Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/z537zMIHM9HICyGvtGvZxsGxagU.roa
File: z537zMIHM9HICyGvtGvZxsGxagU.roa (raw, json)
Hash identifier: NfsueXDugsm13VF2FR2ijERe5F1WU74Kl/jzHiIHs4A=
Subject key identifier: CF:9D:FB:CC:C2:07:33:D1:C8:0B:21:AF:B4:6B:D9:C6:C1:B1:6A:05
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 01927294DF29553098E81B0242517594608A
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/z537zMIHM9HICyGvtGvZxsGxagU.roa
Signing time: Wed 09 Oct 2024 18:40:11 +0000
ROA not before: Wed 09 Oct 2024 18:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6697
IP address blocks: 91.149.157.0/24 maxlen: 24
91.149.158.0/24 maxlen: 24
91.149.166.0/24 maxlen: 24
93.125.30.0/23 maxlen: 23
93.125.31.0/24 maxlen: 24
93.125.38.0/24 maxlen: 24
93.125.48.0/24 maxlen: 24
93.125.53.0/24 maxlen: 24
93.125.71.0/24 maxlen: 24
93.125.99.0/24 maxlen: 24
178.172.148.0/24 maxlen: 24
178.172.160.0/22 maxlen: 22
178.172.172.0/23 maxlen: 23
178.172.201.0/24 maxlen: 24
178.172.235.0/24 maxlen: 24
178.172.236.0/24 maxlen: 24
178.172.244.0/24 maxlen: 24
178.172.250.0/24 maxlen: 24
178.172.254.0/24 maxlen: 24
2a04:2e80:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:94:df:29:55:30:98:e8:1b:02:42:51:75:94:60:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Oct 9 18:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf9dfbccc20733d1c80b21afb46bd9c6c1b16a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:53:69:77:61:ed:a8:39:97:f1:ef:d8:4b:
d9:01:3f:2e:9d:7e:54:8e:f5:60:83:6c:2a:6f:39:
3b:60:27:a9:22:dc:4c:f4:0c:4d:e3:07:5b:fb:5f:
86:4d:fd:73:21:d4:0f:c4:29:2c:81:f1:52:c2:37:
eb:d4:b0:7d:f3:ab:0e:9b:47:c8:3a:b2:2e:37:90:
5e:5e:4a:cf:7a:d0:e8:b7:46:a5:6e:5e:03:02:b7:
ba:bf:9e:56:ef:55:44:5a:1b:6e:25:3c:db:ce:33:
4d:9a:b3:9f:f8:75:ec:59:dd:3e:e6:29:ca:07:45:
03:a1:95:58:7c:82:11:64:24:34:b8:5f:79:5c:70:
cf:b3:49:2f:73:a3:b1:f5:52:52:65:b0:18:ac:71:
7b:87:c5:ca:3b:e9:c2:0f:1f:b6:57:43:0d:e7:7b:
48:55:f9:c2:e6:85:bb:b9:7d:4e:cd:ef:b0:1b:45:
ae:0d:02:a7:37:82:0e:08:c9:df:6f:91:f2:9e:f8:
e0:a3:90:20:b3:60:9d:7b:a4:c9:b8:c3:b2:9d:03:
dc:f4:0b:d1:c1:d4:51:85:14:50:16:09:26:aa:a1:
19:10:35:b9:9c:10:7f:98:e0:b9:20:37:65:0a:b3:
7f:a7:50:97:ad:d8:62:a5:26:cc:fb:48:98:ce:cc:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9D:FB:CC:C2:07:33:D1:C8:0B:21:AF:B4:6B:D9:C6:C1:B1:6A:05
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/z537zMIHM9HICyGvtGvZxsGxagU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.157.0-91.149.158.255
91.149.166.0/24
93.125.30.0/23
93.125.38.0/24
93.125.48.0/24
93.125.53.0/24
93.125.71.0/24
93.125.99.0/24
178.172.148.0/24
178.172.160.0/22
178.172.172.0/23
178.172.201.0/24
178.172.235.0-178.172.236.255
178.172.244.0/24
178.172.250.0/24
178.172.254.0/24
IPv6:
2a04:2e80:7::/48
Signature Algorithm: sha256WithRSAEncryption
62:62:39:35:e3:e6:45:88:75:62:9a:84:d4:02:22:09:5c:7a:
dc:c6:12:b2:85:cd:0f:23:e5:31:74:c4:63:f8:b8:cb:3e:e5:
8c:57:18:bc:1e:38:ff:da:a3:bb:e7:06:e5:83:7d:84:f9:13:
86:82:e4:31:63:35:97:4e:cd:3a:d3:68:03:b3:0d:ca:97:e3:
44:14:b3:b1:da:70:3a:54:48:a8:ff:df:65:4a:5c:f8:58:21:
8f:43:11:4a:95:30:d5:94:be:1c:5a:f4:6d:55:56:18:8b:d0:
b4:be:23:db:bf:d6:01:4a:f3:0a:47:bf:7d:c0:38:d9:ec:93:
44:74:39:eb:10:3f:fd:7f:a6:7b:8a:d8:e1:69:1c:03:a0:83:
11:a7:8e:1e:1c:2a:bc:d8:dc:eb:e9:10:13:4d:76:8e:30:01:
14:b7:ce:3f:5a:ce:d9:50:e8:3b:33:c4:05:bc:0b:42:6b:91:
5e:dd:ab:02:3c:61:23:fc:c8:fd:e3:55:55:4a:5f:de:1c:04:
b2:09:d3:e8:3a:2d:91:32:24:dd:03:f3:7d:83:ab:4f:d2:6c:
b5:65:f9:5b:0a:89:e1:9d:0a:a6:cf:c1:7f:b7:2a:71:e0:62:
41:7e:98:5f:c9:b6:e0:bb:b7:22:33:b0:68:47:8f:09:31:c5:
57:3c:bf:f0
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZJylN8pVTCY6BsCQlF1lGCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQxMDA5MTg0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjlkZmJjY2MyMDczM2QxYzgwYjIxYWZiNDZiZDljNmMxYjE2YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR5TaXdh7ag5l/Hv2EvZAT8unX5U
jvVgg2wqbzk7YCepItxM9AxN4wdb+1+GTf1zIdQPxCksgfFSwjfr1LB986sOm0fI
OrIuN5BeXkrPetDot0albl4DAre6v55W71VEWhtuJTzbzjNNmrOf+HXsWd0+5inK
B0UDoZVYfIIRZCQ0uF95XHDPs0kvc6Ox9VJSZbAYrHF7h8XKO+nCDx+2V0MN53tI
VfnC5oW7uX1Oze+wG0WuDQKnN4IOCMnfb5Hynvjgo5Ags2Cde6TJuMOynQPc9AvR
wdRRhRRQFgkmqqEZEDW5nBB/mOC5IDdlCrN/p1CXrdhipSbM+0iYzswSFwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFM+d+8zCBzPRyAshr7Rr2cbBsWoFMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvejUzN3pNSUhNOUhJQ3lHdnRHdlp4c0d4YWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB2BAIAATBwMAwDBABb
lZ0DBABblZ4DBABblaYDBAFdfR4DBABdfSYDBABdfTADBABdfTUDBABdfUcDBABd
fWMDBACyrJQDBAKyrKADBAGyrKwDBACyrMkwDAMEALKs6wMEALKs7AMEALKs9AME
ALKs+gMEALKs/jAPBAIAAjAJAwcAKgQugAAHMA0GCSqGSIb3DQEBCwUAA4IBAQBi
Yjk14+ZFiHVimoTUAiIJXHrcxhKyhc0PI+UxdMRj+LjLPuWMVxi8Hjj/2qO75wbl
g32E+ROGguQxYzWXTs0602gDsw3Kl+NEFLOx2nA6VEio/99lSlz4WCGPQxFKlTDV
lL4cWvRtVVYYi9C0viPbv9YBSvMKR799wDjZ7JNEdDnrED/9f6Z7itjhaRwDoIMR
p44eHCq82Nzr6RATTXaOMAEUt84/Ws7ZUOg7M8QFvAtCa5Fe3asCPGEj/Mj941VV
Sl/eHASyCdPoOi2RMiTdA/N9g6tP0my1ZflbConhnQqmz8F/typx4GJBfphfybbg
u7ciM7BoR48JMcVXPL/w
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:34 2024 by rpki-client on console-ams.rpki-client.org