Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/t7Rz42dce0i5zAzJYPL5lASxwxk.roa
File: t7Rz42dce0i5zAzJYPL5lASxwxk.roa (raw, json)
Hash identifier: KeMMOhaC1ZVvpzUfJEcGrQDqSdgEthZUxyBkAL8jV0s=
Subject key identifier: B7:B4:73:E3:67:5C:7B:48:B9:CC:0C:C9:60:F2:F9:94:04:B1:C3:19
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D7A8C14358103955F7E23168ABA5
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/t7Rz42dce0i5zAzJYPL5lASxwxk.roa
Signing time: Tue 02 Jan 2024 02:30:13 +0000
ROA not before: Tue 02 Jan 2024 02:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41717
IP address blocks: 80.66.199.0/24 maxlen: 24
5.183.117.0/24 maxlen: 24
5.183.116.0/23 maxlen: 23
5.183.116.0/24 maxlen: 24
5.183.118.0/24 maxlen: 24
5.183.119.0/24 maxlen: 24
5.183.121.0/24 maxlen: 24
5.183.123.0/24 maxlen: 24
5.183.120.0/23 maxlen: 23
5.183.120.0/24 maxlen: 24
5.183.122.0/24 maxlen: 24
45.139.194.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
45.8.35.0/24 maxlen: 24
45.8.32.0/24 maxlen: 24
45.8.34.0/24 maxlen: 24
2.58.245.0/24 maxlen: 24
2.58.244.0/24 maxlen: 24
2.58.246.0/24 maxlen: 24
2.58.247.0/24 maxlen: 24
2.58.249.0/24 maxlen: 24
2.58.251.0/24 maxlen: 24
2.58.248.0/24 maxlen: 24
2.58.250.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
95.214.166.0/24 maxlen: 24
95.214.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d7:a8:c1:43:58:10:39:55:f7:e2:31:68:ab:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7b473e3675c7b48b9cc0cc960f2f99404b1c319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:03:53:f9:e0:6f:99:7c:15:40:01:d0:c8:a6:
f6:d9:6a:45:84:ff:d8:e7:fc:c2:4a:eb:6a:f3:7e:
fe:20:5f:47:cb:04:49:60:6e:d6:61:77:3a:de:98:
d9:99:4a:c5:1c:aa:c9:cd:37:db:6a:e1:d2:12:1c:
f6:a7:0b:ac:7e:77:cf:6b:4b:46:af:03:a0:67:ec:
5d:06:af:9c:2a:53:69:4f:e0:97:11:f2:b0:6a:92:
d5:cf:17:07:ad:ca:58:1a:77:46:06:32:5a:69:1e:
0f:25:f1:08:b0:7a:01:5f:ba:f1:ca:4d:78:25:0c:
a4:7e:ad:fd:10:1b:60:7e:7d:23:90:09:4e:93:be:
42:07:13:2e:03:9a:92:e8:1d:43:bc:e8:dc:04:47:
ac:1e:5a:c8:93:82:bf:36:65:03:4e:26:32:30:f0:
b6:7f:89:fe:3c:5b:14:39:3c:08:85:ed:0b:99:ed:
62:7f:30:fa:90:fc:93:fe:a0:e8:ab:5b:cd:c8:00:
4f:61:7a:6f:cc:d1:53:d9:fa:6f:7d:3f:63:bb:0d:
9e:3d:e0:05:68:df:18:b0:6e:43:07:01:d2:29:d8:
6b:ee:8e:1a:12:b5:69:01:d6:e8:9f:69:33:83:6e:
38:1d:83:16:86:2d:22:3a:70:83:a2:56:6e:3b:89:
90:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B4:73:E3:67:5C:7B:48:B9:CC:0C:C9:60:F2:F9:94:04:B1:C3:19
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/t7Rz42dce0i5zAzJYPL5lASxwxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.244.0-2.58.251.255
5.183.116.0-5.183.123.255
45.8.32.0/24
45.8.34.0/23
45.139.194.0/24
45.141.44.0/22
80.66.199.0/24
95.214.166.0/23
194.104.144.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:51:57:30:47:bb:cb:01:1f:39:ca:1b:f4:b5:e2:d6:20:c8:
e7:4d:ee:ce:91:eb:c1:76:51:78:87:94:ef:d2:db:76:b5:89:
f6:86:e7:9e:aa:17:30:10:a1:82:2d:1e:d7:c4:38:59:b4:58:
7d:24:0b:e9:97:33:1a:ef:83:1f:ed:ea:87:bd:43:8b:73:14:
1c:c2:6a:06:75:72:94:bf:ed:dc:2c:69:bb:c2:01:e6:fb:73:
4f:be:cb:10:bd:c4:22:ec:8a:f7:d8:be:df:fa:39:fc:cd:5f:
82:af:cb:f9:ab:88:14:af:ec:80:0b:ec:65:8d:fe:ff:fd:05:
d2:7f:b0:25:39:64:7f:3d:eb:50:b9:88:55:c4:9d:24:37:e6:
5b:b3:0c:c5:60:cb:c4:41:7a:27:7e:c8:36:8d:6e:c5:a1:34:
32:d6:27:be:2a:d3:32:e3:7b:ae:b2:45:97:8c:3a:79:9b:bf:
45:0f:0c:db:37:2d:9d:d1:43:c3:1a:61:06:d8:ff:c6:08:fd:
55:3f:96:79:8f:98:d1:91:fb:6e:f4:41:51:a7:25:9c:5a:47:
19:59:57:39:77:fb:b3:c8:a8:6f:94:20:f9:75:6c:d9:23:71:
6c:a6:9f:a7:56:96:ad:51:5f:e4:75:8e:c6:79:d9:87:34:12:
aa:02:1a:d8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzIAdeowUNYEDlV9+IxaKulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I0NzNlMzY3NWM3YjQ4YjljYzBjYzk2MGYyZjk5NDA0YjFjMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgNT+eBvmXwVQAHQyKb22WpFhP/Y
5/zCSutq837+IF9HywRJYG7WYXc63pjZmUrFHKrJzTfbauHSEhz2pwusfnfPa0tG
rwOgZ+xdBq+cKlNpT+CXEfKwapLVzxcHrcpYGndGBjJaaR4PJfEIsHoBX7rxyk14
JQykfq39EBtgfn0jkAlOk75CBxMuA5qS6B1DvOjcBEesHlrIk4K/NmUDTiYyMPC2
f4n+PFsUOTwIhe0Lme1ifzD6kPyT/qDoq1vNyABPYXpvzNFT2fpvfT9juw2ePeAF
aN8YsG5DBwHSKdhr7o4aErVpAdbon2kzg244HYMWhi0iOnCDolZuO4mQbwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLe0c+NnXHtIucwMyWDy+ZQEscMZMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdDdSejQyZGNlMGk1ekF6SllQTDVsQVN4d3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAICOvQD
BAICOvgwDAMEAgW3dAMEAgW3eAMEAC0IIAMEAS0IIgMEAC2LwgMEAi2NLAMEAFBC
xwMEAV/WpgMEAMJokDANBgkqhkiG9w0BAQsFAAOCAQEAn1FXMEe7ywEfOcob9LXi
1iDI503uzpHrwXZReIeU79LbdrWJ9obnnqoXMBChgi0e18Q4WbRYfSQL6ZczGu+D
H+3qh71Di3MUHMJqBnVylL/t3Cxpu8IB5vtzT77LEL3EIuyK99i+3/o5/M1fgq/L
+auIFK/sgAvsZY3+//0F0n+wJTlkfz3rULmIVcSdJDfmW7MMxWDLxEF6J37INo1u
xaE0MtYnvirTMuN7rrJFl4w6eZu/RQ8M2zctndFDwxphBtj/xgj9VT+WeY+Y0ZH7
bvRBUaclnFpHGVlXOXf7s8iob5Qg+XVs2SNxbKafp1aWrVFf5HWOxnnZhzQSqgIa
2A==
-----END CERTIFICATE-----
Generated at Mon May 27 16:23:07 2024 by rpki-client on console-ams.rpki-client.org