Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/W7Tt-Aqrl2iSvDAYrVnPvSZpHAo.roa
File: W7Tt-Aqrl2iSvDAYrVnPvSZpHAo.roa (raw, json)
Hash identifier: eC0/U75oKGY98kMfj4CcCsgeIGMERGATzgLsxpcfd50=
Subject key identifier: 5B:B4:ED:F8:0A:AB:97:68:92:BC:30:18:AD:59:CF:BD:26:69:1C:0A
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018DE9EC84C1C9CAD427E8EEFE4FB99B8F11
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/W7Tt-Aqrl2iSvDAYrVnPvSZpHAo.roa
Signing time: Tue 27 Feb 2024 09:36:48 +0000
ROA not before: Tue 27 Feb 2024 09:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:ec:84:c1:c9:ca:d4:27:e8:ee:fe:4f:b9:9b:8f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 27 09:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bb4edf80aab976892bc3018ad59cfbd26691c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:1b:82:9a:8d:aa:99:16:dd:d4:46:93:ca:
f0:12:f5:2f:99:b5:ed:de:41:e3:0c:e6:89:e1:f0:
35:92:e4:9b:c1:d9:ae:92:5f:cd:53:76:0b:3b:c7:
20:b3:1b:a8:ff:a7:fd:98:4a:6b:aa:b7:7d:1b:7b:
80:91:d4:35:ce:b7:62:c7:9a:54:93:10:ed:4a:90:
ff:70:51:22:b5:e0:be:55:f9:f3:4b:2f:00:fc:a4:
69:f1:86:d3:76:73:fe:39:ff:aa:59:ae:21:34:23:
c0:04:a0:06:2b:5e:e1:38:a5:97:21:b3:63:1a:eb:
43:8a:48:10:1a:35:9a:30:ba:1b:3a:0c:1c:73:3d:
68:70:be:52:ec:ca:98:36:51:5f:9a:f9:01:f6:ab:
09:e8:f4:e8:9d:c0:21:5a:ad:1d:5f:4d:b0:99:db:
24:01:c6:6a:9e:44:11:f5:41:cc:7d:ae:d7:ce:84:
6c:76:9a:ac:e1:8f:7c:ef:6e:c2:ff:75:43:06:97:
60:f3:7e:68:ef:82:ed:24:54:24:09:c7:64:ea:d9:
7b:ff:c3:f5:05:fe:45:d7:cc:8c:47:76:d1:08:1e:
65:28:d5:2a:de:4e:85:67:9b:98:9c:8f:b3:38:2a:
5b:47:f3:a1:fe:1d:c3:b2:79:f2:81:ad:d7:d5:f8:
8b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B4:ED:F8:0A:AB:97:68:92:BC:30:18:AD:59:CF:BD:26:69:1C:0A
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/W7Tt-Aqrl2iSvDAYrVnPvSZpHAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.85.0.0-91.85.159.255
91.85.192.0/18
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
81:d1:d0:66:a3:9d:0d:5d:5a:dc:4c:a1:57:46:78:30:39:64:
aa:fe:93:2b:cd:19:54:17:7c:54:ba:93:c1:21:bb:4f:ce:3b:
34:e6:ec:b9:7f:9d:9a:b4:87:60:55:c7:a6:66:10:45:43:38:
13:f8:93:8e:79:3f:df:a6:63:53:d9:fd:50:85:b2:45:0d:2b:
1d:1d:52:6f:ca:aa:db:76:8a:31:f6:c3:c4:62:ad:ec:57:d8:
ae:d6:9f:7f:81:16:7b:ab:cf:9c:90:d0:ab:76:d9:49:0f:f8:
ba:b4:2b:c2:f5:b6:d3:28:82:3e:12:ba:0b:09:d5:cb:c3:e0:
39:46:1b:9d:c7:b1:62:31:35:7e:e8:fc:68:8c:65:3f:0e:6a:
5f:3a:b9:6a:5b:bc:3f:90:86:9f:db:dd:32:b8:66:01:f7:18:
be:3a:9c:bd:4a:fa:b8:80:87:87:ce:70:67:0a:00:6c:7e:57:
ff:2d:3a:72:36:1a:84:12:b4:13:02:81:89:83:9e:e6:98:dc:
c6:be:13:f5:38:cc:56:2f:0c:28:4a:ac:15:59:5c:a7:14:eb:
8c:2f:95:e9:12:83:da:a3:53:7d:ab:4b:49:45:ee:a8:15:14:
56:9b:ee:4d:3f:6f:af:f5:6b:a4:e3:63:0f:42:3f:90:4e:85:
c0:25:23:2c
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY3p7ITBycrUJ+ju/k+5m48RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjI3MDkzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI0ZWRmODBhYWI5NzY4OTJiYzMwMThhZDU5Y2ZiZDI2NjkxYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlUbgpqNqpkW3dRGk8rwEvUvmbXt
3kHjDOaJ4fA1kuSbwdmukl/NU3YLO8cgsxuo/6f9mEprqrd9G3uAkdQ1zrdix5pU
kxDtSpD/cFEiteC+VfnzSy8A/KRp8YbTdnP+Of+qWa4hNCPABKAGK17hOKWXIbNj
GutDikgQGjWaMLobOgwccz1ocL5S7MqYNlFfmvkB9qsJ6PToncAhWq0dX02wmdsk
AcZqnkQR9UHMfa7XzoRsdpqs4Y98727C/3VDBpdg835o74LtJFQkCcdk6tl7/8P1
Bf5F18yMR3bRCB5lKNUq3k6FZ5uYnI+zOCpbR/Oh/h3Dsnnyga3X1fiLvwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFFu07fgKq5dokrwwGK1Zz70maRwKMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvVzdUdC1BcXJsMmlTdkRBWXJWblB2U1pwSEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBnBAIAATBhMAsDAwBbVQME
BVtVgAMEBltVwDAMAwQA1GiBAwQA1GiCAwQA1GiEAwQA1GiIAwQA1GiPMAwDBADU
aJUDBADUaJYDBADUaJgwDAMEANRomwMEANRonAMEANRonwMEAdRsWDANBgkqhkiG
9w0BAQsFAAOCAQEAgdHQZqOdDV1a3EyhV0Z4MDlkqv6TK80ZVBd8VLqTwSG7T847
NObsuX+dmrSHYFXHpmYQRUM4E/iTjnk/36ZjU9n9UIWyRQ0rHR1Sb8qq23aKMfbD
xGKt7FfYrtaff4EWe6vPnJDQq3bZSQ/4urQrwvW20yiCPhK6CwnVy8PgOUYbncex
YjE1fuj8aIxlPw5qXzq5alu8P5CGn9vdMrhmAfcYvjqcvUr6uICHh85wZwoAbH5X
/y06cjYahBK0EwKBiYOe5pjcxr4T9TjMVi8MKEqsFVlcpxTrjC+V6RKD2qNTfatL
SUXuqBUUVpvuTT9vr/VrpONjD0I/kE6FwCUjLA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:07:20 2024 by rpki-client on console-fra.rpki-client.org