Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7sdqB9tk4uU0z9qYZwAUqnkFPZE.roa
File: 7sdqB9tk4uU0z9qYZwAUqnkFPZE.roa (raw, json)
Hash identifier: SfJBADP9nxk1XRqv8TGRYYDwuFn6KOuU/MMLN7SOUok=
Subject key identifier: EE:C7:6A:07:DB:64:E2:E5:34:CF:DA:98:67:00:14:AA:79:05:3D:91
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019346C97DD564FC37FC549B043C0CFC4FD6
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7sdqB9tk4uU0z9qYZwAUqnkFPZE.roa
Signing time: Tue 19 Nov 2024 23:37:10 +0000
ROA not before: Tue 19 Nov 2024 23:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.171.192.0/19 maxlen: 24
62.171.224.0/22 maxlen: 24
62.171.252.0/22 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.248.0/21 maxlen: 24
217.177.16.0/20 maxlen: 24
217.177.36.0/22 maxlen: 24
217.177.56.0/21 maxlen: 24
217.177.64.0/21 maxlen: 24
217.177.76.0/22 maxlen: 24
217.177.88.0/21 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:c9:7d:d5:64:fc:37:fc:54:9b:04:3c:0c:fc:4f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 19 23:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eec76a07db64e2e534cfda98670014aa79053d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:de:1a:cc:d9:06:29:ab:6f:99:0e:eb:25:02:
2b:c3:17:28:ad:ba:5e:7e:e7:b0:60:dd:8b:f7:33:
88:70:20:5a:ac:6a:b6:b6:da:1d:1e:88:8e:75:c1:
df:cc:8d:64:81:f1:37:8b:ce:df:a0:9e:8b:09:a6:
73:c2:01:df:f8:ba:24:4f:5d:13:63:2c:81:c3:03:
ce:31:62:5e:51:96:85:a4:9a:0a:4c:f3:40:f3:1a:
43:a2:ff:af:4e:09:e7:6d:36:76:54:66:3e:ce:f6:
ea:3e:07:3b:dd:b3:3e:60:e4:fe:f8:25:17:ec:9b:
54:39:c4:e0:9b:0c:9e:19:9e:f5:91:80:19:38:bc:
65:5e:d1:65:6e:82:c8:b2:f0:3b:04:71:7d:82:eb:
58:94:c9:1b:c2:5d:a0:6b:d2:e1:2a:f9:eb:43:b8:
fc:30:32:99:8e:ce:f6:66:1b:29:d1:ed:2d:f1:b4:
ef:0d:51:6e:81:91:4e:47:f6:f7:c1:c7:bd:07:de:
49:a3:0a:d2:28:c3:16:39:71:19:1f:14:c3:21:55:
e3:de:cc:f2:9a:54:5d:0d:de:e9:4b:0a:9b:85:fe:
ad:ed:48:85:08:9e:17:53:9f:5b:ae:3a:c6:76:87:
52:3e:a7:6d:56:e2:fd:b8:0c:c7:76:22:f8:ed:58:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C7:6A:07:DB:64:E2:E5:34:CF:DA:98:67:00:14:AA:79:05:3D:91
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/7sdqB9tk4uU0z9qYZwAUqnkFPZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0-62.171.227.255
62.171.252.0/22
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.248.0/21
217.177.16.0/20
217.177.36.0/22
217.177.56.0-217.177.71.255
217.177.76.0/22
217.177.88.0/21
217.179.0.0/17
217.179.192.0-217.180.11.255
217.180.24.0-217.180.35.255
217.180.48.0/22
217.181.0.0/18
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:2e:f4:6e:cf:32:94:be:1b:81:d8:ef:8b:44:cb:1e:8c:8e:
4d:50:b3:80:46:89:82:f1:e6:82:08:a2:27:8c:e0:7d:dc:18:
91:cf:ac:70:1e:9b:0a:c6:44:74:1e:ce:9b:43:ea:76:d8:1c:
d3:2e:33:08:79:3d:6a:90:a2:88:51:4a:49:44:f3:b0:21:df:
64:f7:2d:68:7b:37:e8:18:fe:38:0e:12:92:91:23:06:67:ad:
2f:92:7a:53:82:e9:3a:e8:17:c2:0c:c5:d2:e6:c8:a3:d6:1b:
95:ac:82:aa:cb:8b:79:62:6f:ea:68:04:d3:82:fe:0a:de:3e:
d2:5c:7e:ab:e6:d7:f8:b8:f6:ca:7a:21:24:b1:15:d2:d9:84:
33:27:8a:ab:e2:8f:f9:61:49:1c:23:4d:07:e5:0a:e9:3d:c2:
db:ee:51:31:56:48:61:fe:37:fa:30:4e:9e:c3:42:2a:02:64:
f3:63:3a:fa:2e:ba:90:e2:2d:14:ef:cd:b7:30:df:20:0f:ae:
b8:b7:fd:79:be:3e:25:8a:e3:c0:2f:8e:e0:6c:e4:aa:91:e3:
66:27:fa:09:57:0a:4c:ec:e5:f5:97:ea:2d:22:cc:d0:48:ca:
9a:eb:fe:4c:3a:9f:a0:0d:3b:cb:b7:1c:95:51:9c:3f:d2:81:
ab:e6:ad:63
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZNGyX3VZPw3/FSbBDwM/E/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTE5MjMzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM3NmEwN2RiNjRlMmU1MzRjZmRhOTg2NzAwMTRhYTc5MDUzZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot4azNkGKatvmQ7rJQIrwxcorbpe
fuewYN2L9zOIcCBarGq2ttodHoiOdcHfzI1kgfE3i87foJ6LCaZzwgHf+LokT10T
YyyBwwPOMWJeUZaFpJoKTPNA8xpDov+vTgnnbTZ2VGY+zvbqPgc73bM+YOT++CUX
7JtUOcTgmwyeGZ71kYAZOLxlXtFlboLIsvA7BHF9gutYlMkbwl2ga9LhKvnrQ7j8
MDKZjs72Zhsp0e0t8bTvDVFugZFOR/b3wce9B95JowrSKMMWOXEZHxTDIVXj3szy
mlRdDd7pSwqbhf6t7UiFCJ4XU59brjrGdodSPqdtVuL9uAzHdiL47VjHawIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFO7HagfbZOLlNM/amGcAFKp5BT2RMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvN3NkcUI5dGs0dVUwejlxWVp3QVVxbmtGUFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgwDAME
Bj6rwAMEAj6r4AMEAj6r/AMEArnA5AMEBcKaADAMAwQFwu4gAwQFwu5AAwQD1RL4
AwQE2bEQAwQC2bEkMAwDBAPZsTgDBAPZsUADBALZsUwDBAPZsVgDBAfZswAwDAME
BtmzwAMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC2bQwAwQG2bUAMA0EAgACMAcDBQAq
Ag+wMA0GCSqGSIb3DQEBCwUAA4IBAQC5LvRuzzKUvhuB2O+LRMsejI5NULOARomC
8eaCCKInjOB93BiRz6xwHpsKxkR0Hs6bQ+p22BzTLjMIeT1qkKKIUUpJRPOwId9k
9y1oezfoGP44DhKSkSMGZ60vknpTguk66BfCDMXS5sij1huVrIKqy4t5Ym/qaATT
gv4K3j7SXH6r5tf4uPbKeiEksRXS2YQzJ4qr4o/5YUkcI00H5QrpPcLb7lExVkhh
/jf6ME6ew0IqAmTzYzr6LrqQ4i0U7823MN8gD664t/15vj4liuPAL47gbOSqkeNm
J/oJVwpM7OX1l+otIszQSMqa6/5MOp+gDTvLtxyVUZw/0oGr5q1j
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:16:11 2024 by rpki-client on console-ams.rpki-client.org