Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/7LXKwsafhv6pxu7DheBQQzyR1fQ.roa
File: 7LXKwsafhv6pxu7DheBQQzyR1fQ.roa (raw, json)
Hash identifier: iR7wDhor6h7SPaoX9JsDmDM4fs5NTH8Qm5ujb1T2oJM=
Subject key identifier: EC:B5:CA:C2:C6:9F:86:FE:A9:C6:EE:C3:85:E0:50:43:3C:91:D5:F4
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 018CCA2B14D2F438FF68861331EAD3987F13
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/7LXKwsafhv6pxu7DheBQQzyR1fQ.roa
Signing time: Tue 02 Jan 2024 12:34:30 +0000
ROA not before: Tue 02 Jan 2024 12:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61976
IP address blocks: 79.141.65.0/24 maxlen: 24
79.141.66.0/24 maxlen: 24
78.155.198.0/24 maxlen: 24
185.193.90.0/23 maxlen: 24
92.255.62.0/23 maxlen: 24
185.42.164.0/22 maxlen: 24
79.141.64.0/20 maxlen: 24
79.141.64.0/24 maxlen: 24
2a00:ab00:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:14:d2:f4:38:ff:68:86:13:31:ea:d3:98:7f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 2 12:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecb5cac2c69f86fea9c6eec385e050433c91d5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:6e:9d:e2:6d:39:3d:7e:e4:bf:c3:3b:37:
2f:d7:c4:14:e5:ff:6e:04:91:0d:32:c7:0c:dc:15:
b8:2a:fb:1d:e6:1b:da:db:47:62:77:39:16:3e:6f:
48:2f:72:86:c9:fa:3d:cb:8e:7d:80:28:bf:45:fb:
14:cb:fd:d9:48:ff:c1:0a:c9:13:5b:4a:6a:80:97:
a4:f2:65:ee:21:a0:70:1a:00:2c:a5:c3:1e:89:ee:
fd:8d:ae:34:85:9e:72:c5:ab:72:2a:30:6a:e1:e1:
e9:8a:23:87:db:90:11:ba:43:40:75:36:af:26:37:
84:10:3f:3b:69:ce:1d:22:03:98:99:12:cc:44:d0:
f0:29:a8:ca:8e:7b:4d:c3:a5:34:b3:a4:28:17:af:
55:78:20:74:5a:81:af:b4:0c:b1:d6:a4:a4:d4:da:
c4:77:8b:65:fd:be:14:5c:aa:14:f2:3d:18:83:5b:
c7:07:d3:f3:67:18:12:5a:30:c5:22:cb:36:bb:26:
b1:32:f3:fa:82:6c:87:15:bf:f9:1c:ba:ad:00:0f:
b0:72:2e:48:6e:92:c3:85:34:d9:bd:a9:b2:fe:12:
17:c9:dc:b6:11:c3:1d:59:cb:70:6f:94:21:1a:f0:
33:78:33:f6:ff:1a:aa:2f:e7:be:66:8e:d7:a3:fa:
a3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B5:CA:C2:C6:9F:86:FE:A9:C6:EE:C3:85:E0:50:43:3C:91:D5:F4
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/7LXKwsafhv6pxu7DheBQQzyR1fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.155.198.0/24
79.141.64.0/20
92.255.62.0/23
185.42.164.0/22
185.193.90.0/23
IPv6:
2a00:ab00:6000::/36
Signature Algorithm: sha256WithRSAEncryption
71:67:64:10:d4:7c:18:a3:2f:32:64:74:fa:c9:36:af:2d:95:
d8:8c:8d:67:58:f3:7f:10:a6:a9:c8:87:1a:e6:bf:0f:c6:35:
e4:ad:96:e0:d8:ea:56:c7:2e:56:78:5a:da:8f:9a:86:ec:06:
6f:3c:80:0f:46:a9:02:f2:73:4c:50:16:1c:b7:8d:d3:8e:a1:
b6:6b:b3:6c:68:32:4c:e1:1b:46:ee:a7:43:f9:f9:6b:45:59:
0f:29:d3:db:b2:5b:38:56:3d:4c:76:60:04:17:22:1d:71:13:
57:ed:29:a5:5e:12:71:8c:ed:58:a0:b0:ee:8b:20:c1:a1:ea:
63:17:6a:46:0e:7a:11:02:3b:1a:bb:99:a8:4f:f0:59:f8:5e:
61:72:95:04:38:84:90:77:44:1a:2e:a9:d6:58:10:68:1f:42:
d2:6f:16:ba:ec:50:5f:d2:45:57:d5:b7:b2:27:52:69:dc:d8:
c0:f6:96:77:bf:c3:a7:62:ce:7b:5f:0e:e0:9f:99:a9:4d:9e:
41:07:21:62:32:41:8b:06:78:99:f0:45:d2:76:ac:4e:2f:b3:
7e:9d:e8:9f:d8:96:6b:09:de:41:2e:8a:77:d8:3b:cc:c5:b8:
85:71:03:db:6a:66:d4:fc:ec:c3:c7:fc:75:10:b0:55:d3:b5:
ad:61:22:77
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKKxTS9Dj/aIYTMerTmH8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjQwMTAyMTIzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I1Y2FjMmM2OWY4NmZlYTljNmVlYzM4NWUwNTA0MzNjOTFkNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQRuneJtOT1+5L/DOzcv18QU5f9u
BJENMscM3BW4Kvsd5hva20didzkWPm9IL3KGyfo9y459gCi/RfsUy/3ZSP/BCskT
W0pqgJek8mXuIaBwGgAspcMeie79ja40hZ5yxatyKjBq4eHpiiOH25ARukNAdTav
JjeEED87ac4dIgOYmRLMRNDwKajKjntNw6U0s6QoF69VeCB0WoGvtAyx1qSk1NrE
d4tl/b4UXKoU8j0Yg1vHB9PzZxgSWjDFIss2uyaxMvP6gmyHFb/5HLqtAA+wci5I
bpLDhTTZvamy/hIXydy2EcMdWctwb5QhGvAzeDP2/xqqL+e+Zo7Xo/qjjQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOy1ysLGn4b+qcbuw4XgUEM8kdX0MB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvN0xYS3dzYWZodjZweHU3RGhlQlFRenlSMWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQATpvGAwQE
T41AAwQBXP8+AwQCuSqkAwQBucFaMA4EAgACMAgDBgQqAKsAYDANBgkqhkiG9w0B
AQsFAAOCAQEAcWdkENR8GKMvMmR0+sk2ry2V2IyNZ1jzfxCmqciHGua/D8Y15K2W
4NjqVscuVnha2o+ahuwGbzyAD0apAvJzTFAWHLeN046htmuzbGgyTOEbRu6nQ/n5
a0VZDynT27JbOFY9THZgBBciHXETV+0ppV4ScYztWKCw7osgwaHqYxdqRg56EQI7
GruZqE/wWfheYXKVBDiEkHdEGi6p1lgQaB9C0m8WuuxQX9JFV9W3sidSadzYwPaW
d7/Dp2LOe18O4J+ZqU2eQQchYjJBiwZ4mfBF0nasTi+zfp3on9iWawneQS6Kd9g7
zMW4hXED22pm1Pzsw8f8dRCwVdO1rWEidw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:45 2024 by rpki-client on console-ams.rpki-client.org