Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/7bmfi3ymBngjUSdIA-p3hZBfk4Y.roa
File: 7bmfi3ymBngjUSdIA-p3hZBfk4Y.roa (raw, json)
Hash identifier: qcOiMNYreoUJuktBrmKovvQhtORgzpwzFXIqTXWO1J8=
Subject key identifier: ED:B9:9F:8B:7C:A6:06:78:23:51:27:48:03:EA:77:85:90:5F:93:86
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 018CC56EB69F4148162252D3DB6BABD3243D
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/7bmfi3ymBngjUSdIA-p3hZBfk4Y.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210275
IP address blocks: 83.229.65.0/24 maxlen: 24
185.169.32.0/22 maxlen: 24
176.105.148.0/22 maxlen: 24
185.35.78.0/23 maxlen: 24
2a13:2400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b6:9f:41:48:16:22:52:d3:db:6b:ab:d3:24:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edb99f8b7ca606782351274803ea7785905f9386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f8:3f:53:55:3b:3a:af:a8:9f:e9:c5:66:68:
77:00:94:6c:b3:d2:73:f0:f9:b9:a6:3d:3a:20:ee:
81:87:5a:3f:e4:44:71:7d:d2:b2:e6:f4:92:96:3f:
77:c2:a8:ad:eb:cb:41:14:95:8b:43:23:50:48:e3:
59:25:44:b3:68:57:b1:a8:fc:cd:53:91:cc:0c:bf:
00:3e:c2:dc:30:be:31:da:fb:71:79:9f:3f:9b:6f:
1e:58:fe:0d:23:f9:3f:23:18:90:57:ee:d7:f2:ec:
3b:1b:1f:74:78:b5:64:c8:f2:81:42:22:19:85:40:
1c:8b:16:b6:ca:91:34:e2:6f:6a:4c:b7:8f:e2:41:
62:63:9f:9d:29:a4:ea:e7:47:ab:8b:31:b6:69:e7:
e0:6b:99:94:2b:bc:8e:63:bb:f7:d6:53:39:33:3c:
60:23:d3:d6:f4:77:e2:b5:d7:c9:bc:3b:ac:a2:18:
ae:ca:f9:07:10:20:af:68:6e:84:98:6d:e2:c1:be:
f9:5d:09:08:d1:ea:b5:bb:5a:f3:36:4e:36:fe:39:
71:d9:bd:27:69:f8:8f:8d:a2:4f:3c:2e:05:2b:dd:
8a:cb:b1:60:b3:61:ab:a1:55:05:8d:54:a1:30:45:
1c:ef:4c:63:d4:61:f9:a2:ad:b6:2e:1e:d6:58:41:
9a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B9:9F:8B:7C:A6:06:78:23:51:27:48:03:EA:77:85:90:5F:93:86
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/7bmfi3ymBngjUSdIA-p3hZBfk4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.65.0/24
176.105.148.0/22
185.35.78.0/23
185.169.32.0/22
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
c9:af:39:f6:dc:05:7f:f3:97:23:ac:ef:13:c3:99:e7:b5:61:
a1:f8:ca:7e:f6:1c:f3:19:21:a0:6b:b1:ac:31:da:7a:09:84:
1c:38:74:0e:c2:ce:44:db:a6:a2:32:39:10:51:07:cf:a5:40:
78:13:13:38:a0:ae:3b:e1:01:03:d9:67:51:e9:be:e2:69:d8:
b0:6e:5d:a3:c1:69:72:98:31:63:05:34:60:a7:ab:a8:6d:8f:
66:3c:df:89:2a:a1:96:e7:65:df:80:92:77:47:c8:2c:2a:44:
fd:95:16:ee:26:8e:ed:bd:56:5f:ce:bd:4e:d4:0b:2d:2d:ad:
7e:c1:a6:be:7a:d9:ce:bb:52:cb:19:d1:4c:8e:b3:62:52:52:
66:eb:d1:4f:f9:5b:09:7f:79:4b:6e:39:5c:c9:20:ee:02:5f:
87:74:78:84:b7:25:85:b3:02:0d:bf:e1:d8:01:0c:2e:9f:95:
9b:b0:75:a6:a1:c7:bc:e6:e3:a5:03:71:da:cb:d9:98:1b:d3:
2e:ad:79:a1:0c:17:bf:af:13:ca:d0:cc:7e:cf:37:3c:41:05:
b4:2c:62:1c:e3:09:97:e1:b0:46:a7:29:ab:ef:d0:0e:66:82:
6e:1c:84:fa:cc:27:8f:df:ba:2b:04:a8:a0:f4:ec:1b:35:d9:
54:4d:3e:a9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbrafQUgWIlLT22ur0yQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGI5OWY4YjdjYTYwNjc4MjM1MTI3NDgwM2VhNzc4NTkwNWY5Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fg/U1U7Oq+on+nFZmh3AJRss9Jz
8Pm5pj06IO6Bh1o/5ERxfdKy5vSSlj93wqit68tBFJWLQyNQSONZJUSzaFexqPzN
U5HMDL8APsLcML4x2vtxeZ8/m28eWP4NI/k/IxiQV+7X8uw7Gx90eLVkyPKBQiIZ
hUAcixa2ypE04m9qTLeP4kFiY5+dKaTq50erizG2aefga5mUK7yOY7v31lM5Mzxg
I9PW9HfitdfJvDusohiuyvkHECCvaG6EmG3iwb75XQkI0eq1u1rzNk42/jlx2b0n
afiPjaJPPC4FK92Ky7Fgs2GroVUFjVShMEUc70xj1GH5oq22Lh7WWEGavwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFO25n4t8pgZ4I1EnSAPqd4WQX5OGMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvN2JtZmkzeW1CbmdqVVNkSUEtcDNoWkJmazRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAU+VBAwQC
sGmUAwQBuSNOAwQCuakgMA0EAgACMAcDBQMqEyQAMA0GCSqGSIb3DQEBCwUAA4IB
AQDJrzn23AV/85cjrO8Tw5nntWGh+Mp+9hzzGSGga7GsMdp6CYQcOHQOws5E26ai
MjkQUQfPpUB4ExM4oK474QED2WdR6b7iadiwbl2jwWlymDFjBTRgp6uobY9mPN+J
KqGW52XfgJJ3R8gsKkT9lRbuJo7tvVZfzr1O1AstLa1+waa+etnOu1LLGdFMjrNi
UlJm69FP+VsJf3lLbjlcySDuAl+HdHiEtyWFswINv+HYAQwun5WbsHWmoce85uOl
A3Hay9mYG9MurXmhDBe/rxPK0Mx+zzc8QQW0LGIc4wmX4bBGpymr79AOZoJuHIT6
zCeP37orBKig9OwbNdlUTT6p
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:53:40 2024 by rpki-client on console-fra.rpki-client.org