Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/1-p7d0PfphHjU468ih64hrEB4ngw.roa
File: 1-p7d0PfphHjU468ih64hrEB4ngw.roa (raw, json)
Hash identifier: viaQ4RhNHjGhNMNu4jJCU6IxOiW/YA5bwZmxTfBWTlk=
Subject key identifier: FA:9E:DD:D0:F7:E9:84:78:D4:E3:AF:22:87:AE:21:AC:40:78:9E:0C
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018D8330961951B0157132EDBF6F312C5F17
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/1-p7d0PfphHjU468ih64hrEB4ngw.roa
Signing time: Wed 07 Feb 2024 10:50:15 +0000
ROA not before: Wed 07 Feb 2024 10:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12850
IP address blocks: 37.139.88.0/21 maxlen: 21
80.247.64.0/20 maxlen: 20
87.248.32.0/19 maxlen: 19
87.248.41.0/24 maxlen: 24
178.239.176.0/20 maxlen: 20
185.21.172.0/22 maxlen: 22
185.48.32.0/22 maxlen: 23
212.29.128.0/19 maxlen: 19
212.91.64.0/19 maxlen: 19
2001:4d38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:30:96:19:51:b0:15:71:32:ed:bf:6f:31:2c:5f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Feb 7 10:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa9eddd0f7e98478d4e3af2287ae21ac40789e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:a3:c6:1e:62:0d:ce:be:ef:48:5b:0e:dd:
a7:8e:4d:f5:fa:42:c5:10:d6:ee:c8:01:d8:ed:f3:
04:f5:85:5e:59:f7:33:b9:46:0c:fe:b8:2c:ab:1b:
16:f9:8f:c0:d6:e4:fb:c9:cf:e7:b2:81:a1:b0:74:
e0:22:53:59:ca:54:b6:7e:16:7b:b6:f8:e0:d9:8c:
92:35:f5:7a:f9:6c:10:fe:a6:38:95:1e:d8:82:34:
12:e4:f7:74:6d:76:c9:f4:9d:d4:c0:0c:98:e4:e9:
e5:2a:86:2f:70:7c:21:f0:ca:90:bd:70:6a:73:13:
8e:12:1c:4c:f5:9a:66:6d:e5:b7:80:12:e0:c0:36:
9b:2e:7e:bd:58:d9:c1:12:18:41:d4:40:1d:6b:bc:
17:3f:47:40:39:fb:6e:bd:35:7b:3e:49:6f:02:33:
ad:39:b8:2c:cc:25:1b:f3:b5:91:13:7c:64:c9:52:
83:ea:fe:fb:20:f1:e4:b9:ca:66:6b:5c:39:54:6b:
f2:f6:2a:61:f8:7b:43:cc:19:b6:07:c9:07:f1:54:
9f:d9:f1:c8:06:f5:51:8e:d9:e7:55:ee:0e:33:a6:
97:1e:8d:ad:66:cb:ef:e8:4a:36:c2:8d:7a:08:b9:
b5:30:d9:90:31:cb:f3:27:02:29:a1:c5:ce:70:4c:
66:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9E:DD:D0:F7:E9:84:78:D4:E3:AF:22:87:AE:21:AC:40:78:9E:0C
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/1-p7d0PfphHjU468ih64hrEB4ngw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.88.0/21
80.247.64.0/20
87.248.32.0/19
178.239.176.0/20
185.21.172.0/22
185.48.32.0/22
212.29.128.0/19
212.91.64.0/19
IPv6:
2001:4d38::/32
Signature Algorithm: sha256WithRSAEncryption
47:b8:6e:b8:89:dd:61:e5:b4:4f:a0:5e:6c:23:eb:53:4d:28:
5f:f4:eb:6e:e0:50:95:85:e2:50:61:77:2a:14:33:3a:27:bf:
66:35:7e:9a:5f:ad:ef:59:1d:1a:88:60:71:fa:94:96:a2:ba:
26:c3:ee:26:cf:a7:f6:28:05:4e:3b:e4:49:13:15:01:b6:9a:
8e:b5:ac:99:bb:0f:2f:c6:d3:be:a8:39:6d:11:41:e1:76:58:
44:94:0c:65:f8:58:35:4c:d1:64:43:12:d5:9c:05:c3:80:4c:
b3:c5:a3:f8:b4:37:18:1d:40:15:d4:fa:f9:f1:1b:c2:74:90:
7e:68:1e:a4:10:ff:08:25:15:6e:96:90:4b:31:46:ae:1a:20:
58:22:72:c9:bb:e2:7e:86:bb:d8:bc:ff:2c:ec:5f:c2:1e:16:
06:23:2f:f4:9f:c3:33:a7:61:2d:73:ee:4f:25:89:bb:cb:f3:
6b:0b:e7:00:11:02:00:94:b4:26:43:38:7b:02:26:08:23:8c:
90:65:b6:83:93:45:f2:a9:dc:ec:65:a4:93:1c:ee:43:56:7d:
64:ad:b0:60:36:13:4f:9f:fb:0d:d2:fa:c6:06:22:8e:db:50:
a1:6f:9c:48:38:37:e5:60:fc:38:62:81:37:17:cc:98:bc:51:
5d:cf:28:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY2DMJYZUbAVcTLtv28xLF8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjQwMjA3MTA1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTllZGRkMGY3ZTk4NDc4ZDRlM2FmMjI4N2FlMjFhYzQwNzg5ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmijxh5iDc6+70hbDt2njk31+kLF
ENbuyAHY7fME9YVeWfczuUYM/rgsqxsW+Y/A1uT7yc/nsoGhsHTgIlNZylS2fhZ7
tvjg2YySNfV6+WwQ/qY4lR7YgjQS5Pd0bXbJ9J3UwAyY5OnlKoYvcHwh8MqQvXBq
cxOOEhxM9ZpmbeW3gBLgwDabLn69WNnBEhhB1EAda7wXP0dAOftuvTV7PklvAjOt
ObgszCUb87WRE3xkyVKD6v77IPHkucpma1w5VGvy9iph+HtDzBm2B8kH8VSf2fHI
BvVRjtnnVe4OM6aXHo2tZsvv6Eo2wo16CLm1MNmQMcvzJwIpocXOcExmdwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPqe3dD36YR41OOvIoeuIaxAeJ4MMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvMS1wN2QwUGZwaEhqVTQ2OGloNjRockVCNG5ndy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvODA3ZWQ1LTUwYjMtNGU1Zi05MzY3LTViNWUzM2NlNzBh
ZC8xL2RUbTNvU05CZXFjWk1sbEdxb25nOHdxd3lnay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAyWLWAME
BFD3QAMEBVf4IAMEBLLvsAMEArkVrAMEArkwIAMEBdQdgAMEBdRbQDANBAIAAjAH
AwUAIAFNODANBgkqhkiG9w0BAQsFAAOCAQEAR7huuIndYeW0T6BebCPrU00oX/Tr
buBQlYXiUGF3KhQzOie/ZjV+ml+t71kdGohgcfqUlqK6JsPuJs+n9igFTjvkSRMV
AbaajrWsmbsPL8bTvqg5bRFB4XZYRJQMZfhYNUzRZEMS1ZwFw4BMs8Wj+LQ3GB1A
FdT6+fEbwnSQfmgepBD/CCUVbpaQSzFGrhogWCJyybvifoa72Lz/LOxfwh4WBiMv
9J/DM6dhLXPuTyWJu8vzawvnABECAJS0JkM4ewImCCOMkGW2g5NF8qnc7GWkkxzu
Q1Z9ZK2wYDYTT5/7DdL6xgYijttQoW+cSDg35WD8OGKBNxfMmLxRXc8oMw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:28 2024 by rpki-client on console-ams.rpki-client.org