Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/7GSbY1_gWHYhWyY7frDktKtuUfM.roa
File: 7GSbY1_gWHYhWyY7frDktKtuUfM.roa (raw, json)
Hash identifier: Ad4vXfA1mAxrR3a0udtPLpfV90yxXaXUHxj/pfm8g3Q=
Subject key identifier: EC:64:9B:63:5F:E0:58:76:21:5B:26:3B:7E:B0:E4:B4:AB:6E:51:F3
Certificate issuer: /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial: 019096974590F0364F2B414C25AE58B95211
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/7GSbY1_gWHYhWyY7frDktKtuUfM.roa
Signing time: Tue 09 Jul 2024 08:23:34 +0000
ROA not before: Tue 09 Jul 2024 08:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201210
IP address blocks: 185.82.36.0/24 maxlen: 32
185.82.38.0/24 maxlen: 32
185.82.39.0/24 maxlen: 32
2001:4d70::/32 maxlen: 128
2a05:8cc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:97:45:90:f0:36:4f:2b:41:4c:25:ae:58:b9:52:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
Validity
Not Before: Jul 9 08:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec649b635fe05876215b263b7eb0e4b4ab6e51f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f3:46:a0:e2:97:28:21:55:4e:0a:b9:de:51:
b8:8a:1f:43:ba:9b:58:a8:cd:11:59:69:36:2e:6a:
da:e8:08:62:c4:7a:cb:df:1c:aa:10:9e:f9:7f:03:
db:bb:a5:2a:70:76:64:f2:e2:a3:79:4d:2b:9a:28:
8b:da:9c:ff:ff:80:79:3a:b4:24:b4:83:23:e0:25:
19:6a:0a:b9:79:30:1c:95:32:d9:b8:55:9b:3d:df:
a5:83:25:71:b4:90:4f:36:03:40:4c:f0:b9:c6:e9:
a7:ca:57:03:ea:9e:9e:c7:26:ee:33:df:b9:f5:25:
73:84:8c:44:ed:30:56:19:15:8c:09:1c:89:27:38:
f4:aa:fd:02:ef:8f:f1:60:57:c3:d9:80:21:94:61:
3d:0c:13:17:ff:05:31:ec:78:b8:a0:73:6b:0d:35:
46:fa:02:bf:7e:97:d2:06:02:c4:5e:a3:56:77:e0:
dd:b6:a1:dd:f2:7d:43:28:dd:03:ad:e1:ea:ea:98:
13:ca:54:6f:ba:8b:38:88:ef:1f:c8:28:ab:9b:8e:
54:59:1a:63:c9:73:62:ba:5a:b1:14:92:3d:10:e5:
86:5a:34:4c:c0:65:4d:77:2e:44:e0:b2:55:5d:fc:
a9:70:6d:0a:3c:ff:90:87:2c:41:f3:ba:99:23:f4:
39:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:64:9B:63:5F:E0:58:76:21:5B:26:3B:7E:B0:E4:B4:AB:6E:51:F3
X509v3 Authority Key Identifier:
keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/7GSbY1_gWHYhWyY7frDktKtuUfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.36.0/24
185.82.38.0/23
IPv6:
2001:4d70::/32
2a05:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
44:08:ff:14:ae:32:e4:93:99:b0:9a:6a:73:0d:c5:c7:4d:fe:
96:75:09:c0:51:9b:f2:21:df:52:9c:3f:18:f4:a7:8a:7a:3d:
bf:bf:52:72:ad:4f:15:e2:69:b4:ee:7b:eb:cf:de:67:49:fb:
43:8e:6d:30:71:e0:67:dc:b8:c3:5a:64:ad:82:d4:72:dc:a4:
e5:71:16:ae:c3:84:fa:3b:82:3e:38:ad:b8:09:45:3e:24:94:
e3:6e:af:73:3d:26:fd:62:1b:c5:62:23:63:9b:67:cb:f1:67:
19:1f:d9:f8:3b:08:82:2e:a1:24:73:2e:9a:fb:ac:78:5e:7a:
3d:76:6e:67:27:c6:67:05:9b:cf:f1:53:11:d5:19:d2:83:d8:
ac:aa:ff:80:e9:8c:dc:82:99:79:49:d8:14:43:49:a5:9d:80:
e7:4e:ef:c1:41:00:c3:89:cf:26:1f:50:f1:52:ae:73:e6:1c:
97:0a:96:dc:c4:24:27:a0:71:30:88:34:45:d5:88:f0:00:79:
82:a3:1a:0a:eb:4d:a3:a1:25:14:52:05:50:ab:28:ad:95:69:
54:48:d5:2c:b0:de:c0:c6:3e:1f:45:aa:26:86:45:c8:56:59:
f4:5f:44:94:3e:a6:6a:d8:7b:a8:32:87:1a:f0:4f:1a:d5:d1:
f6:11:14:ba
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZCWl0WQ8DZPK0FMJa5YuVIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjQwNzA5MDgyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY0OWI2MzVmZTA1ODc2MjE1YjI2M2I3ZWIwZTRiNGFiNmU1MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vNGoOKXKCFVTgq53lG4ih9DuptY
qM0RWWk2Lmra6AhixHrL3xyqEJ75fwPbu6UqcHZk8uKjeU0rmiiL2pz//4B5OrQk
tIMj4CUZagq5eTAclTLZuFWbPd+lgyVxtJBPNgNATPC5xumnylcD6p6exybuM9+5
9SVzhIxE7TBWGRWMCRyJJzj0qv0C74/xYFfD2YAhlGE9DBMX/wUx7Hi4oHNrDTVG
+gK/fpfSBgLEXqNWd+DdtqHd8n1DKN0DreHq6pgTylRvuos4iO8fyCirm45UWRpj
yXNiulqxFJI9EOWGWjRMwGVNdy5E4LJVXfypcG0KPP+QhyxB87qZI/Q5ZQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOxkm2Nf4Fh2IVsmO36w5LSrblHzMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvN0dTYlkxX2dXSFloV3lZN2ZyRGt0S3R1VWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuVIkAwQB
uVImMBQEAgACMA4DBQAgAU1wAwUDKgWMwDANBgkqhkiG9w0BAQsFAAOCAQEARAj/
FK4y5JOZsJpqcw3Fx03+lnUJwFGb8iHfUpw/GPSnino9v79Scq1PFeJptO5768/e
Z0n7Q45tMHHgZ9y4w1pkrYLUctyk5XEWrsOE+juCPjituAlFPiSU426vcz0m/WIb
xWIjY5tny/FnGR/Z+DsIgi6hJHMumvuseF56PXZuZyfGZwWbz/FTEdUZ0oPYrKr/
gOmM3IKZeUnYFENJpZ2A507vwUEAw4nPJh9Q8VKuc+YclwqW3MQkJ6BxMIg0RdWI
8AB5gqMaCutNo6ElFFIFUKsorZVpVEjVLLDewMY+H0WqJoZFyFZZ9F9ElD6math7
qDKHGvBPGtXR9hEUug==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:16:04 2024 by rpki-client on console-ams.rpki-client.org