Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/7uJFkbWsJp74FyRwpuCZyfRGvPg.roa
File: 7uJFkbWsJp74FyRwpuCZyfRGvPg.roa (raw, json)
Hash identifier: ewPs1qX7KL0hwLYDLmn46HNNpP8Ms5qU4eJVsQo2Ejs=
Subject key identifier: EE:E2:45:91:B5:AC:26:9E:F8:17:24:70:A6:E0:99:C9:F4:46:BC:F8
Certificate issuer: /CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Certificate serial: 018CC34945A7BBAB271B2D9675350167994E
Authority key identifier: 3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/7uJFkbWsJp74FyRwpuCZyfRGvPg.roa
Signing time: Mon 01 Jan 2024 04:30:08 +0000
ROA not before: Mon 01 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41865
IP address blocks: 94.158.136.0/21 maxlen: 21
193.34.0.0/23 maxlen: 23
193.34.0.0/22 maxlen: 22
193.34.2.0/23 maxlen: 23
94.158.128.0/20 maxlen: 20
94.158.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.mft
rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:45:a7:bb:ab:27:1b:2d:96:75:35:01:67:99:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eee24591b5ac269ef8172470a6e099c9f446bcf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:87:9b:33:72:f7:c7:6a:eb:1d:c4:f3:df:c3:
e2:2c:1d:8c:02:b9:f3:de:12:25:c6:ac:fb:60:6e:
d2:a9:fe:09:67:0a:33:f2:c4:0a:9a:13:db:7c:70:
07:8a:d2:5e:c0:d7:19:d5:32:b8:7c:60:48:b7:06:
fd:f6:cf:48:0b:4a:e4:09:4c:a3:d0:77:6c:49:49:
09:6e:d2:45:9d:ee:9e:93:c2:59:7d:7b:ca:66:19:
aa:79:5e:c0:49:fa:92:d7:b7:86:cd:5a:b9:34:88:
63:b0:fb:3b:ef:4b:3b:48:3e:9a:06:9f:7e:d4:7e:
4d:e2:e0:d5:bc:11:0f:47:a6:3c:00:6d:10:e3:52:
85:39:35:a8:28:6d:9f:15:5b:1f:e3:41:4d:fb:f1:
00:a9:ce:69:48:44:bd:8c:ef:b5:be:bc:29:54:9b:
db:e4:23:c1:3b:d6:71:9e:d2:17:1e:dd:64:dd:de:
88:a2:0e:ef:89:db:dc:bd:80:01:7f:9f:cb:7d:bf:
3f:d8:fe:71:ec:36:e4:6f:87:69:e7:28:b7:87:35:
eb:3a:5e:24:29:14:f4:91:00:fc:0f:1e:47:9b:f7:
c3:d7:be:9e:34:c1:ee:7d:c2:44:7f:c1:78:dd:21:
aa:ae:38:a0:e5:a1:04:3f:ed:63:6d:02:b0:c1:9b:
ea:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E2:45:91:B5:AC:26:9E:F8:17:24:70:A6:E0:99:C9:F4:46:BC:F8
X509v3 Authority Key Identifier:
keyid:3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/7uJFkbWsJp74FyRwpuCZyfRGvPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.128.0/20
193.34.0.0/22
Signature Algorithm: sha256WithRSAEncryption
68:5c:22:00:1c:a7:bd:5b:5d:b5:44:8a:b6:e8:c3:78:be:ef:
85:03:bd:3e:d9:6a:62:d6:83:a2:61:06:fa:6c:57:2a:62:21:
44:1c:ad:58:e6:54:d3:f2:70:a9:cd:75:b1:08:ad:4f:9a:93:
bd:3c:a3:b3:48:b3:11:59:42:b9:d0:52:ff:65:33:ee:35:83:
24:4b:04:1d:9a:0f:75:31:9f:9d:f4:63:4e:ad:2d:52:d1:37:
26:e8:31:c9:ab:79:30:17:51:09:57:20:00:ac:df:cd:f6:ec:
89:7b:b9:fb:f4:eb:36:8b:84:2f:95:91:c5:64:69:b8:4f:71:
0b:25:6d:84:52:c3:f5:bf:86:d8:63:7f:11:59:cb:b9:ca:87:
4b:2d:a3:2d:68:f3:25:e6:40:1c:0c:63:ee:88:ac:98:72:a3:
a2:fb:c1:b1:39:65:02:0d:d3:2b:96:c9:2b:4c:73:39:7b:ac:
a7:70:f7:f3:82:d4:5e:88:03:59:6f:a4:c0:7e:0d:11:9e:e4:
40:69:04:6b:32:d2:01:63:3e:1e:0e:98:f0:7b:ce:c4:2e:4c:
aa:48:0c:d7:91:e2:51:c9:05:48:b4:50:46:23:bb:78:05:4d:
e8:26:d2:fc:34:ab:7d:9a:17:15:6a:42:a3:f9:4e:39:53:b3:
e4:62:9c:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSUWnu6snGy2WdTUBZ5lOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOTMxZjI2NWE4NDcxZDMyY2U4NDQ5ZDllMTg2ZjBkYzcx
MTRhN2EwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWUyNDU5MWI1YWMyNjllZjgxNzI0NzBhNmUwOTljOWY0NDZiY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIebM3L3x2rrHcTz38PiLB2MArnz
3hIlxqz7YG7Sqf4JZwoz8sQKmhPbfHAHitJewNcZ1TK4fGBItwb99s9IC0rkCUyj
0HdsSUkJbtJFne6ek8JZfXvKZhmqeV7ASfqS17eGzVq5NIhjsPs770s7SD6aBp9+
1H5N4uDVvBEPR6Y8AG0Q41KFOTWoKG2fFVsf40FN+/EAqc5pSES9jO+1vrwpVJvb
5CPBO9ZxntIXHt1k3d6Iog7vidvcvYABf5/Lfb8/2P5x7Dbkb4dp5yi3hzXrOl4k
KRT0kQD8Dx5Hm/fD176eNMHufcJEf8F43SGqrjig5aEEP+1jbQKwwZvqKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO7iRZG1rCae+BckcKbgmcn0Rrz4MB8GA1UdIwQY
MBaAFDyTHyZahHHTLOhEnZ4Ybw3HEUp6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEt
NWUwMDI2MzAzNjI5LzEvN3VKRmtiV3NKcDc0RnlSd3B1Q1p5ZlJHdlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEtNWUwMDI2MzAzNjI5
LzEvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXp6AAwQC
wSIAMA0GCSqGSIb3DQEBCwUAA4IBAQBoXCIAHKe9W121RIq26MN4vu+FA70+2Wpi
1oOiYQb6bFcqYiFEHK1Y5lTT8nCpzXWxCK1PmpO9PKOzSLMRWUK50FL/ZTPuNYMk
SwQdmg91MZ+d9GNOrS1S0Tcm6DHJq3kwF1EJVyAArN/N9uyJe7n79Os2i4QvlZHF
ZGm4T3ELJW2EUsP1v4bYY38RWcu5yodLLaMtaPMl5kAcDGPuiKyYcqOi+8GxOWUC
DdMrlskrTHM5e6yncPfzgtReiANZb6TAfg0RnuRAaQRrMtIBYz4eDpjwe87ELkyq
SAzXkeJRyQVItFBGI7t4BU3oJtL8NKt9mhcVakKj+U45U7PkYpyB
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:27:07 2024 by rpki-client on console-fra.rpki-client.org