Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/198EAo_AOrdl9gfZODM7SN4sRdo.roa
File: 198EAo_AOrdl9gfZODM7SN4sRdo.roa (raw, json)
Hash identifier: MoIFvmQe/GHPQuehKprscwSa3OtS5uShBr2po6WN9Mw=
Subject key identifier: D7:DF:04:02:8F:C0:3A:B7:65:F6:07:D9:38:33:3B:48:DE:2C:45:DA
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 0190E419F4B8920F557FC121FD663A493692
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/198EAo_AOrdl9gfZODM7SN4sRdo.roa
Signing time: Wed 24 Jul 2024 09:37:04 +0000
ROA not before: Wed 24 Jul 2024 09:37:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58002
IP address blocks: 37.208.64.0/20 maxlen: 20
77.247.232.0/21 maxlen: 21
92.241.0.0/19 maxlen: 19
2a00:c9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:19:f4:b8:92:0f:55:7f:c1:21:fd:66:3a:49:36:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Jul 24 09:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7df04028fc03ab765f607d938333b48de2c45da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:48:6a:eb:33:fa:a7:f9:f4:e2:60:bf:c2:
f7:96:29:04:15:f4:03:26:89:42:e6:a3:ff:1b:e2:
fd:db:23:4a:08:06:0d:a8:a7:08:4b:53:d4:e4:3f:
68:f7:d2:2c:78:55:89:67:9f:74:b9:3d:d9:9f:1b:
29:67:1b:34:ba:d0:f8:a0:e3:d8:b5:fa:de:3d:98:
8b:d4:aa:8e:df:b7:9a:a9:25:66:15:49:60:42:7e:
09:a8:18:eb:49:30:e2:71:ff:df:91:2e:3d:9f:58:
6f:e3:35:71:b5:0d:de:b3:b6:b2:db:be:48:73:8b:
70:95:72:82:f5:d1:67:67:5a:39:4f:71:22:ed:da:
12:02:ae:67:be:db:7e:57:65:86:b3:55:3e:54:e8:
e8:d2:ce:f4:11:30:83:9a:8f:26:80:8d:4f:08:6f:
1c:6c:6f:78:68:d4:74:d6:c5:79:69:00:07:fa:28:
2a:93:7b:53:d9:c2:48:79:a2:df:33:96:cf:0d:a7:
97:ae:81:16:ac:41:be:06:17:ab:a1:b5:3e:7a:88:
1d:80:6d:a6:53:6f:02:2f:77:97:ee:cb:a3:bc:05:
36:f4:25:84:a3:19:ed:05:0b:95:5a:cc:46:0c:5a:
6c:bf:df:60:98:25:f5:9c:2e:08:fb:ae:5b:08:88:
ce:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:DF:04:02:8F:C0:3A:B7:65:F6:07:D9:38:33:3B:48:DE:2C:45:DA
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/198EAo_AOrdl9gfZODM7SN4sRdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.64.0/20
77.247.232.0/21
92.241.0.0/19
IPv6:
2a00:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
70:05:54:27:b9:1b:88:36:c9:b0:23:3d:10:b3:6e:a1:ce:71:
90:10:7d:9c:65:5d:27:99:5f:90:7d:e1:76:6d:03:5e:33:87:
58:9f:e2:8f:d3:a1:79:ac:91:80:c2:05:d0:88:d0:33:4f:0a:
0a:28:90:d9:12:3a:13:d3:1d:44:dc:33:04:a4:54:6e:c4:b9:
17:d7:7d:9e:5a:5a:a6:f8:be:36:5f:34:84:ee:16:9e:36:1c:
27:7b:ff:68:7a:21:63:50:a9:f5:fa:e4:bc:ce:82:57:7f:55:
a8:22:ce:72:3e:22:56:a3:9c:9c:87:d8:56:8e:74:b4:d5:cb:
f0:03:c5:69:22:fa:4f:99:48:7f:a1:ca:e3:c9:b3:a4:92:61:
0b:d8:86:7a:37:f3:4b:84:37:db:4b:e5:da:df:fd:56:fa:97:
d7:31:80:8f:0d:6a:36:13:cc:80:12:48:70:82:dd:36:1c:44:
e6:04:e3:bf:47:12:ad:c4:c0:30:9b:6e:77:b3:2d:6b:0f:44:
14:82:b4:f9:44:df:85:f2:a1:eb:91:a8:8b:2e:4f:65:be:19:
ae:47:f3:5b:d1:20:8c:e4:07:31:2a:57:31:5b:d8:38:01:00:
c3:d6:f7:b3:9b:5b:02:4b:9d:37:23:c8:39:7c:09:46:a1:81:
af:04:f7:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZDkGfS4kg9Vf8Eh/WY6STaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjQwNzI0MDkzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2RmMDQwMjhmYzAzYWI3NjVmNjA3ZDkzODMzM2I0OGRlMmM0NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeBIausz+qf59OJgv8L3likEFfQD
JolC5qP/G+L92yNKCAYNqKcIS1PU5D9o99IseFWJZ590uT3ZnxspZxs0utD4oOPY
tfrePZiL1KqO37eaqSVmFUlgQn4JqBjrSTDicf/fkS49n1hv4zVxtQ3es7ay275I
c4twlXKC9dFnZ1o5T3Ei7doSAq5nvtt+V2WGs1U+VOjo0s70ETCDmo8mgI1PCG8c
bG94aNR01sV5aQAH+igqk3tT2cJIeaLfM5bPDaeXroEWrEG+BherobU+eogdgG2m
U28CL3eX7sujvAU29CWEoxntBQuVWsxGDFpsv99gmCX1nC4I+65bCIjOMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNffBAKPwDq3ZfYH2TgzO0jeLEXaMB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvMTk4RUFvX0FPcmRsOWdmWk9ETTdTTjRzUmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJdBAAwQD
TffoAwQFXPEAMA0EAgACMAcDBQAqAMnAMA0GCSqGSIb3DQEBCwUAA4IBAQBwBVQn
uRuINsmwIz0Qs26hznGQEH2cZV0nmV+QfeF2bQNeM4dYn+KP06F5rJGAwgXQiNAz
TwoKKJDZEjoT0x1E3DMEpFRuxLkX132eWlqm+L42XzSE7haeNhwne/9oeiFjUKn1
+uS8zoJXf1WoIs5yPiJWo5ych9hWjnS01cvwA8VpIvpPmUh/ocrjybOkkmEL2IZ6
N/NLhDfbS+Xa3/1W+pfXMYCPDWo2E8yAEkhwgt02HETmBOO/RxKtxMAwm253sy1r
D0QUgrT5RN+F8qHrkaiLLk9lvhmuR/Nb0SCM5AcxKlcxW9g4AQDD1vezm1sCS503
I8g5fAlGoYGvBPdH
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:38:13 2024 by rpki-client on console-ams.rpki-client.org