Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/R7Vzte25pHTe8s1WmaoMJEaarTw.roa
File: R7Vzte25pHTe8s1WmaoMJEaarTw.roa (raw, json)
Hash identifier: oQZO/drtv0a9sfBudNDEo2yygb20ltvvdHFBHKUqYt4=
Subject key identifier: 47:B5:73:B5:ED:B9:A4:74:DE:F2:CD:56:99:AA:0C:24:46:9A:AD:3C
Certificate issuer: /CN=d8672105752b982174d1040c103817570b8d34d6
Certificate serial: 018CC725897B8D4BBF624508BE9995DB6599
Authority key identifier: D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/R7Vzte25pHTe8s1WmaoMJEaarTw.roa
Signing time: Mon 01 Jan 2024 22:29:35 +0000
ROA not before: Mon 01 Jan 2024 22:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50489
IP address blocks: 185.35.68.0/22 maxlen: 24
192.153.60.0/22 maxlen: 24
91.240.47.0/24 maxlen: 24
2a0c:c640::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:89:7b:8d:4b:bf:62:45:08:be:99:95:db:65:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8672105752b982174d1040c103817570b8d34d6
Validity
Not Before: Jan 1 22:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47b573b5edb9a474def2cd5699aa0c24469aad3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:2f:cf:60:16:ae:6e:66:56:8e:6f:5f:85:
1f:4c:a0:eb:55:1c:a3:65:b8:91:18:62:34:4c:a2:
01:5c:11:a8:99:71:ba:65:76:80:04:e0:91:cb:bf:
e5:73:40:10:56:9c:9b:a0:89:d0:96:1b:c4:00:76:
b0:16:e2:92:06:01:f8:74:a1:1f:ff:1b:15:e9:27:
12:de:a4:91:8d:51:58:c2:20:50:10:35:e2:8b:9b:
45:bb:75:77:2d:07:3f:ca:aa:76:41:4a:85:2a:67:
b9:d5:b0:e9:1e:fb:8e:52:be:2e:7e:49:97:9c:9f:
fb:f3:c8:88:d6:79:8f:dd:d3:85:84:f0:a4:1a:d8:
54:e1:23:db:63:e8:e2:7a:be:b9:1e:cc:15:c2:78:
99:3b:49:4d:05:65:d2:f4:ac:77:f4:2a:5e:a5:0b:
a3:2a:69:31:18:74:03:b5:67:f4:fe:19:2c:ce:6c:
2c:bf:b4:e7:8e:2b:11:4f:56:35:58:87:d7:4b:57:
15:e4:77:2c:2c:9c:56:cf:c1:ab:43:32:af:ef:87:
15:38:c5:e7:68:e5:55:4f:4b:84:75:b6:e1:57:ad:
01:63:e6:83:4b:36:d1:fb:a7:14:8a:a0:0e:95:05:
ae:a0:95:67:ba:b2:b1:bf:43:44:42:2a:c2:d0:20:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B5:73:B5:ED:B9:A4:74:DE:F2:CD:56:99:AA:0C:24:46:9A:AD:3C
X509v3 Authority Key Identifier:
keyid:D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/R7Vzte25pHTe8s1WmaoMJEaarTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.47.0/24
185.35.68.0/22
192.153.60.0/22
IPv6:
2a0c:c640::/29
Signature Algorithm: sha256WithRSAEncryption
2f:2f:f2:2c:8a:19:63:f7:7f:82:93:cb:43:e3:76:29:90:fa:
1d:15:85:20:f2:51:b0:d0:e2:70:53:67:6d:92:d0:b5:ce:d0:
3f:87:49:94:db:05:0e:08:47:ae:40:b4:61:80:c2:61:33:dd:
e1:68:4c:75:59:de:dd:b1:52:b8:9b:29:e6:21:64:5f:c6:bd:
10:6c:65:2a:32:d8:51:58:59:ad:1e:6c:36:8d:4a:5d:5b:ad:
76:16:43:b9:66:37:fb:f5:46:11:aa:a3:c7:01:29:b4:33:8d:
05:8c:ee:57:1a:4f:ab:3e:f6:4b:2d:f0:ff:23:9c:a1:02:9f:
66:c3:8a:bd:6d:90:36:e0:70:fa:e2:89:14:6a:6a:96:c4:68:
ea:10:92:fa:ef:b6:7d:e0:17:d7:95:20:84:fb:50:e6:64:e2:
0e:57:95:76:42:94:c6:d8:c7:12:32:16:e3:6b:38:e5:b9:bc:
e7:1c:ac:c2:67:ec:f1:de:f2:f9:be:30:8b:7b:8a:6a:5a:c7:
4b:00:47:f8:2b:e8:4d:44:7d:e9:ee:a7:0f:d8:37:f2:cc:c0:
ae:8d:50:c3:10:a7:08:53:fd:f5:42:4a:7f:3c:22:ac:82:59:
4c:d8:91:b0:73:1e:b4:5f:7d:27:f9:aa:f6:81:fd:b4:fd:b8:
83:5b:0c:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJYl7jUu/YkUIvpmV22WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcyMTA1NzUyYjk4MjE3NGQxMDQwYzEwMzgxNzU3MGI4
ZDM0ZDYwHhcNMjQwMTAxMjIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I1NzNiNWVkYjlhNDc0ZGVmMmNkNTY5OWFhMGMyNDQ2OWFhZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ovz2AWrm5mVo5vX4UfTKDrVRyj
ZbiRGGI0TKIBXBGomXG6ZXaABOCRy7/lc0AQVpyboInQlhvEAHawFuKSBgH4dKEf
/xsV6ScS3qSRjVFYwiBQEDXii5tFu3V3LQc/yqp2QUqFKme51bDpHvuOUr4ufkmX
nJ/788iI1nmP3dOFhPCkGthU4SPbY+jier65HswVwniZO0lNBWXS9Kx39CpepQuj
KmkxGHQDtWf0/hkszmwsv7TnjisRT1Y1WIfXS1cV5HcsLJxWz8GrQzKv74cVOMXn
aOVVT0uEdbbhV60BY+aDSzbR+6cUiqAOlQWuoJVnurKxv0NEQirC0CAhbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEe1c7XtuaR03vLNVpmqDCRGmq08MB8GA1UdIwQY
MBaAFNhnIQV1K5ghdNEEDBA4F1cLjTTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUt
MTUxOGE3MzNmOTcwLzEvUjdWenRlMjVwSFRlOHMxV21hb01KRWFhclR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUtMTUxOGE3MzNmOTcw
LzEvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW/AvAwQC
uSNEAwQCwJk8MA0EAgACMAcDBQMqDMZAMA0GCSqGSIb3DQEBCwUAA4IBAQAvL/Is
ihlj93+Ck8tD43YpkPodFYUg8lGw0OJwU2dtktC1ztA/h0mU2wUOCEeuQLRhgMJh
M93haEx1Wd7dsVK4mynmIWRfxr0QbGUqMthRWFmtHmw2jUpdW612FkO5Zjf79UYR
qqPHASm0M40FjO5XGk+rPvZLLfD/I5yhAp9mw4q9bZA24HD64okUamqWxGjqEJL6
77Z94BfXlSCE+1DmZOIOV5V2QpTG2McSMhbjazjlubznHKzCZ+zx3vL5vjCLe4pq
WsdLAEf4K+hNRH3p7qcP2DfyzMCujVDDEKcIU/31Qkp/PCKsgllM2JGwcx60X30n
+ar2gf20/biDWwz0
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:36 2024 by rpki-client on console-fra.rpki-client.org