Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7Rytr_jA6cU8NQ1dBRqi099mGgg.roa
File: 7Rytr_jA6cU8NQ1dBRqi099mGgg.roa (raw, json)
Hash identifier: +i6RfAOwXJUCM1W2tdkE7Nw2r4b/ymgZfsAZ9ZTXHAE=
Subject key identifier: ED:1C:AD:AF:F8:C0:E9:C5:3C:35:0D:5D:05:1A:A2:D3:DF:66:1A:08
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018CC424709631E16EFF51A2C2E350B87B8B
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7Rytr_jA6cU8NQ1dBRqi099mGgg.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199883
IP address blocks: 89.36.220.0/22 maxlen: 24
89.38.144.0/22 maxlen: 24
94.177.252.0/22 maxlen: 24
94.177.248.0/22 maxlen: 24
185.58.224.0/22 maxlen: 24
217.61.16.0/21 maxlen: 24
89.40.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:70:96:31:e1:6e:ff:51:a2:c2:e3:50:b8:7b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed1cadaff8c0e9c53c350d5d051aa2d3df661a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:18:35:e5:91:bb:65:c2:1f:69:82:0e:ad:96:
1e:cf:c2:03:28:a9:40:8f:70:b1:de:15:e4:01:b6:
61:bd:12:78:84:fa:aa:0e:28:96:ef:67:4e:be:93:
55:be:84:04:d0:ab:f0:37:ac:6d:e3:79:bf:81:f0:
6f:80:a4:60:3b:8b:b9:37:45:91:e9:4f:bd:94:7b:
a5:69:2b:e7:ae:69:1b:ec:74:18:11:8b:c8:8a:5c:
d9:c9:95:c6:de:78:6f:b0:53:62:99:ac:d6:25:f0:
be:d6:b0:ed:aa:92:97:93:51:9f:d9:4c:97:aa:b9:
0c:ff:e0:eb:1f:de:34:27:df:6f:a5:28:42:ac:ca:
f2:f4:03:97:c9:83:dd:c8:0d:a3:00:f4:b3:e9:a2:
67:a3:a0:f4:28:4e:85:9a:90:0d:80:32:09:6a:cc:
0e:4c:33:e8:a0:df:14:a5:75:cd:0c:5f:f6:3d:0b:
eb:bd:b8:a5:83:27:3a:d9:76:aa:7f:80:45:6d:03:
ef:39:e6:24:b8:90:c1:a4:2b:cb:c4:d7:54:05:03:
77:f0:53:43:f9:b3:10:8f:b3:25:73:b9:b8:20:c3:
c7:da:94:6c:85:3f:c7:44:e2:42:cc:79:dc:db:a6:
04:52:33:7f:94:af:02:bc:e7:f8:82:83:6b:6f:83:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1C:AD:AF:F8:C0:E9:C5:3C:35:0D:5D:05:1A:A2:D3:DF:66:1A:08
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7Rytr_jA6cU8NQ1dBRqi099mGgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.220.0/22
89.38.144.0/22
89.40.120.0/22
94.177.248.0/21
185.58.224.0/22
217.61.16.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:c8:5d:cd:53:bc:38:71:1f:f0:3c:2d:49:17:4b:06:d5:65:
b4:14:96:0f:f7:5f:fb:88:c0:eb:87:61:bf:57:a1:22:10:33:
a6:33:fd:7e:30:d8:ea:12:32:c3:99:77:8e:3f:c2:85:cd:85:
56:62:eb:0e:e5:68:db:39:a9:e7:2a:28:77:8f:74:8f:50:e6:
ef:36:af:40:27:cb:ab:36:8a:99:49:4f:37:2f:f4:0d:77:70:
18:12:d8:30:2d:50:22:00:17:65:c3:6d:23:f5:05:54:30:db:
34:9b:56:ee:cf:be:70:9b:05:91:d6:20:48:55:93:c1:72:1a:
a7:2a:94:f5:b6:6c:1c:11:d5:8b:f6:74:93:d9:e5:7d:47:b5:
a7:8a:e2:9f:c1:02:8f:78:34:e9:3e:ae:55:cb:5a:63:33:0d:
bf:24:8b:8e:5d:93:58:81:61:b0:3a:ed:b4:ff:7b:92:73:c9:
14:16:c8:ef:c9:71:5b:ef:14:b9:72:a8:86:dc:23:74:b2:81:
64:76:de:34:9e:f7:16:3e:48:59:12:a1:e0:90:97:95:d6:cc:
60:d1:55:39:38:90:d1:c3:88:f0:f2:7c:6f:eb:8e:71:26:3c:
ee:ee:aa:fd:cd:7d:58:3c:ff:ff:29:93:f1:db:54:09:14:16:
dd:00:ea:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJHCWMeFu/1GiwuNQuHuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDFjYWRhZmY4YzBlOWM1M2MzNTBkNWQwNTFhYTJkM2RmNjYxYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxg15ZG7ZcIfaYIOrZYez8IDKKlA
j3Cx3hXkAbZhvRJ4hPqqDiiW72dOvpNVvoQE0KvwN6xt43m/gfBvgKRgO4u5N0WR
6U+9lHulaSvnrmkb7HQYEYvIilzZyZXG3nhvsFNimazWJfC+1rDtqpKXk1Gf2UyX
qrkM/+DrH940J99vpShCrMry9AOXyYPdyA2jAPSz6aJno6D0KE6FmpANgDIJaswO
TDPooN8UpXXNDF/2PQvrvbilgyc62Xaqf4BFbQPvOeYkuJDBpCvLxNdUBQN38FND
+bMQj7Mlc7m4IMPH2pRshT/HROJCzHnc26YEUjN/lK8CvOf4goNrb4MgIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO0cra/4wOnFPDUNXQUaotPfZhoIMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvN1J5dHJfakE2Y1U4TlExZEJScWkwOTltR2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWSTcAwQC
WSaQAwQCWSh4AwQDXrH4AwQCuTrgAwQD2T0QMA0GCSqGSIb3DQEBCwUAA4IBAQB9
yF3NU7w4cR/wPC1JF0sG1WW0FJYP91/7iMDrh2G/V6EiEDOmM/1+MNjqEjLDmXeO
P8KFzYVWYusO5WjbOannKih3j3SPUObvNq9AJ8urNoqZSU83L/QNd3AYEtgwLVAi
ABdlw20j9QVUMNs0m1buz75wmwWR1iBIVZPBchqnKpT1tmwcEdWL9nST2eV9R7Wn
iuKfwQKPeDTpPq5Vy1pjMw2/JIuOXZNYgWGwOu20/3uSc8kUFsjvyXFb7xS5cqiG
3CN0soFkdt40nvcWPkhZEqHgkJeV1sxg0VU5OJDRw4jw8nxv645xJjzu7qr9zX1Y
PP//KZPx21QJFBbdAOpN
-----END CERTIFICATE-----
Generated at Sat May 11 19:30:25 2024 by rpki-client on console-fra.rpki-client.org