Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/f95Xwu8A-mV2QifeDJKomnMcmX4.roa
File: f95Xwu8A-mV2QifeDJKomnMcmX4.roa (raw, json)
Hash identifier: uQfRgT8Su7dVG2xkWF2JHASU3fQegYgD3XvAI4S8msE=
Subject key identifier: 7F:DE:57:C2:EF:00:FA:65:76:42:27:DE:0C:92:A8:9A:73:1C:99:7E
Certificate issuer: /CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Certificate serial: 018CC5DC3AF4136CC4C59C1821EE7D0DD056
Authority key identifier: 26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/f95Xwu8A-mV2QifeDJKomnMcmX4.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51906
IP address blocks: 31.204.112.0/20 maxlen: 24
79.171.56.0/21 maxlen: 24
91.106.0.0/20 maxlen: 24
146.66.224.0/21 maxlen: 24
185.2.120.0/22 maxlen: 24
176.241.160.0/20 maxlen: 24
37.130.128.0/20 maxlen: 24
2a00:7380::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3a:f4:13:6c:c4:c5:9c:18:21:ee:7d:0d:d0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fde57c2ef00fa65764227de0c92a89a731c997e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:72:a4:62:6a:70:2a:85:78:ca:46:86:69:
12:75:ec:62:e7:c4:76:91:75:86:5b:cb:11:74:fb:
89:36:b1:62:1d:d1:ba:b3:78:40:9d:d4:57:c3:51:
57:82:69:b2:5e:55:7a:a7:09:13:00:12:58:da:a1:
38:fa:26:e0:2a:01:e3:46:ae:5f:98:a7:b8:92:ae:
5d:1c:d5:5b:66:f9:55:03:e1:51:bd:27:c2:51:7f:
9c:e0:97:4e:c2:d2:4c:2d:36:36:1f:0b:57:15:41:
6a:7d:09:4c:5c:5d:92:bf:f7:32:a8:e8:50:04:e2:
3d:3f:68:75:f7:32:1f:5b:b4:b8:78:0e:b1:25:1f:
70:df:93:d0:22:ec:88:b5:df:5a:2e:5f:3f:19:bb:
3e:41:eb:03:e9:5b:89:46:5d:c1:4b:d9:50:84:94:
43:c5:6f:fa:ed:3d:2d:b0:30:9c:e1:a9:27:24:df:
c6:e5:be:77:8d:ca:2c:39:33:00:6e:72:eb:8c:fc:
50:25:57:31:dc:fc:13:08:9d:c0:66:22:06:35:9e:
d7:21:7c:e3:b8:c6:cc:90:36:48:41:e3:41:a1:9b:
6e:bf:23:89:fb:9e:7d:ab:ae:17:d3:4e:fe:66:f9:
58:70:bd:35:28:b3:01:59:3a:f2:38:67:ad:52:b3:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DE:57:C2:EF:00:FA:65:76:42:27:DE:0C:92:A8:9A:73:1C:99:7E
X509v3 Authority Key Identifier:
keyid:26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/f95Xwu8A-mV2QifeDJKomnMcmX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.112.0/20
37.130.128.0/20
79.171.56.0/21
91.106.0.0/20
146.66.224.0/21
176.241.160.0/20
185.2.120.0/22
IPv6:
2a00:7380::/32
Signature Algorithm: sha256WithRSAEncryption
0a:94:b0:aa:2a:6d:a5:89:7c:b1:35:cb:75:82:73:62:bb:38:
35:1d:f7:a6:05:d5:78:e4:9d:b5:d8:be:ea:86:f8:c7:8b:ab:
a0:5c:87:f4:2a:2d:0a:a8:08:8d:d2:6d:b1:f1:fc:50:6e:29:
68:10:13:d9:0f:3f:33:35:32:a8:48:e1:04:d7:47:a1:e6:80:
81:d8:7b:90:69:a2:a2:86:e3:d1:36:de:81:46:4c:ff:dd:94:
00:73:3a:61:be:71:4c:14:74:19:ad:ef:6f:12:b2:17:df:aa:
7d:09:9b:65:10:b3:03:c9:5d:27:5a:8f:e4:dc:c9:69:85:96:
a8:a5:82:9e:d2:65:30:a6:7c:08:d0:ee:8f:ee:f9:f8:94:63:
71:c3:8a:ec:8d:d2:2b:b6:e1:b0:56:98:48:9d:dd:02:f8:7a:
60:fe:3d:e2:85:70:b4:fe:87:bb:50:01:1f:af:f2:a5:71:7c:
97:08:4e:e3:1d:79:82:f5:66:dd:f8:03:09:3e:30:b0:01:23:
99:7b:77:91:54:2a:49:c0:e9:7e:93:44:73:53:3f:7e:9d:a4:
35:e5:26:25:9c:93:8a:de:3b:e3:49:17:7a:fa:ea:d7:50:2c:
43:9c:08:06:be:b9:40:5d:af:64:c0:d5:4e:1a:4c:f5:b7:e3:
8f:eb:8b:39
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzF3Dr0E2zExZwYIe59DdBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODhlZjM3M2Y4ZjAwZTAxYzI1Y2Y5MjRiNGYyZThlYzZh
MjE5ZDEwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmRlNTdjMmVmMDBmYTY1NzY0MjI3ZGUwYzkyYTg5YTczMWM5OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2RypGJqcCqFeMpGhmkSdexi58R2
kXWGW8sRdPuJNrFiHdG6s3hAndRXw1FXgmmyXlV6pwkTABJY2qE4+ibgKgHjRq5f
mKe4kq5dHNVbZvlVA+FRvSfCUX+c4JdOwtJMLTY2HwtXFUFqfQlMXF2Sv/cyqOhQ
BOI9P2h19zIfW7S4eA6xJR9w35PQIuyItd9aLl8/Gbs+QesD6VuJRl3BS9lQhJRD
xW/67T0tsDCc4aknJN/G5b53jcosOTMAbnLrjPxQJVcx3PwTCJ3AZiIGNZ7XIXzj
uMbMkDZIQeNBoZtuvyOJ+559q64X007+ZvlYcL01KLMBWTryOGetUrNWIQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFH/eV8LvAPpldkIn3gySqJpzHJl+MB8GA1UdIwQY
MBaAFCaI7zc/jwDgHCXPkktPLo7GohnRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAt
N2Y3OGEzYmFhN2MxLzEvZjk1WHd1OEEtbVYyUWlmZURKS29tbk1jbVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNmYzMzktODQ1NS00ZGI0LWE2NTAtN2Y3OGEzYmFhN2Mx
LzEvSm9qdk56LVBBT0FjSmMtU1MwOHVqc2FpR2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEH8xwAwQE
JYKAAwQDT6s4AwQEW2oAAwQDkkLgAwQEsPGgAwQCuQJ4MA0EAgACMAcDBQAqAHOA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKlLCqKm2liXyxNct1gnNiuzg1HfemBdV45J21
2L7qhvjHi6ugXIf0Ki0KqAiN0m2x8fxQbiloEBPZDz8zNTKoSOEE10eh5oCB2HuQ
aaKihuPRNt6BRkz/3ZQAczphvnFMFHQZre9vErIX36p9CZtlELMDyV0nWo/k3Mlp
hZaopYKe0mUwpnwI0O6P7vn4lGNxw4rsjdIrtuGwVphInd0C+Hpg/j3ihXC0/oe7
UAEfr/KlcXyXCE7jHXmC9Wbd+AMJPjCwASOZe3eRVCpJwOl+k0RzUz9+naQ15SYl
nJOK3jvjSRd6+urXUCxDnAgGvrlAXa9kwNVOGkz1t+OP64s5
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:28:38 2024 by rpki-client on console-ams.rpki-client.org