Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/c7Vrd41jnBThAesSJFq-cevfLKE.roa
File: c7Vrd41jnBThAesSJFq-cevfLKE.roa (raw, json)
Hash identifier: 5bjXME3//nudET65DyEByfqdY9mm6kZIcx81P11+b1A=
Subject key identifier: 73:B5:6B:77:8D:63:9C:14:E1:01:EB:12:24:5A:BE:71:EB:DF:2C:A1
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 018CC56EF6559493F72930B453364E23874A
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/c7Vrd41jnBThAesSJFq-cevfLKE.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29601
IP address blocks: 194.252.225.0/24 maxlen: 24
192.194.132.0/22 maxlen: 22
192.194.136.0/21 maxlen: 21
192.130.31.0/24 maxlen: 24
192.194.144.0/20 maxlen: 24
192.130.157.0/24 maxlen: 24
192.194.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f6:55:94:93:f7:29:30:b4:53:36:4e:23:87:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73b56b778d639c14e101eb12245abe71ebdf2ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:df:e7:cd:15:3a:8d:7b:ff:3a:2b:1a:96:1b:
4c:6f:24:53:c4:45:14:dc:18:38:ec:3e:19:48:0d:
8c:a5:b9:b4:86:31:fe:c2:79:76:7d:a3:cf:b0:1a:
62:8b:32:33:02:54:67:72:7f:44:0b:18:71:ed:c8:
fe:de:39:e8:57:2c:1f:c8:c2:07:16:c6:d8:8f:07:
62:a3:c7:35:8a:ec:02:5a:10:11:50:a5:60:62:f5:
7d:63:d0:2e:4e:4a:30:dd:57:8d:30:41:9d:32:8b:
b7:83:cf:77:31:68:4c:9a:ef:eb:85:a2:3b:c9:0b:
23:ac:dd:88:41:2a:8c:37:aa:71:da:c1:55:ef:95:
5e:87:7d:e8:c3:fc:75:f8:55:39:17:d1:9e:36:47:
31:22:da:2d:c9:b1:f0:09:97:79:77:d5:55:7a:3b:
2f:ee:2e:75:08:9a:1f:e1:7d:9f:bd:cc:16:4c:3c:
57:a8:fe:ed:bb:26:19:ac:28:a0:d0:80:a0:b4:06:
9d:05:e0:07:7e:d8:6a:23:c2:fb:47:2a:6c:53:86:
e2:5f:fd:0f:e6:bc:02:0c:c8:7a:22:5f:d5:04:ff:
81:7f:e5:60:9b:d1:33:cf:67:d3:a3:72:db:7b:a2:
7d:ae:a2:81:f6:5b:24:cb:69:6d:40:d8:4f:e1:7b:
c0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B5:6B:77:8D:63:9C:14:E1:01:EB:12:24:5A:BE:71:EB:DF:2C:A1
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/c7Vrd41jnBThAesSJFq-cevfLKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.130.31.0/24
192.130.157.0/24
192.194.132.0-192.194.160.255
194.252.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a0:0c:ee:9a:51:59:44:07:74:eb:b5:e7:f1:03:31:79:fd:
c6:c8:36:f0:14:b9:d5:a5:c4:dc:9b:5f:8c:9d:5f:1a:58:09:
3f:9e:dc:98:c9:c1:46:19:a5:9a:0c:16:f1:79:cc:fd:63:7a:
c5:a6:b3:d4:84:de:f4:63:80:f8:13:4f:c9:3f:9c:f6:0d:13:
ba:44:02:39:8c:0b:ff:f4:e5:7d:4f:d4:c1:f7:36:9e:44:0b:
2a:f1:d2:3a:29:bd:12:42:97:88:7b:90:ad:bf:5a:cf:c5:dc:
9e:07:a5:21:66:81:43:69:41:32:db:24:92:e5:d0:6b:48:15:
d5:8a:50:dd:c3:c7:44:ce:fa:71:07:2b:6f:c9:ef:19:4c:b8:
ec:ca:17:05:2a:03:82:93:ea:62:4a:75:80:61:42:0c:f8:e1:
6e:8a:a7:bc:c8:29:9e:ac:a3:a8:5c:37:b1:a7:b9:05:36:15:
23:da:44:99:18:22:68:0f:9d:82:33:2a:ef:7b:a5:aa:b3:73:
98:ff:6c:42:75:b6:37:be:51:d6:d8:9e:8c:ea:61:49:8f:ce:
b1:0c:4b:24:71:8f:bd:2f:aa:df:c7:2b:88:02:b6:c4:e1:d1:
df:33:b8:99:22:56:27:f1:e2:ac:04:b0:aa:e5:55:14:65:00:
3a:8e:a2:41
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbvZVlJP3KTC0UzZOI4dKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2I1NmI3NzhkNjM5YzE0ZTEwMWViMTIyNDVhYmU3MWViZGYyY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9/nzRU6jXv/OisalhtMbyRTxEUU
3Bg47D4ZSA2Mpbm0hjH+wnl2faPPsBpiizIzAlRncn9ECxhx7cj+3jnoVywfyMIH
FsbYjwdio8c1iuwCWhARUKVgYvV9Y9AuTkow3VeNMEGdMou3g893MWhMmu/rhaI7
yQsjrN2IQSqMN6px2sFV75Veh33ow/x1+FU5F9GeNkcxItotybHwCZd5d9VVejsv
7i51CJof4X2fvcwWTDxXqP7tuyYZrCig0ICgtAadBeAHfthqI8L7RypsU4biX/0P
5rwCDMh6Il/VBP+Bf+Vgm9Ezz2fTo3Lbe6J9rqKB9lsky2ltQNhP4XvAsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHO1a3eNY5wU4QHrEiRavnHr3yyhMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvYzdWcmQ0MWpuQlRoQWVzU0pGcS1jZXZmTEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwIIfAwQA
wIKdMAwDBALAwoQDBADAwqADBADC/OEwDQYJKoZIhvcNAQELBQADggEBAEygDO6a
UVlEB3TrtefxAzF5/cbINvAUudWlxNybX4ydXxpYCT+e3JjJwUYZpZoMFvF5zP1j
esWms9SE3vRjgPgTT8k/nPYNE7pEAjmMC//05X1P1MH3Np5ECyrx0jopvRJCl4h7
kK2/Ws/F3J4HpSFmgUNpQTLbJJLl0GtIFdWKUN3Dx0TO+nEHK2/J7xlMuOzKFwUq
A4KT6mJKdYBhQgz44W6Kp7zIKZ6so6hcN7GnuQU2FSPaRJkYImgPnYIzKu97paqz
c5j/bEJ1tje+UdbYnozqYUmPzrEMSyRxj70vqt/HK4gCtsTh0d8zuJkiVifx4qwE
sKrlVRRlADqOokE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:41 2024 by rpki-client on console-fra.rpki-client.org