Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/292HIn314WxQqkS_9HKlqlFz1-w.roa
File: 292HIn314WxQqkS_9HKlqlFz1-w.roa (raw, json)
Hash identifier: O4w0Zihh/EYSdRVtZcaZQe+Za/IXEDcrypuJ559P0Xs=
Subject key identifier: DB:DD:87:22:7D:F5:E1:6C:50:AA:44:BF:F4:72:A5:AA:51:73:D7:EC
Certificate issuer: /CN=cbd41cc121e0cb60a3a98dbf72ba4dbd63eebe9f
Certificate serial: 018CC2DB222CCE426F105BE4F39A051566ED
Authority key identifier: CB:D4:1C:C1:21:E0:CB:60:A3:A9:8D:BF:72:BA:4D:BD:63:EE:BE:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9QcwSHgy2CjqY2_crpNvWPuvp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/292HIn314WxQqkS_9HKlqlFz1-w.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208506
IP address blocks: 213.178.136.0/22 maxlen: 22
213.178.138.0/24 maxlen: 24
213.178.139.0/24 maxlen: 24
213.178.136.0/23 maxlen: 23
213.178.136.0/24 maxlen: 24
213.178.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/y9QcwSHgy2CjqY2_crpNvWPuvp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/y9QcwSHgy2CjqY2_crpNvWPuvp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9QcwSHgy2CjqY2_crpNvWPuvp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:22:2c:ce:42:6f:10:5b:e4:f3:9a:05:15:66:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd41cc121e0cb60a3a98dbf72ba4dbd63eebe9f
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbdd87227df5e16c50aa44bff472a5aa5173d7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0c:20:91:89:ad:dd:ea:5c:b0:9b:de:29:57:
fb:7b:86:8f:6c:40:ae:fd:37:f6:79:83:94:43:b5:
b7:c5:e2:76:bc:dc:dd:5f:a5:ed:93:94:c3:b3:c2:
da:03:f8:8c:05:b8:59:52:ec:60:4a:20:97:06:fe:
0c:0c:7f:82:b4:e7:9b:18:e4:94:33:b0:bd:bf:a2:
2b:b8:6f:c9:5f:6c:bd:ba:db:4a:5d:5c:02:76:0a:
25:69:1b:db:5a:0d:43:22:3c:c4:12:e3:80:b3:65:
9a:41:35:2e:1f:cb:de:f7:4b:38:29:23:80:5b:98:
1c:2a:58:cf:c1:24:a3:ee:ce:1a:51:fc:e8:1f:ca:
0c:d1:83:d2:58:ae:b8:26:17:e8:f9:b7:43:da:44:
9a:0c:a4:f6:b4:04:66:c0:40:26:58:c5:48:ca:0c:
2e:d6:08:85:17:e3:96:fc:44:f7:0a:b1:b4:bf:cf:
52:06:b2:09:d0:01:1b:e0:fe:77:2c:ff:4d:78:86:
57:da:7f:30:bd:10:b0:10:81:bf:20:c9:1f:76:6d:
63:f6:cf:e4:33:48:26:14:4f:51:b9:5c:f4:71:dd:
e6:6e:72:98:83:4e:07:c9:c0:15:f1:c3:d9:a2:61:
71:31:5c:c7:de:27:60:8a:04:1c:ce:6c:63:6d:b9:
94:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DD:87:22:7D:F5:E1:6C:50:AA:44:BF:F4:72:A5:AA:51:73:D7:EC
X509v3 Authority Key Identifier:
keyid:CB:D4:1C:C1:21:E0:CB:60:A3:A9:8D:BF:72:BA:4D:BD:63:EE:BE:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9QcwSHgy2CjqY2_crpNvWPuvp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/292HIn314WxQqkS_9HKlqlFz1-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7eb4e8-bcb1-49ef-b944-53a5af765343/1/y9QcwSHgy2CjqY2_crpNvWPuvp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.136.0/22
Signature Algorithm: sha256WithRSAEncryption
93:8c:83:d1:d2:c8:95:ee:b1:5b:57:00:e3:ac:ff:60:66:93:
7c:de:06:03:0f:b4:09:fc:eb:85:b8:45:f3:c9:97:1b:41:b2:
b0:d4:d2:bb:a5:b2:9a:a2:55:6f:e0:ee:0b:10:25:64:ed:26:
06:fe:9d:64:7e:3e:14:3d:d8:36:f3:cf:2f:f3:c4:0c:9b:ba:
15:59:81:b1:8a:0e:d9:a3:16:4e:b5:fb:88:4d:f9:fe:45:85:
8c:81:51:78:cb:22:4a:c7:94:89:35:fb:a5:29:81:02:b0:66:
e9:cd:ae:3d:40:00:16:8b:ac:2f:20:0c:a7:2a:73:82:17:b5:
77:f0:69:e6:04:81:69:ae:e6:e7:ea:fd:e5:b5:4b:4d:ac:b2:
f6:a6:23:7b:3b:b6:92:19:a1:88:80:c8:5c:82:13:be:e9:0e:
b5:eb:53:7c:3d:2a:63:07:2b:11:27:f7:3f:61:b2:5d:2e:96:
5c:4f:7b:d9:62:ad:bb:66:ab:bf:cb:9f:88:c8:d8:e5:0d:b3:
41:c3:a8:33:19:9b:c9:c6:be:da:88:b5:90:30:4a:fa:84:e9:
31:2f:90:e2:d4:2d:ef:97:f2:97:9c:dc:59:bc:50:ba:38:63:
01:aa:eb:08:bc:77:3d:98:a3:05:0a:c7:01:9f:1e:2e:9e:95:
4c:63:91:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2yIszkJvEFvk85oFFWbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQxY2MxMjFlMGNiNjBhM2E5OGRiZjcyYmE0ZGJkNjNl
ZWJlOWYwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmRkODcyMjdkZjVlMTZjNTBhYTQ0YmZmNDcyYTVhYTUxNzNkN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAwgkYmt3epcsJveKVf7e4aPbECu
/Tf2eYOUQ7W3xeJ2vNzdX6Xtk5TDs8LaA/iMBbhZUuxgSiCXBv4MDH+CtOebGOSU
M7C9v6IruG/JX2y9uttKXVwCdgolaRvbWg1DIjzEEuOAs2WaQTUuH8ve90s4KSOA
W5gcKljPwSSj7s4aUfzoH8oM0YPSWK64Jhfo+bdD2kSaDKT2tARmwEAmWMVIygwu
1giFF+OW/ET3CrG0v89SBrIJ0AEb4P53LP9NeIZX2n8wvRCwEIG/IMkfdm1j9s/k
M0gmFE9RuVz0cd3mbnKYg04HycAV8cPZomFxMVzH3idgigQczmxjbbmUpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvdhyJ99eFsUKpEv/RypapRc9fsMB8GA1UdIwQY
MBaAFMvUHMEh4Mtgo6mNv3K6Tb1j7r6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlRY3dTSGd5MkNqcVkyX2NycE52V1B1dnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny83ZWI0ZTgtYmNiMS00OWVmLWI5NDQt
NTNhNWFmNzY1MzQzLzEvMjkySEluMzE0V3hRcWtTXzlIS2xxbEZ6MS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny83ZWI0ZTgtYmNiMS00OWVmLWI5NDQtNTNhNWFmNzY1MzQz
LzEveTlRY3dTSGd5MkNqcVkyX2NycE52V1B1dnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1bKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCTjIPR0siV7rFbVwDjrP9gZpN83gYDD7QJ/OuFuEXz
yZcbQbKw1NK7pbKaolVv4O4LECVk7SYG/p1kfj4UPdg2888v88QMm7oVWYGxig7Z
oxZOtfuITfn+RYWMgVF4yyJKx5SJNfulKYECsGbpza49QAAWi6wvIAynKnOCF7V3
8GnmBIFprubn6v3ltUtNrLL2piN7O7aSGaGIgMhcghO+6Q6161N8PSpjBysRJ/c/
YbJdLpZcT3vZYq27Zqu/y5+IyNjlDbNBw6gzGZvJxr7aiLWQMEr6hOkxL5Di1C3v
l/KXnNxZvFC6OGMBqusIvHc9mKMFCscBnx4unpVMY5Go
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:01:17 2024 by rpki-client on console-ams.rpki-client.org