Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa
File: aAN4Y6aFeNiyrXmF66Che-v2j9A.roa (raw, json)
Hash identifier: /zEIr9qB0nwoKE+O55vAncKCcwXsb3mN1frosczDNiE=
Subject key identifier: 68:03:78:63:A6:85:78:D8:B2:AD:79:85:EB:A0:A1:7B:EB:F6:8F:D0
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 018CC86F7325C0FADA053A9B70D6DF6E34A8
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa
Signing time: Tue 02 Jan 2024 04:29:56 +0000
ROA not before: Tue 02 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20853
IP address blocks: 178.236.246.0/24 maxlen: 24
178.236.247.0/24 maxlen: 24
194.59.186.0/24 maxlen: 24
178.236.254.0/24 maxlen: 24
94.228.162.0/24 maxlen: 24
94.228.163.0/24 maxlen: 24
94.228.165.0/24 maxlen: 24
94.228.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:73:25:c0:fa:da:05:3a:9b:70:d6:df:6e:34:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Jan 2 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68037863a68578d8b2ad7985eba0a17bebf68fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ae:84:d4:e8:3d:2a:51:52:a3:38:19:f6:ee:
98:a6:af:8b:51:87:94:b1:c1:6e:15:53:79:ec:bd:
a0:46:cc:6a:c0:e3:30:4d:87:e0:76:2c:4b:81:2d:
ac:e2:43:67:a8:ac:c2:ab:10:2c:db:d2:69:38:94:
16:54:2c:a8:2a:b6:2b:0d:a2:78:ab:b4:49:e2:5e:
37:5c:7d:46:75:c3:52:b8:df:b4:88:2e:81:94:47:
76:8f:93:14:c3:81:4b:77:cf:6d:b3:44:93:2f:7e:
55:06:92:04:80:bd:ed:a8:90:e1:15:83:66:13:6c:
f3:42:30:f0:ae:01:4a:ae:9a:43:58:bf:93:cf:d1:
9f:3c:04:30:2b:5d:cf:fe:ef:da:e3:01:40:30:ef:
9b:66:65:ed:3a:ad:ac:8e:d8:0b:5d:51:7c:e5:f1:
61:8b:77:4f:1e:37:02:73:36:ef:44:55:93:a1:df:
64:37:56:d7:8a:df:7b:4f:f7:e4:76:83:30:cf:ee:
4f:70:02:f1:07:8f:b6:de:9e:75:59:81:24:96:18:
09:02:4f:c2:ed:f6:0b:9f:d0:3b:98:9b:0a:07:8b:
f8:5b:1a:92:d6:18:10:d3:c4:95:4d:ce:f3:f5:a3:
57:c4:c6:2a:d8:e1:36:30:46:da:aa:3e:e2:5e:c7:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:03:78:63:A6:85:78:D8:B2:AD:79:85:EB:A0:A1:7B:EB:F6:8F:D0
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.162.0-94.228.165.255
178.236.246.0/23
178.236.254.0/24
194.59.186.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ae:eb:3d:fd:59:18:59:a4:2f:0a:1c:18:d7:0d:2c:1e:4e:
60:ce:a6:3e:20:ee:ae:59:1e:cd:b3:96:cf:fb:c7:cb:b8:20:
83:89:0d:7c:97:71:19:38:4e:3e:9d:64:33:00:40:ad:98:2e:
c6:ff:31:f2:0a:b8:dc:6f:07:97:39:26:66:d0:90:4d:da:94:
7f:71:02:61:f0:fc:b3:55:19:3e:e0:3b:5b:bf:43:12:05:43:
ae:d4:69:6c:09:50:a9:30:37:25:9a:92:89:ac:c6:1a:93:af:
d4:05:4f:1e:81:24:25:3a:fb:c0:0e:f2:e6:3c:bc:b0:08:59:
2c:4d:8b:e3:83:ae:0c:b5:98:55:14:94:79:5f:c8:3e:03:11:
aa:38:dc:b7:11:cb:1c:32:3b:3b:f2:eb:66:33:99:e8:43:aa:
87:e4:81:62:fb:91:a2:45:ab:20:c1:9f:9a:c2:eb:c6:a5:72:
4e:84:cc:48:59:6a:18:db:79:2e:b1:73:b2:81:17:12:7b:a3:
3c:7d:25:63:19:ce:f5:da:54:ff:90:87:30:96:7c:67:38:01:
6b:cd:9e:bb:35:8a:18:04:11:cd:e0:03:fd:ea:95:5f:e9:64:
bf:31:08:a9:b0:b3:4d:30:3f:e6:35:c6:86:3b:7f:a5:a1:50:
11:a3:f9:93
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIb3MlwPraBTqbcNbfbjSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODAzNzg2M2E2ODU3OGQ4YjJhZDc5ODVlYmEwYTE3YmViZjY4ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka6E1Og9KlFSozgZ9u6Ypq+LUYeU
scFuFVN57L2gRsxqwOMwTYfgdixLgS2s4kNnqKzCqxAs29JpOJQWVCyoKrYrDaJ4
q7RJ4l43XH1GdcNSuN+0iC6BlEd2j5MUw4FLd89ts0STL35VBpIEgL3tqJDhFYNm
E2zzQjDwrgFKrppDWL+Tz9GfPAQwK13P/u/a4wFAMO+bZmXtOq2sjtgLXVF85fFh
i3dPHjcCczbvRFWTod9kN1bXit97T/fkdoMwz+5PcALxB4+23p51WYEklhgJAk/C
7fYLn9A7mJsKB4v4WxqS1hgQ08SVTc7z9aNXxMYq2OE2MEbaqj7iXsdFvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGgDeGOmhXjYsq15heugoXvr9o/QMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvYUFONFk2YUZlTml5clhtRjY2Q2hlLXYyajlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAFe5KID
BAFe5KQDBAGy7PYDBACy7P4DBADCO7owDQYJKoZIhvcNAQELBQADggEBALCu6z39
WRhZpC8KHBjXDSweTmDOpj4g7q5ZHs2zls/7x8u4IIOJDXyXcRk4Tj6dZDMAQK2Y
Lsb/MfIKuNxvB5c5JmbQkE3alH9xAmHw/LNVGT7gO1u/QxIFQ67UaWwJUKkwNyWa
komsxhqTr9QFTx6BJCU6+8AO8uY8vLAIWSxNi+ODrgy1mFUUlHlfyD4DEao43LcR
yxwyOzvy62YzmehDqofkgWL7kaJFqyDBn5rC68alck6EzEhZahjbeS6xc7KBFxJ7
ozx9JWMZzvXaVP+QhzCWfGc4AWvNnrs1ihgEEc3gA/3qlV/pZL8xCKmws00wP+Y1
xoY7f6WhUBGj+ZM=
-----END CERTIFICATE-----
Generated at Sun May 19 22:59:46 2024 by rpki-client on console-fra.rpki-client.org