Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa
File: F15w2A0ubKLY5k6GyzxgzrNpF78.roa (raw, json)
Hash identifier: YLB8l7/6PITXbDPGWOo8xqBAdb5qNauibVpd4MM2FP0=
Subject key identifier: 17:5E:70:D8:0D:2E:6C:A2:D8:E6:4E:86:CB:3C:60:CE:B3:69:17:BF
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 018E3154ED6FD16BFB70010DF5AD3338BDFE
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa
Signing time: Tue 12 Mar 2024 06:23:53 +0000
ROA not before: Tue 12 Mar 2024 06:23:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56740
IP address blocks: 87.252.234.0/24 maxlen: 24
87.252.237.0/24 maxlen: 24
87.252.238.0/24 maxlen: 24
87.252.240.0/24 maxlen: 24
91.149.167.0/24 maxlen: 24
93.125.18.0/24 maxlen: 24
93.125.60.0/23 maxlen: 23
93.125.114.0/24 maxlen: 24
178.172.164.0/24 maxlen: 24
178.172.165.0/24 maxlen: 24
178.172.212.0/24 maxlen: 24
178.172.217.0/24 maxlen: 24
178.172.220.0/24 maxlen: 24
178.172.247.0/24 maxlen: 24
178.172.251.0/24 maxlen: 24
178.172.255.0/24 maxlen: 24
213.184.236.0/24 maxlen: 24
213.184.240.0/24 maxlen: 24
217.21.44.0/24 maxlen: 24
217.21.52.0/24 maxlen: 24
217.21.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:54:ed:6f:d1:6b:fb:70:01:0d:f5:ad:33:38:bd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Mar 12 06:23:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=175e70d80d2e6ca2d8e64e86cb3c60ceb36917bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5b:65:65:18:40:97:29:4e:49:82:51:64:36:
fe:50:7b:be:cb:ec:ad:25:65:b2:4f:ce:57:84:4b:
67:d9:7d:86:50:53:8b:12:c0:61:d9:b4:30:5e:75:
09:e8:f2:16:f9:fe:00:43:a3:8b:8f:03:f5:24:97:
25:f8:84:1b:19:60:4b:fc:1e:34:a9:8d:0e:31:4f:
27:74:8e:77:4f:f3:e6:e1:8b:1c:c8:8f:ec:6e:10:
c5:e1:2e:68:6c:db:83:b2:55:cf:c7:a5:fa:57:dd:
d6:04:ed:e3:9d:fe:cd:88:db:ef:b5:43:bf:23:9a:
e8:2c:e8:31:f9:0e:6c:30:67:ba:ce:ed:fa:6f:47:
98:bc:28:b3:93:44:72:4b:5c:fd:38:d6:2c:5a:e1:
f9:2c:47:a7:a3:e6:c2:a0:e3:66:c3:f6:b6:61:e0:
fe:5c:89:4f:be:61:71:bf:0d:5e:bf:b6:75:ab:2f:
df:a7:b3:b1:51:d0:0b:00:a9:59:46:11:0e:12:61:
0d:39:44:ef:ab:cf:be:2d:9f:9e:d5:57:16:9b:9a:
78:8c:06:cb:62:3a:14:4e:bf:39:f0:5f:24:ea:e3:
6e:b0:03:b7:2d:00:0f:1c:b2:06:6f:33:61:4f:2a:
db:1d:24:4e:7d:6c:7f:68:51:26:86:34:2f:70:d6:
ba:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5E:70:D8:0D:2E:6C:A2:D8:E6:4E:86:CB:3C:60:CE:B3:69:17:BF
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.234.0/24
87.252.237.0-87.252.238.255
87.252.240.0/24
91.149.167.0/24
93.125.18.0/24
93.125.60.0/23
93.125.114.0/24
178.172.164.0/23
178.172.212.0/24
178.172.217.0/24
178.172.220.0/24
178.172.247.0/24
178.172.251.0/24
178.172.255.0/24
213.184.236.0/24
213.184.240.0/24
217.21.44.0/24
217.21.52.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:68:22:a5:7e:bc:b6:66:91:a5:43:33:f9:82:e7:07:b9:7f:
bb:4f:08:f6:f3:cb:02:da:b5:9c:10:ed:fa:8d:93:5f:5a:3e:
7b:d7:77:e4:a0:d4:b3:e7:9e:9e:fa:d1:2b:ff:bc:07:59:ad:
50:25:ef:3c:6c:0c:d3:5a:30:08:e5:fa:89:2e:0a:d2:06:c3:
9b:95:77:af:c8:d4:5b:1d:f8:90:ca:90:ec:ce:63:d2:42:ff:
b6:e0:ca:4c:64:4a:02:dc:e5:79:4c:df:c0:20:0f:da:c7:c1:
ba:36:d6:a8:1b:b7:19:0a:a6:4b:1e:d1:0d:8e:0c:74:06:cf:
0a:df:aa:78:63:6c:38:fc:52:8c:ca:51:19:1d:47:ef:07:73:
8e:c0:1f:63:e9:9c:84:e0:2e:f5:49:ff:73:47:03:5e:38:75:
5b:de:1b:d1:1d:e2:69:dc:2c:ec:98:61:29:5e:86:bb:de:8f:
d2:31:ed:08:b4:d7:32:b7:93:c9:74:e9:b1:81:04:d8:b4:b0:
71:65:be:e8:7e:08:92:3d:e3:62:3b:06:3b:9c:6e:f7:18:fc:
33:f7:60:7b:a9:4b:47:67:0d:c3:be:c3:c9:8a:0b:50:70:90:
3e:a4:df:95:c2:20:e4:e7:02:96:25:05:64:01:19:9d:4e:ab:
27:5c:31:69
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY4xVO1v0Wv7cAEN9a0zOL3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQwMzEyMDYyMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVlNzBkODBkMmU2Y2EyZDhlNjRlODZjYjNjNjBjZWIzNjkxN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFtlZRhAlylOSYJRZDb+UHu+y+yt
JWWyT85XhEtn2X2GUFOLEsBh2bQwXnUJ6PIW+f4AQ6OLjwP1JJcl+IQbGWBL/B40
qY0OMU8ndI53T/Pm4YscyI/sbhDF4S5obNuDslXPx6X6V93WBO3jnf7NiNvvtUO/
I5roLOgx+Q5sMGe6zu36b0eYvCizk0RyS1z9ONYsWuH5LEeno+bCoONmw/a2YeD+
XIlPvmFxvw1ev7Z1qy/fp7OxUdALAKlZRhEOEmENOUTvq8++LZ+e1VcWm5p4jAbL
YjoUTr858F8k6uNusAO3LQAPHLIGbzNhTyrbHSROfWx/aFEmhjQvcNa65wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFBdecNgNLmyi2OZOhss8YM6zaRe/MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvRjE1dzJBMHViS0xZNWs2R3l6eGd6ck5wRjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFf86jAM
AwQAV/ztAwQAV/zuAwQAV/zwAwQAW5WnAwQAXX0SAwQBXX08AwQAXX1yAwQBsqyk
AwQAsqzUAwQAsqzZAwQAsqzcAwQAsqz3AwQAsqz7AwQAsqz/AwQA1bjsAwQA1bjw
AwQA2RUsAwQB2RU0MA0GCSqGSIb3DQEBCwUAA4IBAQBcaCKlfry2ZpGlQzP5gucH
uX+7Twj288sC2rWcEO36jZNfWj5713fkoNSz556e+tEr/7wHWa1QJe88bAzTWjAI
5fqJLgrSBsOblXevyNRbHfiQypDszmPSQv+24MpMZEoC3OV5TN/AIA/ax8G6Ntao
G7cZCqZLHtENjgx0Bs8K36p4Y2w4/FKMylEZHUfvB3OOwB9j6ZyE4C71Sf9zRwNe
OHVb3hvRHeJp3CzsmGEpXoa73o/SMe0ItNcyt5PJdOmxgQTYtLBxZb7ofgiSPeNi
OwY7nG73GPwz92B7qUtHZw3DvsPJigtQcJA+pN+VwiDk5wKWJQVkARmdTqsnXDFp
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:57:38 2024 by rpki-client on console-ams.rpki-client.org