Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/7wbXZjJgr2nnUoY5UhLDcDdzk48.roa
File: 7wbXZjJgr2nnUoY5UhLDcDdzk48.roa (raw, json)
Hash identifier: +hl7x7SY6syrM4cRHJ1ZXnOLQ44Q9YWJIzjt5BBSt58=
Subject key identifier: EF:06:D7:66:32:60:AF:69:E7:52:86:39:52:12:C3:70:37:73:93:8F
Certificate issuer: /CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Certificate serial: 018CC794ADCFE8A39615403449A0A1250E88
Authority key identifier: DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/7wbXZjJgr2nnUoY5UhLDcDdzk48.roa
Signing time: Tue 02 Jan 2024 00:30:58 +0000
ROA not before: Tue 02 Jan 2024 00:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5435
IP address blocks: 185.178.225.0/24 maxlen: 24
185.178.224.0/24 maxlen: 24
212.93.224.0/19 maxlen: 19
192.160.15.0/24 maxlen: 24
2a02:23d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ad:cf:e8:a3:96:15:40:34:49:a0:a1:25:0e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Validity
Not Before: Jan 2 00:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef06d7663260af69e75286395212c3703773938f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ec:90:41:e9:49:7a:6b:60:7f:15:19:72:95:
ee:be:ba:8d:77:f0:aa:11:e1:9f:9d:2f:7c:3c:98:
e7:08:d1:4c:6f:3f:c8:a0:01:12:cb:01:22:1f:5e:
41:fd:21:f4:04:81:58:83:be:aa:7f:83:d8:ee:b3:
6a:23:3b:90:81:c4:6d:7c:d9:17:36:1d:cb:46:db:
1c:23:fc:b3:c5:aa:02:5c:57:6f:70:d2:b0:bf:86:
ca:b7:6b:16:fc:eb:ab:38:8e:5e:96:e7:70:cc:7c:
0c:16:60:7d:43:ae:0b:79:cf:9d:fa:7d:73:51:23:
ca:93:8e:59:80:0b:18:ac:a5:3b:96:3f:90:20:20:
a0:47:1f:0c:0f:cc:64:e7:37:6c:de:bf:86:4f:0f:
bc:0d:bf:9e:bc:37:4d:e3:cb:e7:f0:25:91:e4:7f:
0f:eb:6c:e8:02:4e:eb:e7:25:97:cd:a1:e2:9b:fa:
1e:40:1c:09:af:5d:86:6f:06:a1:66:d3:01:d4:c8:
f9:91:27:c6:e6:3d:65:0a:b2:20:64:c7:e2:6e:6e:
30:4f:53:f9:0d:d3:e6:fe:db:59:08:c5:00:01:66:
97:38:d0:f7:b5:51:00:a9:cc:5d:62:eb:b1:55:0d:
66:0c:12:9f:b2:34:8f:e2:c3:f5:95:7b:39:d8:f1:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:06:D7:66:32:60:AF:69:E7:52:86:39:52:12:C3:70:37:73:93:8F
X509v3 Authority Key Identifier:
keyid:DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/7wbXZjJgr2nnUoY5UhLDcDdzk48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.224.0/23
192.160.15.0/24
212.93.224.0/19
IPv6:
2a02:23d0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:c8:d2:78:cb:e3:14:f4:c8:9b:f5:b0:cc:0f:75:82:2a:a1:
a0:e1:c2:a7:8e:44:96:27:c4:c4:0b:99:83:dd:3b:16:e4:14:
5d:34:da:b8:e2:cc:6c:05:74:8b:bc:af:da:01:8f:55:1e:3c:
4e:54:24:af:ad:87:10:c6:db:3e:a5:09:19:6b:3d:fd:1d:d8:
ea:cd:8b:e5:56:73:6e:09:39:2e:0d:a0:0d:cf:75:a4:7d:77:
45:4e:27:4d:6d:11:8c:18:f9:c3:bd:55:3c:66:ac:17:af:e8:
da:d0:c9:4d:17:cf:56:f2:b1:1e:93:10:ab:7d:15:fe:cc:f7:
c7:ae:d2:02:af:20:61:8c:05:5f:19:f8:b9:b9:bf:39:e7:63:
fc:23:8a:d1:d8:28:98:a2:df:b0:d7:fc:b9:a7:ee:b2:16:37:
0f:d0:6e:b4:d4:91:b4:93:8f:4b:00:e0:19:d3:37:f4:98:21:
cb:13:76:c2:8b:b0:41:5e:a4:24:2a:ad:35:7b:9b:82:e1:e5:
94:4b:eb:e4:32:c2:3c:4b:a2:93:38:56:7f:5e:9f:78:f4:90:
ea:4b:c3:9c:39:85:f1:d7:18:fc:72:22:5d:a2:fd:1c:88:7b:
1f:e8:f1:73:a3:82:54:66:1f:8e:2e:c3:88:16:06:f7:54:57:
a2:f9:18:93
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlK3P6KOWFUA0SaChJQ6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjFkZjU5OGY0YThmM2EyZDA3NGNjYjZmNmQxNmI1NGQx
ZDExMWMwHhcNMjQwMTAyMDAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjA2ZDc2NjMyNjBhZjY5ZTc1Mjg2Mzk1MjEyYzM3MDM3NzM5MzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+yQQelJemtgfxUZcpXuvrqNd/Cq
EeGfnS98PJjnCNFMbz/IoAESywEiH15B/SH0BIFYg76qf4PY7rNqIzuQgcRtfNkX
Nh3LRtscI/yzxaoCXFdvcNKwv4bKt2sW/OurOI5eludwzHwMFmB9Q64Lec+d+n1z
USPKk45ZgAsYrKU7lj+QICCgRx8MD8xk5zds3r+GTw+8Db+evDdN48vn8CWR5H8P
62zoAk7r5yWXzaHim/oeQBwJr12GbwahZtMB1Mj5kSfG5j1lCrIgZMfibm4wT1P5
DdPm/ttZCMUAAWaXOND3tVEAqcxdYuuxVQ1mDBKfsjSP4sP1lXs52PEx5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO8G12YyYK9p51KGOVISw3A3c5OPMB8GA1UdIwQY
MBaAFN3x31mPSo86LQdMy29tFrVNHREcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2Ut
ZDBmMzFiYzkzMDc5LzEvN3diWFpqSmdyMm5uVW9ZNVVoTERjRGR6azQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2UtZDBmMzFiYzkzMDc5
LzEvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBubLgAwQA
wKAPAwQF1F3gMA0EAgACMAcDBQAqAiPQMA0GCSqGSIb3DQEBCwUAA4IBAQAPyNJ4
y+MU9Mib9bDMD3WCKqGg4cKnjkSWJ8TEC5mD3TsW5BRdNNq44sxsBXSLvK/aAY9V
HjxOVCSvrYcQxts+pQkZaz39HdjqzYvlVnNuCTkuDaANz3WkfXdFTidNbRGMGPnD
vVU8ZqwXr+ja0MlNF89W8rEekxCrfRX+zPfHrtICryBhjAVfGfi5ub8552P8I4rR
2CiYot+w1/y5p+6yFjcP0G601JG0k49LAOAZ0zf0mCHLE3bCi7BBXqQkKq01e5uC
4eWUS+vkMsI8S6KTOFZ/Xp949JDqS8OcOYXx1xj8ciJdov0ciHsf6PFzo4JUZh+O
LsOIFgb3VFei+RiT
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:06 2024 by rpki-client on console-ams.rpki-client.org