Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/7zhFHqH5Gr2StR5haqQiA46IyHg.roa
File: 7zhFHqH5Gr2StR5haqQiA46IyHg.roa (raw, json)
Hash identifier: N++5AfrcAEV86aQQi5QxUkNCKh50+IuKqFtlH+Wwngk=
Subject key identifier: EF:38:45:1E:A1:F9:1A:BD:92:B5:1E:61:6A:A4:22:03:8E:88:C8:78
Certificate issuer: /CN=a7a77078af387b48d70810eb1604df0ade118fda
Certificate serial: 0192673C768E0E5744AC99332FA513FDAAF0
Authority key identifier: A7:A7:70:78:AF:38:7B:48:D7:08:10:EB:16:04:DF:0A:DE:11:8F:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6dweK84e0jXCBDrFgTfCt4Rj9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/7zhFHqH5Gr2StR5haqQiA46IyHg.roa
Signing time: Mon 07 Oct 2024 13:47:48 +0000
ROA not before: Mon 07 Oct 2024 13:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51809
IP address blocks: 45.82.140.0/22 maxlen: 22
63.135.72.0/21 maxlen: 21
67.208.52.0/22 maxlen: 22
185.232.119.0/24 maxlen: 24
2a10:d580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/p6dweK84e0jXCBDrFgTfCt4Rj9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/p6dweK84e0jXCBDrFgTfCt4Rj9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6dweK84e0jXCBDrFgTfCt4Rj9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:3c:76:8e:0e:57:44:ac:99:33:2f:a5:13:fd:aa:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a77078af387b48d70810eb1604df0ade118fda
Validity
Not Before: Oct 7 13:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef38451ea1f91abd92b51e616aa422038e88c878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fd:39:ab:96:a4:4f:26:07:07:9d:5e:24:d8:
73:f2:bf:7c:11:a2:0e:8f:09:73:6d:ca:02:e4:53:
95:fb:28:23:38:be:85:0b:93:b4:4e:0b:4f:b6:91:
61:1c:fb:f1:15:a5:ec:0d:dc:13:14:db:e6:06:b0:
20:b6:a8:aa:61:99:13:2d:8f:cf:ff:49:29:82:ca:
b2:2b:c8:dc:d2:8e:0c:9e:90:79:e0:4d:eb:e5:77:
4e:20:f7:7d:ce:ad:67:4d:7c:5d:bc:a0:a1:d4:24:
56:2b:45:92:09:92:25:b5:41:aa:ad:1e:11:a3:a8:
71:82:a1:b7:8c:b1:ef:62:86:c6:b1:c2:89:ea:b7:
8c:02:a8:f4:89:80:bf:01:95:b4:33:25:66:9f:3e:
02:9c:ff:a7:e5:4b:bb:6b:9a:a5:4e:e2:39:24:82:
a7:4f:b6:ca:ff:c8:7c:38:ea:5c:dd:eb:24:5e:f6:
47:60:2c:08:6c:6c:b3:96:3f:a5:71:d9:b4:d3:68:
88:f1:68:a1:5b:6d:57:36:e1:2b:bd:79:e0:b4:93:
ac:3d:9f:f8:06:7b:8a:7e:d4:72:d6:71:35:e7:f8:
e6:59:4e:50:22:35:55:e7:be:1b:9e:a9:92:f0:58:
05:bc:ca:44:83:1f:91:ad:ad:6a:26:d7:68:d5:7b:
80:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:38:45:1E:A1:F9:1A:BD:92:B5:1E:61:6A:A4:22:03:8E:88:C8:78
X509v3 Authority Key Identifier:
keyid:A7:A7:70:78:AF:38:7B:48:D7:08:10:EB:16:04:DF:0A:DE:11:8F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6dweK84e0jXCBDrFgTfCt4Rj9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/7zhFHqH5Gr2StR5haqQiA46IyHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/021f6b-6fd0-4365-92f7-4de47b80440a/1/p6dweK84e0jXCBDrFgTfCt4Rj9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.140.0/22
63.135.72.0/21
67.208.52.0/22
185.232.119.0/24
IPv6:
2a10:d580::/29
Signature Algorithm: sha256WithRSAEncryption
3d:41:1c:cc:8e:01:47:8b:2f:fb:83:cf:79:a9:b1:f8:7e:db:
02:bf:1f:3c:0a:6c:d8:e8:9e:aa:ab:38:9c:18:da:8e:f2:56:
be:2e:7a:df:79:17:09:f4:6c:0a:6b:55:39:58:83:42:53:36:
24:89:6f:eb:06:b3:d4:cd:ab:bf:1d:f0:15:43:f0:17:73:f3:
b9:8f:3c:99:85:47:28:dc:3e:c6:d1:ba:38:19:33:2b:08:2e:
38:f3:0c:05:c6:27:b7:aa:26:3b:86:0c:99:33:fd:bf:a1:4f:
71:96:72:38:56:43:0a:39:67:2d:5f:2a:7e:2c:ca:9b:60:0a:
34:0b:e3:a4:18:10:ec:e4:2e:b6:c4:d5:1e:a6:a0:8d:a4:b8:
ea:d8:51:b6:41:de:95:65:e3:37:2c:20:0f:e6:79:5d:e1:c0:
95:1a:6d:bd:e3:ac:f8:f2:fe:57:4c:ab:73:52:02:45:19:43:
f4:11:3c:93:83:1f:be:89:0d:61:8b:11:f4:1e:62:ff:09:ed:
00:24:5a:cb:57:5f:c6:5b:b8:da:ee:02:81:3a:80:2a:6c:60:
f7:46:e1:8c:da:6d:c6:cc:d2:62:80:bc:d4:69:4e:df:23:cf:
fd:a1:06:9b:8a:a9:31:98:ae:a2:82:4b:6c:0d:e4:2e:87:a5:
8c:8b:47:15
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJnPHaODldErJkzL6UT/arwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTc3MDc4YWYzODdiNDhkNzA4MTBlYjE2MDRkZjBhZGUx
MThmZGEwHhcNMjQxMDA3MTM0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM4NDUxZWExZjkxYWJkOTJiNTFlNjE2YWE0MjIwMzhlODhjODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf05q5akTyYHB51eJNhz8r98EaIO
jwlzbcoC5FOV+ygjOL6FC5O0TgtPtpFhHPvxFaXsDdwTFNvmBrAgtqiqYZkTLY/P
/0kpgsqyK8jc0o4MnpB54E3r5XdOIPd9zq1nTXxdvKCh1CRWK0WSCZIltUGqrR4R
o6hxgqG3jLHvYobGscKJ6reMAqj0iYC/AZW0MyVmnz4CnP+n5Uu7a5qlTuI5JIKn
T7bK/8h8OOpc3eskXvZHYCwIbGyzlj+lcdm002iI8WihW21XNuErvXngtJOsPZ/4
BnuKftRy1nE15/jmWU5QIjVV574bnqmS8FgFvMpEgx+Rra1qJtdo1XuAuwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFO84RR6h+Rq9krUeYWqkIgOOiMh4MB8GA1UdIwQY
MBaAFKencHivOHtI1wgQ6xYE3wreEY/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZkd2VLODRlMGpYQ0JEckZnVGZDdDRSajlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8wMjFmNmItNmZkMC00MzY1LTkyZjct
NGRlNDdiODA0NDBhLzEvN3poRkhxSDVHcjJTdFI1aGFxUWlBNDZJeUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8wMjFmNmItNmZkMC00MzY1LTkyZjctNGRlNDdiODA0NDBh
LzEvcDZkd2VLODRlMGpYQ0JEckZnVGZDdDRSajlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLVKMAwQD
P4dIAwQCQ9A0AwQAueh3MA0EAgACMAcDBQMqENWAMA0GCSqGSIb3DQEBCwUAA4IB
AQA9QRzMjgFHiy/7g895qbH4ftsCvx88CmzY6J6qqzicGNqO8la+LnrfeRcJ9GwK
a1U5WINCUzYkiW/rBrPUzau/HfAVQ/AXc/O5jzyZhUco3D7G0bo4GTMrCC448wwF
xie3qiY7hgyZM/2/oU9xlnI4VkMKOWctXyp+LMqbYAo0C+OkGBDs5C62xNUepqCN
pLjq2FG2Qd6VZeM3LCAP5nld4cCVGm2946z48v5XTKtzUgJFGUP0ETyTgx++iQ1h
ixH0HmL/Ce0AJFrLV1/GW7ja7gKBOoAqbGD3RuGM2m3GzNJigLzUaU7fI8/9oQab
iqkxmK6igktsDeQuh6WMi0cV
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:26:05 2024 by rpki-client on console-fra.rpki-client.org