Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/x7Q9ReskzcZQYTfH3UAcbSMGH1Q.roa
File: x7Q9ReskzcZQYTfH3UAcbSMGH1Q.roa (raw, json)
Hash identifier: 3yZH+Q4Jd0zY1pb9fZBGWd/eTlL76QSwJrgtsD+8Gas=
Subject key identifier: C7:B4:3D:45:EB:24:CD:C6:50:61:37:C7:DD:40:1C:6D:23:06:1F:54
Certificate issuer: /CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Certificate serial: 018CC42556A9616373834A10D176A722A6A2
Authority key identifier: 24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/x7Q9ReskzcZQYTfH3UAcbSMGH1Q.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205958
IP address blocks: 185.194.102.0/23 maxlen: 23
185.30.170.0/23 maxlen: 23
185.215.132.0/23 maxlen: 23
185.30.168.0/23 maxlen: 23
185.215.134.0/23 maxlen: 23
2a0a:49c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:56:a9:61:63:73:83:4a:10:d1:76:a7:22:a6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7b43d45eb24cdc6506137c7dd401c6d23061f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6d:1d:01:7e:5b:6d:69:40:62:ad:9e:ff:0a:
71:81:83:94:37:bb:c7:56:3a:a4:71:9f:e9:ab:91:
dc:9f:ca:ac:b6:35:03:90:fd:3b:00:06:77:b0:a3:
ef:b7:97:05:e6:52:55:31:7b:8c:23:ac:75:69:1f:
d8:36:bb:1e:84:0f:76:18:bc:37:8d:e3:5d:04:c2:
c6:da:0d:78:86:81:8f:8e:72:a0:0d:64:de:b6:01:
f3:d9:d1:77:47:b2:0c:44:5d:7a:ac:43:60:bf:92:
33:3a:e7:7e:3b:b7:f2:5a:6a:a1:f1:63:e8:05:03:
33:d9:f8:90:d4:6a:0a:8b:90:3e:6e:08:72:35:1e:
f3:8f:3d:7a:21:68:2a:be:22:56:ce:58:61:53:d7:
f2:94:de:3c:a3:43:8e:e0:97:07:06:aa:16:29:dc:
36:d4:89:a4:94:65:43:62:21:a4:66:e1:ae:0f:92:
3e:41:78:62:7a:73:f1:21:75:3c:cc:94:95:f9:90:
e2:aa:4d:af:50:da:08:33:02:47:b5:05:ff:83:a9:
93:c9:e5:98:bd:ca:6c:bc:47:62:5c:45:fd:de:ca:
63:0b:61:66:95:57:a3:85:66:08:41:ea:87:ab:c9:
fc:73:d7:01:b4:eb:5d:be:12:71:ea:cd:86:d0:3c:
d9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B4:3D:45:EB:24:CD:C6:50:61:37:C7:DD:40:1C:6D:23:06:1F:54
X509v3 Authority Key Identifier:
keyid:24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/x7Q9ReskzcZQYTfH3UAcbSMGH1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.168.0/22
185.194.102.0/23
185.215.132.0/22
IPv6:
2a0a:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
d0:fc:34:fa:d1:db:6c:02:15:00:35:75:d0:64:9b:88:a1:40:
e9:e3:81:e6:a6:34:82:19:19:63:37:44:e8:7e:fb:9f:f8:31:
6c:35:8b:91:af:5d:8b:1f:d7:8e:79:2b:60:2b:ad:18:4f:09:
cd:33:81:be:cd:98:c1:d4:a4:8a:e9:e2:db:6f:0b:8a:97:d9:
c4:c9:fd:07:23:bd:be:99:96:ee:26:79:c8:a7:8e:30:af:b2:
9c:68:6d:f9:0c:34:f2:7f:ae:b2:78:75:50:3c:73:8c:11:c5:
42:8e:44:30:0c:7f:dd:04:58:fd:47:06:ea:41:cd:8c:5c:56:
af:da:9b:4e:44:3d:42:da:98:79:50:5e:0d:50:9e:14:f8:50:
89:06:ee:b0:6c:fd:91:62:63:97:0b:8d:47:63:fc:b2:d0:af:
65:1a:69:b5:6c:2f:7f:89:c5:7a:fa:a6:53:65:00:c4:8c:5f:
d6:22:c8:fc:f8:3f:5a:71:b6:a8:f8:af:95:31:0f:61:bd:4c:
83:5a:2d:0b:2b:71:11:94:65:50:63:86:74:89:bc:20:f4:35:
60:bc:dd:b2:eb:7a:7f:da:90:2c:48:4f:1c:a9:a6:fe:73:cd:
07:d8:b1:1b:62:d5:76:49:fb:92:6c:70:93:da:5c:98:24:94:
9d:17:0e:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJVapYWNzg0oQ0XanIqaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NzQwNWU5Y2VlMzlkNzE5NDRkNWUzMTQ5ZWIwMWI2MWY5
YWRiMWUwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2I0M2Q0NWViMjRjZGM2NTA2MTM3YzdkZDQwMWM2ZDIzMDYxZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj20dAX5bbWlAYq2e/wpxgYOUN7vH
VjqkcZ/pq5Hcn8qstjUDkP07AAZ3sKPvt5cF5lJVMXuMI6x1aR/YNrsehA92GLw3
jeNdBMLG2g14hoGPjnKgDWTetgHz2dF3R7IMRF16rENgv5IzOud+O7fyWmqh8WPo
BQMz2fiQ1GoKi5A+bghyNR7zjz16IWgqviJWzlhhU9fylN48o0OO4JcHBqoWKdw2
1ImklGVDYiGkZuGuD5I+QXhienPxIXU8zJSV+ZDiqk2vUNoIMwJHtQX/g6mTyeWY
vcpsvEdiXEX93spjC2FmlVejhWYIQeqHq8n8c9cBtOtdvhJx6s2G0DzZaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMe0PUXrJM3GUGE3x91AHG0jBh9UMB8GA1UdIwQY
MBaAFCR0BenO451xlE1eMUnrAbYfmtseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYt
NDdiYmFjYTA3OGZmLzEveDdROVJlc2t6Y1pRWVRmSDNVQWNiU01HSDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYtNDdiYmFjYTA3OGZm
LzEvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuR6oAwQB
ucJmAwQCudeEMA0EAgACMAcDBQMqCknAMA0GCSqGSIb3DQEBCwUAA4IBAQDQ/DT6
0dtsAhUANXXQZJuIoUDp44HmpjSCGRljN0Tofvuf+DFsNYuRr12LH9eOeStgK60Y
TwnNM4G+zZjB1KSK6eLbbwuKl9nEyf0HI72+mZbuJnnIp44wr7KcaG35DDTyf66y
eHVQPHOMEcVCjkQwDH/dBFj9RwbqQc2MXFav2ptORD1C2ph5UF4NUJ4U+FCJBu6w
bP2RYmOXC41HY/yy0K9lGmm1bC9/icV6+qZTZQDEjF/WIsj8+D9acbao+K+VMQ9h
vUyDWi0LK3ERlGVQY4Z0ibwg9DVgvN2y63p/2pAsSE8cqab+c80H2LEbYtV2SfuS
bHCT2lyYJJSdFw5l
-----END CERTIFICATE-----
Generated at Mon May 20 12:52:06 2024 by rpki-client on console-ams.rpki-client.org