Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7TSJF-06Wx-pV5FOrGIJkq5FnVw.roa
File: 7TSJF-06Wx-pV5FOrGIJkq5FnVw.roa (raw, json)
Hash identifier: 8Y1c/DDcEMY7Qi5I+e/DEXpzNT1n5p1nDpWMytjMDgA=
Subject key identifier: ED:34:89:17:ED:3A:5B:1F:A9:57:91:4E:AC:62:09:92:AE:45:9D:5C
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 018CC26D060659B2C25DD41416F016855AD8
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7TSJF-06Wx-pV5FOrGIJkq5FnVw.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16134
IP address blocks: 185.66.72.0/24 maxlen: 24
2a0a:ee40:1::/48 maxlen: 48
2a0a:ee40:4::/48 maxlen: 48
2a0a:ee40:2::/48 maxlen: 48
2a0a:ee40::/32 maxlen: 32
2a0a:ee40:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:06:06:59:b2:c2:5d:d4:14:16:f0:16:85:5a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed348917ed3a5b1fa957914eac620992ae459d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:6d:61:92:ab:fd:af:53:a4:b0:de:c5:6f:
15:39:27:d6:ef:61:cd:82:7e:39:0b:43:71:0a:47:
cb:86:f6:79:e7:a2:5f:da:86:28:89:f1:a2:6f:30:
2a:18:ff:39:6a:89:39:2d:17:d2:05:b8:44:53:8a:
43:65:3c:20:e5:da:e4:1d:14:f5:fe:e3:d7:ca:47:
c3:90:af:45:b1:e4:dc:c6:70:1d:4d:17:31:4f:63:
71:49:84:2d:8b:3b:e8:64:77:c7:d9:f4:5a:ca:41:
d5:ae:fd:f1:68:f8:3b:36:fd:62:ef:c5:78:f2:0e:
7c:16:11:4c:08:bd:f6:22:3e:10:ec:86:ed:54:04:
d3:19:d6:0c:b6:46:a8:5f:5c:45:7f:02:5a:e6:68:
37:a1:d0:f6:02:91:28:69:66:09:41:73:71:1e:6e:
a2:52:68:20:5b:5a:33:e0:84:af:1d:b4:11:e7:13:
e1:a9:ab:77:3d:5d:8f:bb:ca:a0:5b:dd:81:c0:7f:
0a:e9:b0:c6:21:20:18:79:16:c2:a9:44:4d:23:9c:
5a:d1:a9:e0:4e:2e:ea:85:36:0d:dc:31:64:9d:5c:
06:c8:a4:3f:4e:20:bd:a5:7a:41:15:8e:93:7f:b5:
c6:da:f0:8c:e5:90:10:0b:04:6b:14:5f:58:4e:ab:
15:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:34:89:17:ED:3A:5B:1F:A9:57:91:4E:AC:62:09:92:AE:45:9D:5C
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7TSJF-06Wx-pV5FOrGIJkq5FnVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.72.0/24
IPv6:
2a0a:ee40::/32
Signature Algorithm: sha256WithRSAEncryption
42:26:e4:a4:09:1d:84:f8:31:20:73:81:6a:20:6a:c9:bb:4d:
17:80:53:77:d9:5e:5e:cc:63:74:b0:ac:12:26:dd:92:62:e8:
1e:fd:fe:b9:7f:9a:0b:a3:ea:63:5e:ac:d1:96:78:a0:0a:8c:
f4:53:63:5f:83:08:4d:46:3b:8a:84:a9:bd:8d:cf:02:07:b9:
e2:e0:be:04:5b:2c:4e:70:ed:74:88:9a:12:91:22:9e:42:48:
dc:43:9e:ac:ef:da:21:1a:17:cd:48:24:bc:3f:c4:29:c1:96:
ae:e5:65:4e:71:13:c9:82:8f:93:d3:34:48:64:86:ce:63:20:
da:c8:a4:9f:44:f8:c4:fb:a5:0d:f0:10:61:00:17:7a:33:f3:
62:0a:c1:35:08:c8:ac:ab:81:9f:8a:77:12:61:46:c0:9d:1d:
70:bd:53:0b:ad:22:7c:bf:9e:c3:9a:87:99:af:fb:95:d7:6e:
7f:f2:e4:37:6f:a3:b2:8e:80:7d:54:11:34:cb:c9:7f:94:bb:
ea:0a:6f:ac:d3:be:36:c7:3f:ee:0b:f1:f0:ba:27:d3:5e:ad:
9f:33:cf:e2:3e:bf:7b:ed:0e:fb:fd:34:a7:fd:d2:c5:00:60:
45:46:ec:3b:4f:2f:e0:a0:0e:f4:8c:0d:ca:82:09:e7:9a:30:
0c:70:71:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbQYGWbLCXdQUFvAWhVrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM0ODkxN2VkM2E1YjFmYTk1NzkxNGVhYzYyMDk5MmFlNDU5ZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxltYZKr/a9TpLDexW8VOSfW72HN
gn45C0NxCkfLhvZ556Jf2oYoifGibzAqGP85aok5LRfSBbhEU4pDZTwg5drkHRT1
/uPXykfDkK9FseTcxnAdTRcxT2NxSYQtizvoZHfH2fRaykHVrv3xaPg7Nv1i78V4
8g58FhFMCL32Ij4Q7IbtVATTGdYMtkaoX1xFfwJa5mg3odD2ApEoaWYJQXNxHm6i
UmggW1oz4ISvHbQR5xPhqat3PV2Pu8qgW92BwH8K6bDGISAYeRbCqURNI5xa0ang
Ti7qhTYN3DFknVwGyKQ/TiC9pXpBFY6Tf7XG2vCM5ZAQCwRrFF9YTqsVGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO00iRftOlsfqVeRTqxiCZKuRZ1cMB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvN1RTSkYtMDZXeC1wVjVGT3JHSUprcTVGblZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUJIMA0E
AgACMAcDBQAqCu5AMA0GCSqGSIb3DQEBCwUAA4IBAQBCJuSkCR2E+DEgc4FqIGrJ
u00XgFN32V5ezGN0sKwSJt2SYuge/f65f5oLo+pjXqzRlnigCoz0U2NfgwhNRjuK
hKm9jc8CB7ni4L4EWyxOcO10iJoSkSKeQkjcQ56s79ohGhfNSCS8P8QpwZau5WVO
cRPJgo+T0zRIZIbOYyDayKSfRPjE+6UN8BBhABd6M/NiCsE1CMisq4GfincSYUbA
nR1wvVMLrSJ8v57DmoeZr/uV125/8uQ3b6OyjoB9VBE0y8l/lLvqCm+s0742xz/u
C/HwuifTXq2fM8/iPr977Q77/TSn/dLFAGBFRuw7Ty/goA70jA3KggnnmjAMcHHW
-----END CERTIFICATE-----
Generated at Wed May 15 18:27:44 2024 by rpki-client on console-fra.rpki-client.org