Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/er4Yw1HXoN6HvZdzAot95hcvyK4.roa
File: er4Yw1HXoN6HvZdzAot95hcvyK4.roa (raw, json)
Hash identifier: grtPVV1gRakEseb7RMnz8tBCB72/846NjvR+ChtQztE=
Subject key identifier: 7A:BE:18:C3:51:D7:A0:DE:87:BD:97:73:02:8B:7D:E6:17:2F:C8:AE
Certificate issuer: /CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Certificate serial: 018CC4937E400BD1EBE83B265C0DBE8C1081
Authority key identifier: C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/er4Yw1HXoN6HvZdzAot95hcvyK4.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62336
IP address blocks: 91.198.32.0/24 maxlen: 24
37.228.144.0/22 maxlen: 22
5.63.32.0/19 maxlen: 20
91.200.108.0/22 maxlen: 22
91.211.8.0/22 maxlen: 22
91.191.176.0/22 maxlen: 22
195.230.108.0/24 maxlen: 24
185.39.84.0/22 maxlen: 22
2a01:41e1::/32 maxlen: 32
2a01:41e0::/32 maxlen: 32
2a01:41e3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7e:40:0b:d1:eb:e8:3b:26:5c:0d:be:8c:10:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7abe18c351d7a0de87bd9773028b7de6172fc8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:16:28:8a:db:a6:d8:8f:d0:87:1f:68:70:
e2:23:9e:39:ac:dd:82:c9:64:8c:56:7e:06:a1:82:
4c:16:ee:45:0d:8e:cf:c1:a9:de:b8:ea:e7:45:ea:
8f:b6:e0:0d:4e:74:88:95:c2:ac:01:32:6f:77:47:
08:d4:36:2a:79:bf:f0:30:f8:6a:22:b1:c3:ec:c1:
28:ed:dc:08:b1:6b:4b:98:99:af:3b:80:81:4f:b3:
bf:9b:b2:4a:59:63:b9:8d:65:b4:a6:a2:9c:92:11:
eb:6c:41:04:6a:ec:01:61:5f:23:29:56:9c:8b:58:
db:e7:a6:4f:35:ba:c4:94:f2:38:52:c5:19:4a:c8:
64:61:2c:f4:2b:a4:74:d4:54:61:60:d1:32:6e:59:
ae:04:b1:f6:d4:d7:7e:de:94:3c:2e:0c:76:31:3a:
32:87:35:e0:70:cd:51:92:23:97:75:db:6b:66:cb:
19:14:5e:15:bb:d8:e2:77:8a:6a:a2:1a:a3:aa:82:
b5:aa:e1:f3:d7:be:a3:4c:d8:ed:bf:4e:0d:df:2e:
6a:5e:e0:e5:17:35:c7:e1:9c:2c:97:07:ca:d1:02:
7e:42:b4:4c:87:c2:8b:17:f2:84:ed:bc:bb:4b:ce:
07:e4:73:01:a7:6d:84:3b:b9:17:33:c4:64:ec:79:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BE:18:C3:51:D7:A0:DE:87:BD:97:73:02:8B:7D:E6:17:2F:C8:AE
X509v3 Authority Key Identifier:
keyid:C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/er4Yw1HXoN6HvZdzAot95hcvyK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.32.0/19
37.228.144.0/22
91.191.176.0/22
91.198.32.0/24
91.200.108.0/22
91.211.8.0/22
185.39.84.0/22
195.230.108.0/24
IPv6:
2a01:41e0::/31
2a01:41e3::/32
Signature Algorithm: sha256WithRSAEncryption
8c:17:3f:e9:8a:29:28:fb:93:13:49:80:e6:bf:77:27:61:fb:
02:c5:c9:65:0c:13:b6:74:2f:49:07:fe:e8:0c:1f:27:b3:13:
b3:9d:81:f3:7a:90:5a:99:b4:99:2c:f3:65:a8:b8:bf:29:95:
06:87:01:35:95:32:94:f4:63:70:09:c0:20:81:91:8a:30:a5:
ea:13:1c:b9:79:07:6b:c3:ef:9b:4f:44:67:b9:03:0d:fb:ae:
f2:3c:a0:9c:5e:f2:60:de:bc:84:dc:bc:2f:e0:59:01:a4:b0:
be:c2:2b:18:3b:be:f0:a3:6b:3e:d8:cf:7b:cc:76:bd:7a:d2:
59:15:db:38:a5:55:31:d4:98:4c:09:07:d3:2f:a0:44:46:ad:
9c:34:81:3a:53:61:16:a2:07:78:e1:35:5c:17:6c:9c:8f:83:
1f:93:12:02:5a:04:c3:59:01:c6:1a:e3:14:31:41:b3:ff:1f:
e9:b8:ac:b1:a0:a3:1c:ad:56:71:06:a3:22:6e:f7:a1:78:ef:
76:8f:15:6e:c7:e0:91:cc:ae:e2:ee:70:1b:50:90:58:7a:08:
b8:fd:d4:b6:44:30:88:1c:29:e0:b7:4f:34:ae:a9:42:5d:fe:
a8:c1:a2:36:2a:d0:e2:7d:2e:b9:21:12:9a:e1:c8:c1:2a:06:
5a:44:1a:fc
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzEk35AC9Hr6DsmXA2+jBCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzFmZGJhZjlhYzBlNWFkZWVjNjBhMDkyM2M0ZGQ0YTAx
ZTkyZGMwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJlMThjMzUxZDdhMGRlODdiZDk3NzMwMjhiN2RlNjE3MmZjOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbMWKIrbptiP0IcfaHDiI545rN2C
yWSMVn4GoYJMFu5FDY7PwaneuOrnReqPtuANTnSIlcKsATJvd0cI1DYqeb/wMPhq
IrHD7MEo7dwIsWtLmJmvO4CBT7O/m7JKWWO5jWW0pqKckhHrbEEEauwBYV8jKVac
i1jb56ZPNbrElPI4UsUZSshkYSz0K6R01FRhYNEyblmuBLH21Nd+3pQ8Lgx2MToy
hzXgcM1RkiOXddtrZssZFF4Vu9jid4pqohqjqoK1quHz176jTNjtv04N3y5qXuDl
FzXH4ZwslwfK0QJ+QrRMh8KLF/KE7by7S84H5HMBp22EO7kXM8Rk7HkGbQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHq+GMNR16Deh72XcwKLfeYXL8iuMB8GA1UdIwQY
MBaAFMfB/br5rA5a3uxgoJI8TdSgHpLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjkt
ZjAwMjk4MTYwOTdlLzEvZXI0WXcxSFhvTjZIdlpkekFvdDk1aGN2eUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjktZjAwMjk4MTYwOTdl
LzEveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFBT8gAwQC
JeSQAwQCW7+wAwQAW8YgAwQCW8hsAwQCW9MIAwQCuSdUAwQAw+ZsMBQEAgACMA4D
BQEqAUHgAwUAKgFB4zANBgkqhkiG9w0BAQsFAAOCAQEAjBc/6YopKPuTE0mA5r93
J2H7AsXJZQwTtnQvSQf+6AwfJ7MTs52B83qQWpm0mSzzZai4vymVBocBNZUylPRj
cAnAIIGRijCl6hMcuXkHa8Pvm09EZ7kDDfuu8jygnF7yYN68hNy8L+BZAaSwvsIr
GDu+8KNrPtjPe8x2vXrSWRXbOKVVMdSYTAkH0y+gREatnDSBOlNhFqIHeOE1XBds
nI+DH5MSAloEw1kBxhrjFDFBs/8f6bissaCjHK1WcQajIm73oXjvdo8Vbsfgkcyu
4u5wG1CQWHoIuP3UtkQwiBwp4LdPNK6pQl3+qMGiNirQ4n0uuSESmuHIwSoGWkQa
/A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:09 2024 by rpki-client on console-fra.rpki-client.org