Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/TH7-PtFiFISZGheky-i8tUt2_WQ.roa
File: TH7-PtFiFISZGheky-i8tUt2_WQ.roa (raw, json)
Hash identifier: secWEWTrpHlbRV+/mTS/5UqdExQDYcrbrZi+fZinYoI=
Subject key identifier: 4C:7E:FE:3E:D1:62:14:84:99:1A:17:A4:CB:E8:BC:B5:4B:76:FD:64
Certificate issuer: /CN=8569f2100c2fc454ad07adec796b9e6f6366f071
Certificate serial: 018CC493209AADBF3BDB24419D1297EF7A69
Authority key identifier: 85:69:F2:10:0C:2F:C4:54:AD:07:AD:EC:79:6B:9E:6F:63:66:F0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWnyEAwvxFStB63seWueb2Nm8HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/TH7-PtFiFISZGheky-i8tUt2_WQ.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57256
IP address blocks: 89.187.217.0/24 maxlen: 24
89.187.216.0/24 maxlen: 24
89.187.219.0/24 maxlen: 24
89.187.218.0/24 maxlen: 24
89.187.220.0/24 maxlen: 24
89.187.223.0/24 maxlen: 24
89.187.222.0/24 maxlen: 24
89.187.221.0/24 maxlen: 24
185.176.145.0/24 maxlen: 24
185.176.144.0/24 maxlen: 24
185.176.147.0/24 maxlen: 24
185.176.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/hWnyEAwvxFStB63seWueb2Nm8HE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/hWnyEAwvxFStB63seWueb2Nm8HE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWnyEAwvxFStB63seWueb2Nm8HE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:20:9a:ad:bf:3b:db:24:41:9d:12:97:ef:7a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8569f2100c2fc454ad07adec796b9e6f6366f071
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c7efe3ed1621484991a17a4cbe8bcb54b76fd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f1:90:4b:bb:d5:49:b7:c1:b9:83:47:af:c3:
33:7a:26:ad:ba:a2:ef:89:31:79:a6:45:95:97:83:
24:f3:af:be:f8:6c:21:3c:74:58:05:0a:96:7e:50:
5e:e4:b5:45:95:a1:cb:2a:63:da:51:5a:4f:27:83:
35:72:36:b2:de:a6:08:02:62:96:36:ac:a7:54:68:
c1:79:a9:af:35:1f:c5:bb:7a:7f:78:70:e2:33:29:
06:60:66:ff:01:d4:86:0f:0f:b3:71:4e:99:98:bf:
29:63:5a:c4:24:49:77:93:3b:f3:99:7b:f1:0e:7b:
83:96:d9:7b:fc:3d:1a:53:77:5e:94:f1:5d:da:e7:
61:a0:48:3f:12:e1:0a:6b:42:08:e7:b1:cb:d9:ea:
6b:d8:c6:0c:61:7d:ce:85:1a:a4:ad:7d:cf:22:ef:
38:6e:5b:2a:d3:94:fb:f3:6d:e7:79:11:e9:87:0f:
a8:bc:10:f7:43:17:7d:2d:9a:1d:c8:43:2f:41:c9:
c8:e7:67:a3:b0:d3:67:60:d7:6a:0d:da:36:d5:0d:
83:92:1d:bf:a8:ec:63:28:79:3b:2f:32:1e:64:7a:
41:30:54:44:2d:d9:63:f1:ec:62:8e:3f:93:a4:0a:
5c:4c:8f:5a:5b:35:53:d0:27:fc:86:ed:15:bd:a7:
9b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7E:FE:3E:D1:62:14:84:99:1A:17:A4:CB:E8:BC:B5:4B:76:FD:64
X509v3 Authority Key Identifier:
keyid:85:69:F2:10:0C:2F:C4:54:AD:07:AD:EC:79:6B:9E:6F:63:66:F0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWnyEAwvxFStB63seWueb2Nm8HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/TH7-PtFiFISZGheky-i8tUt2_WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/92656f-eb32-402a-a331-2336cdb9ba9f/1/hWnyEAwvxFStB63seWueb2Nm8HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.216.0/21
185.176.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:f8:85:11:c7:cf:54:25:d4:82:5d:22:78:53:c0:ee:18:94:
c8:05:82:55:d3:b0:85:36:51:dd:02:e4:c5:a3:e3:97:d9:b6:
0f:b0:e8:55:b8:5f:3d:4b:7e:6b:40:2e:94:34:a8:4a:2a:1a:
84:96:24:7c:3e:2b:2f:43:a3:20:a6:18:b3:cf:cf:61:cc:4f:
8a:da:fc:9f:09:38:8f:fa:59:56:f5:55:1f:a6:f8:28:20:e9:
01:98:2a:f0:95:60:8c:85:51:70:77:b9:22:86:ea:8a:84:0d:
af:4d:37:5f:9b:ae:ff:cb:c0:c9:a3:14:ff:05:b7:7c:a8:b1:
b4:e7:8e:35:ba:cd:a1:63:36:0f:b6:ea:94:73:f8:ff:4f:fe:
f2:97:aa:26:fa:60:05:d0:b8:70:57:a5:c3:1a:5a:53:50:d2:
72:c9:a0:bb:4a:58:23:5e:a3:04:2e:5b:1a:c7:0d:2f:02:12:
59:cc:66:1a:23:f4:27:55:2b:3e:de:ad:6f:99:0e:a1:40:1f:
c7:8e:cb:01:f5:0b:5f:17:be:ad:4a:c8:35:aa:e6:49:64:94:
ec:10:be:ed:89:1c:46:83:25:f6:1c:fe:19:17:ce:d0:e4:0d:
80:ac:99:19:13:6f:af:88:16:50:e7:d3:ab:c5:76:1f:ca:a9:
1d:95:a9:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkyCarb872yRBnRKX73ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjlmMjEwMGMyZmM0NTRhZDA3YWRlYzc5NmI5ZTZmNjM2
NmYwNzEwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdlZmUzZWQxNjIxNDg0OTkxYTE3YTRjYmU4YmNiNTRiNzZmZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPGQS7vVSbfBuYNHr8MzeiatuqLv
iTF5pkWVl4Mk86+++GwhPHRYBQqWflBe5LVFlaHLKmPaUVpPJ4M1cjay3qYIAmKW
NqynVGjBeamvNR/Fu3p/eHDiMykGYGb/AdSGDw+zcU6ZmL8pY1rEJEl3kzvzmXvx
DnuDltl7/D0aU3delPFd2udhoEg/EuEKa0II57HL2epr2MYMYX3OhRqkrX3PIu84
blsq05T7823neRHphw+ovBD3Qxd9LZodyEMvQcnI52ejsNNnYNdqDdo21Q2Dkh2/
qOxjKHk7LzIeZHpBMFRELdlj8exijj+TpApcTI9aWzVT0Cf8hu0VvaebUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEx+/j7RYhSEmRoXpMvovLVLdv1kMB8GA1UdIwQY
MBaAFIVp8hAML8RUrQet7Hlrnm9jZvBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdueUVBd3Z4RlN0QjYzc2VXdWViMk5tOEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MjY1NmYtZWIzMi00MDJhLWEzMzEt
MjMzNmNkYjliYTlmLzEvVEg3LVB0RmlGSVNaR2hla3ktaTh0VXQyX1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MjY1NmYtZWIzMi00MDJhLWEzMzEtMjMzNmNkYjliYTlm
LzEvaFdueUVBd3Z4RlN0QjYzc2VXdWViMk5tOEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWbvYAwQC
ubCQMA0GCSqGSIb3DQEBCwUAA4IBAQA7+IURx89UJdSCXSJ4U8DuGJTIBYJV07CF
NlHdAuTFo+OX2bYPsOhVuF89S35rQC6UNKhKKhqEliR8PisvQ6Mgphizz89hzE+K
2vyfCTiP+llW9VUfpvgoIOkBmCrwlWCMhVFwd7kihuqKhA2vTTdfm67/y8DJoxT/
Bbd8qLG05441us2hYzYPtuqUc/j/T/7yl6om+mAF0LhwV6XDGlpTUNJyyaC7Slgj
XqMELlsaxw0vAhJZzGYaI/QnVSs+3q1vmQ6hQB/HjssB9QtfF76tSsg1quZJZJTs
EL7tiRxGgyX2HP4ZF87Q5A2ArJkZE2+viBZQ59OrxXYfyqkdlanC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:47 2024 by rpki-client on console-fra.rpki-client.org