Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7hpPhiB7gPzbiBZgjxwLblPLP4Y.roa
File: 7hpPhiB7gPzbiBZgjxwLblPLP4Y.roa (raw, json)
Hash identifier: yzk1AQPE/8opMgLDbTp1H4B9ty8sSe4zjrzfaV9yPps=
Subject key identifier: EE:1A:4F:86:20:7B:80:FC:DB:88:16:60:8F:1C:0B:6E:53:CB:3F:86
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A04CEC98ACB29C43AA56DCE2F61A6
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7hpPhiB7gPzbiBZgjxwLblPLP4Y.roa
Signing time: Mon 01 Jan 2024 18:29:48 +0000
ROA not before: Mon 01 Jan 2024 18:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 80.90.188.0/22 maxlen: 24
185.125.200.0/22 maxlen: 24
95.140.146.0/23 maxlen: 24
95.140.152.0/21 maxlen: 24
80.90.178.0/24 maxlen: 24
80.90.179.0/24 maxlen: 24
80.90.180.0/22 maxlen: 24
80.90.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:04:ce:c9:8a:cb:29:c4:3a:a5:6d:ce:2f:61:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee1a4f86207b80fcdb8816608f1c0b6e53cb3f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d4:f4:fc:63:9f:c9:07:fb:d0:7f:76:c3:1c:
5a:75:93:e3:8c:8f:2d:58:03:c2:56:65:bc:cc:80:
25:da:e8:f6:4b:2b:ae:35:fd:7b:fd:bc:55:68:eb:
92:21:93:b2:02:b9:b3:f9:16:c9:73:22:b4:fd:47:
dc:9f:bd:57:72:53:86:44:25:bf:c9:ae:3a:3e:c4:
c5:3f:d1:f9:a1:c7:5e:d6:b2:1c:0e:7f:ee:15:97:
7b:58:23:b3:50:3a:c1:d4:79:75:90:e3:7f:8d:cc:
cc:a5:0c:04:97:74:cf:93:32:0f:f3:97:20:42:13:
ae:57:a6:2c:f7:bf:aa:c0:be:1e:0d:10:cb:5a:81:
ca:df:d3:c7:8c:e7:56:e0:34:95:c8:a2:2e:0b:3b:
d3:ff:0e:ff:32:53:59:ae:e3:71:2e:7d:84:94:6d:
51:11:a4:de:bc:66:3c:9e:31:82:9f:fc:be:ff:90:
a7:0b:0d:f5:f0:8d:77:3f:bf:d2:48:f6:8d:b4:d6:
04:54:81:71:45:ef:50:df:b1:b7:08:51:c7:13:93:
61:dc:2d:0c:fd:a9:ce:ee:72:34:ec:c0:b2:63:71:
89:d6:63:a9:0b:c3:52:ef:47:36:aa:1d:c7:36:8e:
ae:d6:4e:53:22:a0:76:58:32:08:d6:b8:4a:94:48:
8e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:1A:4F:86:20:7B:80:FC:DB:88:16:60:8F:1C:0B:6E:53:CB:3F:86
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7hpPhiB7gPzbiBZgjxwLblPLP4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.178.0-80.90.191.255
95.140.146.0/23
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:c3:74:e2:67:cb:6a:7f:d3:31:e8:3d:1e:96:61:7b:23:a7:
08:a2:79:9f:3b:cc:10:de:ee:2d:c5:3c:d1:17:c9:d1:7b:f9:
16:93:1f:b3:cf:14:4d:49:ca:ba:7a:9e:95:2a:15:4a:1f:07:
f6:c8:21:7c:da:24:58:b9:39:59:7a:e0:a3:70:44:28:fe:22:
95:5f:23:7c:51:df:a0:c9:a8:af:6a:b1:3c:69:6b:98:dc:10:
65:84:0c:9b:a8:34:a4:1c:3b:24:a3:68:8b:3f:c3:5e:a9:c7:
62:b2:6e:ef:6c:ce:38:46:69:5a:52:1f:7c:77:d6:05:da:7e:
d1:a6:01:07:c7:37:37:e2:79:d3:3b:eb:ae:0e:d4:46:fa:a6:
6d:98:02:e0:53:45:f7:53:df:2f:5d:3c:b6:94:77:c6:b6:98:
96:8c:9f:93:92:74:08:ae:ce:ea:0f:ad:d2:4d:13:56:0b:8d:
e2:18:3c:d7:e2:48:28:4d:8b:73:9e:da:6c:db:aa:bd:1c:e6:
b5:79:69:62:35:70:6f:b4:6c:d9:c1:39:8d:c4:ff:7d:bc:06:
25:c7:f6:97:4c:87:68:f7:db:5e:16:fe:9c:0d:c4:f7:6d:63:
ff:66:c1:c6:6a:40:09:28:2c:cb:d3:08:47:19:c6:d6:68:dc:
f1:ae:9f:24
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGSgTOyYrLKcQ6pW3OL2GmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTFhNGY4NjIwN2I4MGZjZGI4ODE2NjA4ZjFjMGI2ZTUzY2IzZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNT0/GOfyQf70H92wxxadZPjjI8t
WAPCVmW8zIAl2uj2SyuuNf17/bxVaOuSIZOyArmz+RbJcyK0/Ufcn71XclOGRCW/
ya46PsTFP9H5ocde1rIcDn/uFZd7WCOzUDrB1Hl1kON/jczMpQwEl3TPkzIP85cg
QhOuV6Ys97+qwL4eDRDLWoHK39PHjOdW4DSVyKIuCzvT/w7/MlNZruNxLn2ElG1R
EaTevGY8njGCn/y+/5CnCw318I13P7/SSPaNtNYEVIFxRe9Q37G3CFHHE5Nh3C0M
/anO7nI07MCyY3GJ1mOpC8NS70c2qh3HNo6u1k5TIqB2WDII1rhKlEiOwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO4aT4Yge4D824gWYI8cC25Tyz+GMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvN2hwUGhpQjdnUHpiaUJaZ2p4d0xibFBMUDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAFQWrID
BAZQWoADBAFfjJIDBANfjJgDBAK5fcgwDQYJKoZIhvcNAQELBQADggEBAL/DdOJn
y2p/0zHoPR6WYXsjpwiieZ87zBDe7i3FPNEXydF7+RaTH7PPFE1Jyrp6npUqFUof
B/bIIXzaJFi5OVl64KNwRCj+IpVfI3xR36DJqK9qsTxpa5jcEGWEDJuoNKQcOySj
aIs/w16px2Kybu9szjhGaVpSH3x31gXaftGmAQfHNzfiedM7664O1Eb6pm2YAuBT
RfdT3y9dPLaUd8a2mJaMn5OSdAiuzuoPrdJNE1YLjeIYPNfiSChNi3Oe2mzbqr0c
5rV5aWI1cG+0bNnBOY3E/328BiXH9pdMh2j3214W/pwNxPdtY/9mwcZqQAkoLMvT
CEcZxtZo3PGunyQ=
-----END CERTIFICATE-----
Generated at Thu May 30 10:24:45 2024 by rpki-client on console-fra.rpki-client.org