Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/a-7EFl2fKZYwcxeQOkPHnHQQ4nc.roa
File: a-7EFl2fKZYwcxeQOkPHnHQQ4nc.roa (raw, json)
Hash identifier: NXQl2ToYFnAXStrrwDaFIMb7N7eidnngB4I8idxhKsc=
Subject key identifier: 6B:EE:C4:16:5D:9F:29:96:30:73:17:90:3A:43:C7:9C:74:10:E2:77
Certificate issuer: /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial: 018CC64B8695220E14A1423102357FD1EEF8
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/a-7EFl2fKZYwcxeQOkPHnHQQ4nc.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41737
IP address blocks: 91.202.160.0/22 maxlen: 24
194.145.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 01:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:86:95:22:0e:14:a1:42:31:02:35:7f:d1:ee:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6beec4165d9f2996307317903a43c79c7410e277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a9:b8:75:18:28:5d:0d:ae:11:d1:21:02:1c:
64:41:ee:9b:3b:4c:d3:a4:8c:55:b6:4b:ff:4b:1c:
20:f6:ab:95:ff:fd:cb:2a:7e:37:f7:db:52:28:2b:
3b:4d:82:47:c7:18:9e:cd:1b:3a:36:eb:d4:2a:d5:
51:44:53:5f:78:b3:94:44:5d:e6:c3:23:de:97:41:
c8:9a:c2:87:e1:95:24:bd:27:47:b9:be:fb:c7:ce:
4d:57:59:dd:ff:d4:51:c9:25:fc:4a:6a:3a:2e:a2:
92:4e:65:f2:09:21:61:37:28:f8:08:ff:64:41:06:
42:62:82:6b:0b:c5:3c:0a:dc:6f:89:38:66:d8:f8:
b5:5e:60:fa:81:70:cd:bb:9e:9c:9e:9a:dc:3e:65:
6f:3d:c7:11:8b:27:e9:7c:ac:b7:38:01:fe:cb:6d:
bb:4b:7b:bb:d0:35:ff:be:bc:6d:ca:e7:33:af:3e:
fc:29:01:7d:b2:24:be:75:0b:7f:98:98:56:01:a8:
39:e5:cd:5c:51:c3:b6:4f:ea:1c:53:18:93:f9:2b:
76:6b:cb:9d:fa:21:2a:26:04:44:ca:fb:72:9a:11:
83:ff:d6:61:b6:58:7b:bd:1c:9b:03:bb:9d:1a:d8:
05:25:4a:a5:cf:54:a0:c9:0e:9e:38:05:f1:b7:b7:
9b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EE:C4:16:5D:9F:29:96:30:73:17:90:3A:43:C7:9C:74:10:E2:77
X509v3 Authority Key Identifier:
keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/a-7EFl2fKZYwcxeQOkPHnHQQ4nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.160.0/22
194.145.220.0/23
Signature Algorithm: sha256WithRSAEncryption
20:0e:cb:2d:72:b0:43:1e:5c:36:d6:73:cf:5f:03:2e:02:f3:
cc:1a:2e:8d:6f:49:86:9a:4b:bd:85:ef:12:12:b6:8c:f2:89:
38:e1:e1:b4:c4:f3:9d:e6:78:14:bd:16:56:61:04:82:b5:20:
d9:f9:ba:ae:a1:c4:1d:5b:8d:17:a2:b9:a8:e0:e6:29:a8:6e:
9c:e9:ed:25:7c:ab:b1:7b:85:1f:70:bc:26:6b:d5:7a:b5:bc:
2e:88:75:07:d4:15:f9:01:8b:26:12:b7:b9:cd:16:9f:4e:3a:
39:93:07:bc:f1:2f:36:4e:4f:48:96:af:a4:7c:1f:70:f7:f4:
64:7d:03:da:d3:60:9a:a4:29:80:31:94:06:24:89:5c:6b:d4:
76:83:c2:01:10:58:88:53:34:a9:de:30:7e:0c:86:ce:ea:8c:
74:df:82:66:d6:ce:dc:df:b7:2f:da:ef:41:58:2d:31:ed:2b:
ed:c1:f9:54:22:6a:9f:33:b3:eb:d1:33:80:a1:fc:36:a6:7c:
9d:fe:ac:1a:45:7b:17:26:3b:e8:80:01:50:7c:17:84:c7:4c:
63:e0:7b:4a:bf:3c:a1:6f:4b:15:34:df:51:fb:1c:ce:0b:b2:
0a:16:82:2f:ab:43:e9:ad:ae:30:3f:79:3e:eb:a3:a1:ff:56:
37:b9:07:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS4aVIg4UoUIxAjV/0e74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmVlYzQxNjVkOWYyOTk2MzA3MzE3OTAzYTQzYzc5Yzc0MTBlMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKm4dRgoXQ2uEdEhAhxkQe6bO0zT
pIxVtkv/Sxwg9quV//3LKn4399tSKCs7TYJHxxiezRs6NuvUKtVRRFNfeLOURF3m
wyPel0HImsKH4ZUkvSdHub77x85NV1nd/9RRySX8Smo6LqKSTmXyCSFhNyj4CP9k
QQZCYoJrC8U8CtxviThm2Pi1XmD6gXDNu56cnprcPmVvPccRiyfpfKy3OAH+y227
S3u70DX/vrxtyuczrz78KQF9siS+dQt/mJhWAag55c1cUcO2T+ocUxiT+St2a8ud
+iEqJgREyvtymhGD/9Zhtlh7vRybA7udGtgFJUqlz1SgyQ6eOAXxt7eb5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvuxBZdnymWMHMXkDpDx5x0EOJ3MB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvYS03RUZsMmZLWll3Y3hlUU9rUEhuSFFRNG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8qgAwQB
wpHcMA0GCSqGSIb3DQEBCwUAA4IBAQAgDsstcrBDHlw21nPPXwMuAvPMGi6Nb0mG
mku9he8SEraM8ok44eG0xPOd5ngUvRZWYQSCtSDZ+bquocQdW40Xormo4OYpqG6c
6e0lfKuxe4UfcLwma9V6tbwuiHUH1BX5AYsmEre5zRafTjo5kwe88S82Tk9Ilq+k
fB9w9/RkfQPa02CapCmAMZQGJIlca9R2g8IBEFiIUzSp3jB+DIbO6ox034Jm1s7c
37cv2u9BWC0x7SvtwflUImqfM7Pr0TOAofw2pnyd/qwaRXsXJjvogAFQfBeEx0xj
4HtKvzyhb0sVNN9R+xzOC7IKFoIvq0Ppra4wP3k+66Oh/1Y3uQdY
-----END CERTIFICATE-----
Generated at Fri Jun 14 04:33:41 2024 by rpki-client on console-fra.rpki-client.org