Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/x7E4vTuFgCr64ZVq3U-xscL-USk.roa
File: x7E4vTuFgCr64ZVq3U-xscL-USk.roa (raw, json)
Hash identifier: OZDwiTDcfB0hTE+as0vUAuvw/JJaALww6nnxSoVl0cU=
Subject key identifier: C7:B1:38:BD:3B:85:80:2A:FA:E1:95:6A:DD:4F:B1:B1:C2:FE:51:29
Certificate issuer: /CN=a50f21c3dc93757fc03282a835600d659f961e8e
Certificate serial: 018CC49323FA5584716830109AC44F309335
Authority key identifier: A5:0F:21:C3:DC:93:75:7F:C0:32:82:A8:35:60:0D:65:9F:96:1E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/x7E4vTuFgCr64ZVq3U-xscL-USk.roa
Signing time: Mon 01 Jan 2024 10:30:26 +0000
ROA not before: Mon 01 Jan 2024 10:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13000
IP address blocks: 91.207.64.0/23 maxlen: 23
91.208.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:23:fa:55:84:71:68:30:10:9a:c4:4f:30:93:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a50f21c3dc93757fc03282a835600d659f961e8e
Validity
Not Before: Jan 1 10:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7b138bd3b85802afae1956add4fb1b1c2fe5129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:c8:a5:37:1b:ea:59:25:37:d7:04:93:c4:
c9:ff:74:84:0d:69:5d:75:b1:e8:2d:6b:e4:9a:17:
6b:9a:80:0d:bf:ff:22:eb:6e:de:0c:0c:4f:62:9f:
a9:ec:2e:c8:86:a0:23:83:b9:3c:6c:4b:5f:2d:e1:
ea:5d:20:e6:33:3f:0f:fc:11:92:07:bb:c9:e7:53:
cc:94:53:6e:1f:73:c4:90:e7:0d:2f:1a:e0:65:8c:
dc:76:43:0b:bc:fc:52:77:9d:67:18:74:66:de:75:
34:03:26:c0:ef:e7:04:d7:65:a4:f7:26:44:23:fb:
95:05:29:43:02:9d:c7:f8:d1:0a:c7:28:90:00:9c:
3e:1c:d7:78:aa:c3:53:3f:f1:00:f4:ab:23:74:1b:
8b:a0:82:45:ca:e1:86:f0:0a:33:bf:29:d6:cb:2b:
31:f4:6f:84:10:d7:4a:86:b2:f2:a2:b2:25:b8:54:
22:48:34:29:91:57:4f:82:fa:18:f0:be:26:3d:72:
e2:35:78:ca:98:a0:76:ca:3d:0a:d2:41:ff:bb:8c:
f2:4d:58:2c:80:0d:59:26:12:39:c1:09:4b:3a:1f:
ab:bb:1e:4c:c4:11:25:5b:0d:e8:a2:2a:6e:20:25:
ae:bf:1b:e4:bf:69:e1:82:c6:77:0e:9e:c3:04:99:
8c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B1:38:BD:3B:85:80:2A:FA:E1:95:6A:DD:4F:B1:B1:C2:FE:51:29
X509v3 Authority Key Identifier:
keyid:A5:0F:21:C3:DC:93:75:7F:C0:32:82:A8:35:60:0D:65:9F:96:1E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/x7E4vTuFgCr64ZVq3U-xscL-USk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/ea1df7-808a-47c3-ae51-b0843ec38823/1/pQ8hw9yTdX_AMoKoNWANZZ-WHo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.64.0/23
91.208.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ae:f7:71:30:f4:bc:27:fa:ee:e7:6f:58:7b:13:86:49:db:
fa:8a:22:f5:93:9e:7a:62:e7:cc:f5:e1:16:87:19:29:59:83:
f3:1f:bf:a3:19:8c:8a:10:82:04:4e:91:e8:18:33:4c:c2:4c:
85:5a:e3:74:ee:45:0a:0b:5c:43:94:37:4b:cf:3c:3c:f8:ab:
33:80:aa:1a:f3:3c:9a:3b:56:87:4e:49:d7:6f:5a:bb:8a:4e:
35:20:01:e2:b1:a1:0e:85:7c:df:e0:91:aa:d2:c1:e0:29:dc:
bc:e2:32:33:17:b8:38:3e:1e:13:14:67:96:b0:a2:a8:3d:2a:
3b:78:f5:6d:bb:41:ed:a4:f6:11:5b:df:e5:ba:35:0f:03:41:
7a:8c:f4:73:97:0d:d6:18:ea:3c:99:6d:17:2a:06:b3:e9:e4:
bb:8c:cf:38:fa:7f:36:31:6b:68:dc:d0:49:fa:90:de:5d:d0:
3d:a7:52:4f:8e:45:ae:0d:14:7a:a9:ed:8e:6e:09:db:a3:13:
2c:eb:be:df:ee:9e:25:ea:0e:f5:98:28:bd:32:72:ec:7c:03:
ac:52:48:9a:8d:87:16:2b:4e:f6:8b:9c:92:d6:11:92:0a:34:
30:ed:fe:13:df:4a:09:c5:4e:0d:59:4f:62:7d:d8:09:f8:06:
d7:03:93:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkyP6VYRxaDAQmsRPMJM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MGYyMWMzZGM5Mzc1N2ZjMDMyODJhODM1NjAwZDY1OWY5
NjFlOGUwHhcNMjQwMTAxMTAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2IxMzhiZDNiODU4MDJhZmFlMTk1NmFkZDRmYjFiMWMyZmU1MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEzIpTcb6lklN9cEk8TJ/3SEDWld
dbHoLWvkmhdrmoANv/8i627eDAxPYp+p7C7IhqAjg7k8bEtfLeHqXSDmMz8P/BGS
B7vJ51PMlFNuH3PEkOcNLxrgZYzcdkMLvPxSd51nGHRm3nU0AybA7+cE12Wk9yZE
I/uVBSlDAp3H+NEKxyiQAJw+HNd4qsNTP/EA9KsjdBuLoIJFyuGG8AozvynWyysx
9G+EENdKhrLyorIluFQiSDQpkVdPgvoY8L4mPXLiNXjKmKB2yj0K0kH/u4zyTVgs
gA1ZJhI5wQlLOh+rux5MxBElWw3ooipuICWuvxvkv2nhgsZ3Dp7DBJmMuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMexOL07hYAq+uGVat1PsbHC/lEpMB8GA1UdIwQY
MBaAFKUPIcPck3V/wDKCqDVgDWWflh6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFE4aHc5eVRkWF9BTW9Lb05XQU5aWi1XSG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lYTFkZjctODA4YS00N2MzLWFlNTEt
YjA4NDNlYzM4ODIzLzEveDdFNHZUdUZnQ3I2NFpWcTNVLXhzY0wtVVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lYTFkZjctODA4YS00N2MzLWFlNTEtYjA4NDNlYzM4ODIz
LzEvcFE4aHc5eVRkWF9BTW9Lb05XQU5aWi1XSG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW89AAwQA
W9D3MA0GCSqGSIb3DQEBCwUAA4IBAQBqrvdxMPS8J/ru529YexOGSdv6iiL1k556
YufM9eEWhxkpWYPzH7+jGYyKEIIETpHoGDNMwkyFWuN07kUKC1xDlDdLzzw8+Ksz
gKoa8zyaO1aHTknXb1q7ik41IAHisaEOhXzf4JGq0sHgKdy84jIzF7g4Ph4TFGeW
sKKoPSo7ePVtu0HtpPYRW9/lujUPA0F6jPRzlw3WGOo8mW0XKgaz6eS7jM84+n82
MWto3NBJ+pDeXdA9p1JPjkWuDRR6qe2ObgnboxMs677f7p4l6g71mCi9MnLsfAOs
UkiajYcWK072i5yS1hGSCjQw7f4T30oJxU4NWU9ifdgJ+AbXA5PC
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:05 2024 by rpki-client on console-fra.rpki-client.org