Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/nHuZCwRlGKRs8V-r8JCIMYlinEU.roa
File: nHuZCwRlGKRs8V-r8JCIMYlinEU.roa (raw, json)
Hash identifier: m0BKgFyiEIEyoroGXaKERZ4WgvseKbJtn15u+Ir+vYI=
Subject key identifier: 9C:7B:99:0B:04:65:18:A4:6C:F1:5F:AB:F0:90:88:31:89:62:9C:45
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 018CC56E398225BB83E4CC32B2BE881D34B2
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/nHuZCwRlGKRs8V-r8JCIMYlinEU.roa
Signing time: Mon 01 Jan 2024 14:29:44 +0000
ROA not before: Mon 01 Jan 2024 14:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6697
IP address blocks: 178.172.236.0/24 maxlen: 24
178.172.235.0/24 maxlen: 24
178.172.244.0/24 maxlen: 24
178.172.250.0/24 maxlen: 24
178.172.254.0/24 maxlen: 24
178.172.160.0/22 maxlen: 22
178.172.172.0/23 maxlen: 23
178.172.201.0/24 maxlen: 24
93.125.71.0/24 maxlen: 24
91.149.189.0/24 maxlen: 24
93.125.99.0/24 maxlen: 24
178.172.148.0/24 maxlen: 24
93.125.31.0/24 maxlen: 24
93.125.30.0/23 maxlen: 23
93.125.38.0/24 maxlen: 24
93.125.48.0/24 maxlen: 24
91.149.157.0/24 maxlen: 24
91.149.158.0/24 maxlen: 24
93.125.53.0/24 maxlen: 24
91.149.166.0/24 maxlen: 24
2a04:2e80:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:39:82:25:bb:83:e4:cc:32:b2:be:88:1d:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 1 14:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c7b990b046518a46cf15fabf090883189629c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2a:11:ef:72:01:1a:ec:69:ed:5c:d0:83:07:
54:c1:f3:02:83:d1:e7:be:d4:95:6e:d9:22:7d:74:
4e:58:e8:df:75:7b:cb:92:ff:d8:fb:03:e9:e4:d5:
e1:1a:b2:f3:be:45:f8:e8:fa:2d:d7:b7:6a:b6:e0:
94:ec:b1:36:ba:42:f1:50:43:dd:1d:01:ce:af:ef:
f1:ec:7f:25:e8:65:92:dd:b5:85:19:10:6a:19:d7:
f5:e1:40:7f:21:c6:4c:5f:a9:bd:15:5d:0c:1f:7f:
56:07:0d:ce:9b:ef:f5:50:cd:31:ad:05:59:3a:a8:
db:2a:3b:c8:57:d4:62:92:c1:1f:e4:d7:21:12:50:
5c:e2:2a:98:a3:eb:7f:9d:69:de:aa:13:3f:1c:7f:
60:97:5e:94:c7:53:98:5b:4b:15:b3:ad:60:75:40:
75:86:53:bf:63:f4:34:e6:60:2e:f1:07:57:3e:bd:
b8:08:f1:6b:ea:d3:f9:15:2f:4a:4a:07:ff:b5:27:
1a:bc:43:fb:21:bf:9c:11:61:86:b9:70:00:cc:96:
6c:3d:ee:04:47:7e:8e:52:70:b4:08:d7:cd:f6:c0:
c9:2d:08:fe:36:d8:f9:57:7d:7e:80:b6:c8:dc:52:
61:48:a1:72:1a:a4:cc:85:f6:35:2f:e6:5a:34:2a:
b3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7B:99:0B:04:65:18:A4:6C:F1:5F:AB:F0:90:88:31:89:62:9C:45
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/nHuZCwRlGKRs8V-r8JCIMYlinEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.157.0-91.149.158.255
91.149.166.0/24
91.149.189.0/24
93.125.30.0/23
93.125.38.0/24
93.125.48.0/24
93.125.53.0/24
93.125.71.0/24
93.125.99.0/24
178.172.148.0/24
178.172.160.0/22
178.172.172.0/23
178.172.201.0/24
178.172.235.0-178.172.236.255
178.172.244.0/24
178.172.250.0/24
178.172.254.0/24
IPv6:
2a04:2e80:7::/48
Signature Algorithm: sha256WithRSAEncryption
42:7b:db:46:b0:bc:14:1e:a0:8b:50:c0:2f:1c:6c:6c:6d:4c:
3c:c3:b0:6f:c8:be:3b:12:64:a5:3d:36:e9:2c:8d:55:cc:83:
6c:58:a9:03:50:b6:53:f9:04:67:dc:b8:17:5a:3c:cc:db:c3:
c2:fb:97:08:ee:16:57:a4:f8:82:7c:ea:ee:97:8c:b8:ad:cf:
2b:3d:bf:78:c4:fe:6e:b8:ef:0d:a1:27:eb:97:cd:b2:27:56:
25:4f:f3:75:29:cb:32:67:2e:46:0b:8c:9c:b2:0c:11:f1:77:
27:70:be:05:79:3d:b7:dd:8f:2d:08:ac:a0:28:14:66:c6:8a:
ed:79:34:69:15:f4:e4:53:69:97:0e:4e:9c:b7:97:53:73:d0:
3c:11:ff:53:29:63:a2:94:f9:19:4f:39:db:12:de:d4:e6:0f:
f6:ca:c8:72:bd:c3:5e:70:80:c0:e2:af:eb:3a:f9:89:b6:ea:
04:d4:df:9d:cf:97:db:f2:38:fe:28:3e:cc:14:13:e4:d4:66:
36:02:b7:88:ff:9b:22:4b:87:13:ae:c9:f5:71:2a:7b:38:fa:
98:db:63:df:bc:9b:43:68:1b:fb:b0:dd:9b:71:1e:0b:66:7c:
17:2f:a2:23:4d:5b:c4:ff:fe:5c:ce:35:fc:fb:50:e6:61:a6:
82:cb:19:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYzFbjmCJbuD5Mwysr6IHTSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQwMTAxMTQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdiOTkwYjA0NjUxOGE0NmNmMTVmYWJmMDkwODgzMTg5NjI5YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCoR73IBGuxp7VzQgwdUwfMCg9Hn
vtSVbtkifXROWOjfdXvLkv/Y+wPp5NXhGrLzvkX46Pot17dqtuCU7LE2ukLxUEPd
HQHOr+/x7H8l6GWS3bWFGRBqGdf14UB/IcZMX6m9FV0MH39WBw3Om+/1UM0xrQVZ
OqjbKjvIV9RiksEf5NchElBc4iqYo+t/nWneqhM/HH9gl16Ux1OYW0sVs61gdUB1
hlO/Y/Q05mAu8QdXPr24CPFr6tP5FS9KSgf/tScavEP7Ib+cEWGGuXAAzJZsPe4E
R36OUnC0CNfN9sDJLQj+Ntj5V31+gLbI3FJhSKFyGqTMhfY1L+ZaNCqzGwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFJx7mQsEZRikbPFfq/CQiDGJYpxFMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvbkh1WkN3UmxHS1JzOFYtcjhKQ0lNWWxpbkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB8BAIAATB2MAwDBABb
lZ0DBABblZ4DBABblaYDBABblb0DBAFdfR4DBABdfSYDBABdfTADBABdfTUDBABd
fUcDBABdfWMDBACyrJQDBAKyrKADBAGyrKwDBACyrMkwDAMEALKs6wMEALKs7AME
ALKs9AMEALKs+gMEALKs/jAPBAIAAjAJAwcAKgQugAAHMA0GCSqGSIb3DQEBCwUA
A4IBAQBCe9tGsLwUHqCLUMAvHGxsbUw8w7BvyL47EmSlPTbpLI1VzINsWKkDULZT
+QRn3LgXWjzM28PC+5cI7hZXpPiCfOrul4y4rc8rPb94xP5uuO8NoSfrl82yJ1Yl
T/N1KcsyZy5GC4ycsgwR8XcncL4FeT233Y8tCKygKBRmxorteTRpFfTkU2mXDk6c
t5dTc9A8Ef9TKWOilPkZTznbEt7U5g/2yshyvcNecIDA4q/rOvmJtuoE1N+dz5fb
8jj+KD7MFBPk1GY2AreI/5siS4cTrsn1cSp7OPqY22PfvJtDaBv7sN2bcR4LZnwX
L6IjTVvE//5czjX8+1DmYaaCyxls
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:03:49 2024 by rpki-client on console-ams.rpki-client.org