db:8a:
18:f8:4b:d5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbUV/lR7Y2Iq+up9Ytp+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjdhZTVlMjY4ZjllZDExNmMwYmQ4M2M3NDQwMDA3Y2FmY2Q4ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+E53g77yH4FxOhhOCSpX5WMqBwH
5lV20CKzOgbKXoJmZ8sylab1aqy9Mv3MYzWPHwi6szLxviR2gZX6nRWlsziOVfi5
d/ya20qHPwWI2d89hM8CsqviWb2ATeol/w0QDklYBLmOM/TPtWZHSSfzUUchoq4S
l75MZrbaxWHmRCnsrNSXvblxnV2FlJw3Z7JQnc/3RYeyavmLcEIRpp7WsPiQzWyV
f+mt8tVqLVRxAFVVM29oNsoC6OJ9PN4owcFCUSMZGlIoSlmO5NWjmyAQel0OgfL9
uDp3zxAJIxqGfKMfA9+H/huOEafTrrFblECPJeT23OjA93QQ+TOv/4WzUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFO965eJo+e0RbAvYPHRAAHyvzY+0MB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvNzNybDRtajU3UkZzQzlnOGRFQUFmS19OajdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAupv0D
BAAupv4DBAZOjAADBAVfqmAwDQYJKoZIhvcNAQELBQADggEBAFeLSgdFmWSEOY46
p5qGnWsW8pcsZIG7nU4LEeeB6mU84WLmGVX0MuIGwSfHx7Dohp/xTDAsqBAklwxt
fvI1gXyxJRDhNf/BbNByXKRms7oxHVEn8PYec+8y22hUAEwLNjqz55Vx2yDdfMxD
vwe4FdpLxtP+MfnqGnUSZITpJ+Ua+K55ZfcvKLneT3jshneBNjfATLMhoEO74+8Y
LW6hUbTpUMhIH8xaqSBFsyByhHYGaXNcT3pCa7Y0UC/Bb/QbucV9o0frpR1JzR5L
kvYkVi6ixRXhTTQpi029UfM2+BrLCfV2g6hHMoWd7bsVkh+lV3VhCP/ptztDrFbb
ihj4S9U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:18 2024 by rpki-client on console-ams.rpki-client.org