Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/7rmYvqphLVbez-QXHLIdPx2SlrA.roa
File: 7rmYvqphLVbez-QXHLIdPx2SlrA.roa (raw, json)
Hash identifier: u4s/wk+aDtnPP5CJ2y9F3l1AfQRzExrH7x2fOSipHFg=
Subject key identifier: EE:B9:98:BE:AA:61:2D:56:DE:CF:E4:17:1C:B2:1D:3F:1D:92:96:B0
Certificate issuer: /CN=26a250d6c46f26f4c3005fa42e401a8a9e5c886e
Certificate serial: 019124270D6E7D0976ECEF05A9A350A4491E
Authority key identifier: 26:A2:50:D6:C4:6F:26:F4:C3:00:5F:A4:2E:40:1A:8A:9E:5C:88:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqJQ1sRvJvTDAF-kLkAaip5ciG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/7rmYvqphLVbez-QXHLIdPx2SlrA.roa
Signing time: Mon 05 Aug 2024 20:07:04 +0000
ROA not before: Mon 05 Aug 2024 20:07:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59953
IP address blocks: 91.109.232.0/21 maxlen: 24
185.78.8.0/22 maxlen: 24
185.248.220.0/22 maxlen: 24
2a0d:f280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/JqJQ1sRvJvTDAF-kLkAaip5ciG4.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/JqJQ1sRvJvTDAF-kLkAaip5ciG4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqJQ1sRvJvTDAF-kLkAaip5ciG4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:27:0d:6e:7d:09:76:ec:ef:05:a9:a3:50:a4:49:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a250d6c46f26f4c3005fa42e401a8a9e5c886e
Validity
Not Before: Aug 5 20:07:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeb998beaa612d56decfe4171cb21d3f1d9296b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:69:3d:a7:95:76:34:62:51:6e:72:6d:fb:2f:
bf:a9:bb:79:cc:ca:b8:f7:5f:a7:a2:b8:e1:3f:89:
30:97:8a:5d:e2:e1:6a:d4:27:ac:d1:b0:39:4b:0c:
7d:34:9e:1a:36:b0:06:c3:5e:62:10:f1:f2:ed:a0:
ad:e1:50:f0:42:20:77:fb:b5:33:88:7c:c2:36:60:
53:d5:77:4b:91:58:2b:1b:7f:6e:97:1f:7c:3e:4c:
51:a9:3e:0a:e8:fb:26:a5:ee:de:6f:60:31:d0:38:
a4:16:e8:94:88:ad:e2:19:3e:92:91:47:8e:f8:84:
d5:eb:3f:06:7f:63:53:69:ac:8d:c5:ee:f0:b3:6e:
f8:52:84:c7:cf:32:f1:2a:f9:30:55:a8:59:c6:2c:
95:bb:b5:3e:69:b1:b6:6f:df:b9:54:e9:59:a4:4a:
d9:07:aa:4e:a9:a5:43:0b:b6:eb:45:61:59:39:e9:
d8:ef:76:70:c6:2f:e5:f9:a1:84:b7:98:ff:7e:c1:
66:1c:38:24:3c:8a:8d:0c:65:10:e4:fe:07:44:3d:
68:99:7e:41:9d:22:b2:62:d4:03:3d:c4:16:18:96:
b2:28:b9:e0:d9:25:5b:48:db:f5:af:3f:34:99:f9:
c9:02:74:d2:2d:3c:17:bd:19:36:1d:f6:b5:39:0c:
0f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B9:98:BE:AA:61:2D:56:DE:CF:E4:17:1C:B2:1D:3F:1D:92:96:B0
X509v3 Authority Key Identifier:
keyid:26:A2:50:D6:C4:6F:26:F4:C3:00:5F:A4:2E:40:1A:8A:9E:5C:88:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqJQ1sRvJvTDAF-kLkAaip5ciG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/7rmYvqphLVbez-QXHLIdPx2SlrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/72a50b-55eb-497b-a9f7-1ff7b31e52cd/1/JqJQ1sRvJvTDAF-kLkAaip5ciG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.232.0/21
185.78.8.0/22
185.248.220.0/22
IPv6:
2a0d:f280::/29
Signature Algorithm: sha256WithRSAEncryption
7f:23:ce:17:87:81:c1:60:f2:72:dd:d5:43:76:1d:a3:e2:37:
aa:db:95:47:cd:06:17:c6:79:9d:42:9d:42:4b:c7:30:55:de:
b0:00:ca:0a:e5:fd:15:46:7c:ec:85:3f:38:11:8b:90:b8:02:
d0:01:ca:ab:d8:e8:dc:73:6c:23:7b:d2:3f:bb:1b:d5:2e:e9:
f0:68:1c:3e:9b:d0:ca:51:6d:cc:81:e9:7e:9a:4c:fd:03:3a:
7d:74:48:c3:43:38:d7:c1:a1:48:5e:4e:88:b4:e0:f4:5c:9e:
ad:df:34:10:c0:51:c9:45:9f:dd:6f:41:af:bc:63:b3:57:a3:
24:f8:62:cc:a4:95:90:5c:42:1d:7e:57:33:38:d2:99:0d:a5:
34:02:82:ff:59:d0:85:ee:02:c4:9e:9e:a7:01:4f:09:70:8d:
fe:33:88:77:06:17:f4:7c:fc:3b:cf:6c:f8:a6:4c:55:ec:24:
ce:ad:36:5d:43:b8:b5:73:45:7d:ca:bc:12:38:96:fb:90:78:
a5:15:2c:d7:e0:a1:95:60:b4:d6:bd:6d:11:79:3a:a8:1a:74:
71:9a:62:f9:f7:e3:81:5d:13:d0:3d:f4:6b:08:46:8c:25:ee:
91:b4:1c:0a:95:6e:5e:4c:ff:e1:ec:d7:13:34:9b:36:75:d4:
10:44:fc:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZEkJw1ufQl27O8FqaNQpEkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTI1MGQ2YzQ2ZjI2ZjRjMzAwNWZhNDJlNDAxYThhOWU1
Yzg4NmUwHhcNMjQwODA1MjAwNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWI5OThiZWFhNjEyZDU2ZGVjZmU0MTcxY2IyMWQzZjFkOTI5NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2k9p5V2NGJRbnJt+y+/qbt5zMq4
91+norjhP4kwl4pd4uFq1Ces0bA5Swx9NJ4aNrAGw15iEPHy7aCt4VDwQiB3+7Uz
iHzCNmBT1XdLkVgrG39ulx98PkxRqT4K6Psmpe7eb2Ax0DikFuiUiK3iGT6SkUeO
+ITV6z8Gf2NTaayNxe7ws274UoTHzzLxKvkwVahZxiyVu7U+abG2b9+5VOlZpErZ
B6pOqaVDC7brRWFZOenY73Zwxi/l+aGEt5j/fsFmHDgkPIqNDGUQ5P4HRD1omX5B
nSKyYtQDPcQWGJayKLng2SVbSNv1rz80mfnJAnTSLTwXvRk2Hfa1OQwPwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO65mL6qYS1W3s/kFxyyHT8dkpawMB8GA1UdIwQY
MBaAFCaiUNbEbyb0wwBfpC5AGoqeXIhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFKUTFzUnZKdlREQUYta0xrQWFpcDVjaUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS83MmE1MGItNTVlYi00OTdiLWE5Zjct
MWZmN2IzMWU1MmNkLzEvN3JtWXZxcGhMVmJlei1RWEhMSWRQeDJTbHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS83MmE1MGItNTVlYi00OTdiLWE5ZjctMWZmN2IzMWU1MmNk
LzEvSnFKUTFzUnZKdlREQUYta0xrQWFpcDVjaUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDW23oAwQC
uU4IAwQCufjcMA0EAgACMAcDBQMqDfKAMA0GCSqGSIb3DQEBCwUAA4IBAQB/I84X
h4HBYPJy3dVDdh2j4jeq25VHzQYXxnmdQp1CS8cwVd6wAMoK5f0VRnzshT84EYuQ
uALQAcqr2Ojcc2wje9I/uxvVLunwaBw+m9DKUW3Mgel+mkz9Azp9dEjDQzjXwaFI
Xk6ItOD0XJ6t3zQQwFHJRZ/db0GvvGOzV6Mk+GLMpJWQXEIdflczONKZDaU0AoL/
WdCF7gLEnp6nAU8JcI3+M4h3Bhf0fPw7z2z4pkxV7CTOrTZdQ7i1c0V9yrwSOJb7
kHilFSzX4KGVYLTWvW0ReTqoGnRxmmL59+OBXRPQPfRrCEaMJe6RtBwKlW5eTP/h
7NcTNJs2ddQQRPzc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:13:55 2024 by rpki-client on console-ams.rpki-client.org