Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/7iD9ZAv6H5hxUYdBFfWgt_L9kas.roa
File: 7iD9ZAv6H5hxUYdBFfWgt_L9kas.roa (raw, json)
Hash identifier: zy8kA8wbXadtIilAt/eR3Zz6yuOCaozv8uSBeS7EZvk=
Subject key identifier: EE:20:FD:64:0B:FA:1F:98:71:51:87:41:15:F5:A0:B7:F2:FD:91:AB
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 0191E60F9E53B8F5EDB9E87DE23C28422733
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/7iD9ZAv6H5hxUYdBFfWgt_L9kas.roa
Signing time: Thu 12 Sep 2024 11:47:48 +0000
ROA not before: Thu 12 Sep 2024 11:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6724
IP address blocks: 81.169.128.0/17 maxlen: 24
85.214.0.0/15 maxlen: 24
192.67.198.0/24 maxlen: 24
193.141.3.0/24 maxlen: 24
194.45.97.0/24 maxlen: 24
2a01:238::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.mft
rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:0f:9e:53:b8:f5:ed:b9:e8:7d:e2:3c:28:42:27:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Sep 12 11:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee20fd640bfa1f987151874115f5a0b7f2fd91ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:d9:01:42:c6:24:bd:3d:ce:a9:f1:58:ad:
4f:2a:ea:85:16:74:c8:94:88:62:36:12:09:1f:87:
03:ba:f6:82:0a:18:eb:cb:97:b7:18:73:8e:95:fd:
e5:f8:dc:e3:00:fe:b5:6d:fd:fc:98:4d:3a:16:14:
97:57:3f:aa:b4:2e:6a:78:4c:36:2f:7a:d1:3d:74:
e8:91:86:f9:71:22:4b:05:a3:4d:ad:89:5b:42:f6:
ed:60:4e:fe:9b:12:3e:df:2a:60:5b:d7:b9:1b:28:
74:20:34:30:e1:c9:aa:89:8f:e3:6a:e6:cc:73:84:
77:cd:f5:f8:e1:cf:3a:ea:a7:69:84:51:28:82:88:
d3:b7:8e:52:41:24:55:ed:52:69:d0:58:32:3e:36:
99:e9:da:31:f9:01:8b:96:91:97:cc:c0:53:6d:94:
aa:9e:2d:be:98:c1:ee:61:52:6e:ed:95:80:e5:53:
9c:25:41:6a:6b:6d:2a:d0:28:18:68:af:ef:5c:0c:
ec:0a:38:d0:b2:2e:f5:89:cd:74:63:5b:07:c2:ed:
a6:8e:e6:56:03:6a:98:7d:7d:a7:34:fe:ce:a6:26:
24:8c:e3:14:ed:14:81:f4:24:86:ed:f9:41:f3:4e:
4d:0f:24:8a:09:08:b8:b6:b4:18:19:5c:1c:be:e5:
42:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:20:FD:64:0B:FA:1F:98:71:51:87:41:15:F5:A0:B7:F2:FD:91:AB
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/7iD9ZAv6H5hxUYdBFfWgt_L9kas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.169.128.0/17
85.214.0.0/15
192.67.198.0/24
193.141.3.0/24
194.45.97.0/24
IPv6:
2a01:238::/29
Signature Algorithm: sha256WithRSAEncryption
61:46:e3:55:55:61:b5:1c:df:68:7b:af:a0:29:47:0c:3b:88:
48:61:d2:4f:4f:9b:37:3e:ee:94:a8:19:dc:e2:38:a9:52:a0:
3f:18:f5:98:99:3b:bb:e3:65:7b:b9:a6:4a:50:30:5b:29:1a:
8b:07:e9:12:f1:6f:bd:01:70:94:f8:7b:be:52:97:9b:c7:1e:
e0:5c:55:d1:65:fc:e9:29:e9:54:1e:52:6f:c9:50:70:95:00:
b4:04:2f:9f:85:f2:79:d1:cc:ab:d5:d2:05:7f:1a:78:a1:a6:
51:a7:02:48:8a:e9:bd:ae:91:f4:4f:88:1a:80:97:4a:75:30:
52:c0:0a:d4:80:d1:19:d0:44:bb:83:c3:51:e7:1b:1f:70:57:
bf:34:c6:06:2f:11:a7:de:7c:1c:85:7f:4a:73:bf:4f:37:8b:
16:21:a9:df:9a:4f:a8:5b:87:48:c1:f7:5c:2f:46:89:cf:9c:
03:15:2f:83:4c:6f:ec:88:2d:1b:24:d7:2c:0c:bb:ef:47:7d:
1e:5d:df:4d:8d:21:d5:d4:75:e1:10:5a:1e:3a:9f:3c:36:77:
a5:96:79:0a:6a:2a:4e:07:50:de:98:8e:74:1e:57:9d:b3:d9:
00:9e:62:46:f2:88:77:b6:11:80:ad:7c:ac:3f:f9:c2:09:e7:
54:52:bf:cc
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZHmD55TuPXtueh94jwoQiczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjQwOTEyMTE0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIwZmQ2NDBiZmExZjk4NzE1MTg3NDExNWY1YTBiN2YyZmQ5MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P/ZAULGJL09zqnxWK1PKuqFFnTI
lIhiNhIJH4cDuvaCChjry5e3GHOOlf3l+NzjAP61bf38mE06FhSXVz+qtC5qeEw2
L3rRPXTokYb5cSJLBaNNrYlbQvbtYE7+mxI+3ypgW9e5Gyh0IDQw4cmqiY/jaubM
c4R3zfX44c866qdphFEogojTt45SQSRV7VJp0FgyPjaZ6dox+QGLlpGXzMBTbZSq
ni2+mMHuYVJu7ZWA5VOcJUFqa20q0CgYaK/vXAzsCjjQsi71ic10Y1sHwu2mjuZW
A2qYfX2nNP7OpiYkjOMU7RSB9CSG7flB805NDySKCQi4trQYGVwcvuVCvQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFO4g/WQL+h+YcVGHQRX1oLfy/ZGrMB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvN2lEOVpBdjZINWh4VVlkQkZmV2d0X0w5a2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHUamAAwMB
VdYDBADAQ8YDBADBjQMDBADCLWEwDQQCAAIwBwMFAyoBAjgwDQYJKoZIhvcNAQEL
BQADggEBAGFG41VVYbUc32h7r6ApRww7iEhh0k9Pmzc+7pSoGdziOKlSoD8Y9ZiZ
O7vjZXu5pkpQMFspGosH6RLxb70BcJT4e75Sl5vHHuBcVdFl/Okp6VQeUm/JUHCV
ALQEL5+F8nnRzKvV0gV/GnihplGnAkiK6b2ukfRPiBqAl0p1MFLACtSA0RnQRLuD
w1HnGx9wV780xgYvEafefByFf0pzv083ixYhqd+aT6hbh0jB91wvRonPnAMVL4NM
b+yILRsk1ywMu+9HfR5d302NIdXUdeEQWh46nzw2d6WWeQpqKk4HUN6YjnQeV52z
2QCeYkbyiHe2EYCtfKw/+cIJ51RSv8w=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:01 2024 by rpki-client on console-ams.rpki-client.org