Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EXs_CZo3VyMCSUwjnpa6GUJPCnY.roa
File: EXs_CZo3VyMCSUwjnpa6GUJPCnY.roa (raw, json)
Hash identifier: ye9lngNWiExnN4Cn+xVGuetQJhhKmHTcgIj5YTalkdg=
Subject key identifier: 11:7B:3F:09:9A:37:57:23:02:49:4C:23:9E:96:BA:19:42:4F:0A:76
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA993A7F4BB365FBE01523B8445B5D13
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EXs_CZo3VyMCSUwjnpa6GUJPCnY.roa
Signing time: Tue 02 Jan 2024 14:34:48 +0000
ROA not before: Tue 02 Jan 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208555
IP address blocks: 87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
62.220.126.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:3a:7f:4b:b3:65:fb:e0:15:23:b8:44:5b:5d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=117b3f099a37572302494c239e96ba19424f0a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:5b:81:85:dc:52:7d:c8:e7:4d:a8:78:c4:
6f:12:10:5c:8a:57:5b:f9:64:2c:c6:f2:33:5e:21:
ba:e2:ad:89:90:52:b9:11:a0:6a:8a:62:21:b3:98:
df:cf:20:43:19:21:b6:f1:34:46:4c:44:f3:70:82:
08:ab:31:26:8c:26:f0:da:b3:d0:20:83:2a:9a:63:
f4:80:52:3f:6d:6e:34:7c:47:33:d2:17:ec:f7:2c:
0a:48:80:19:47:fc:6c:ef:61:73:e1:c4:cf:24:c3:
e9:82:5c:ad:8f:c6:c9:8b:82:2a:30:20:75:45:08:
f8:0b:31:69:0a:e2:8f:2a:81:89:9b:0f:07:f5:8d:
e3:da:a1:5b:e4:99:ef:32:36:c9:fd:76:7b:72:82:
b6:8b:38:0d:94:a3:25:00:61:59:2b:e9:bb:db:7c:
d8:f3:53:6b:42:ce:14:93:2f:dc:99:03:82:21:cb:
91:da:e8:6a:c1:84:01:28:33:ca:15:50:7b:43:ea:
4c:78:f6:a4:62:04:d7:f2:f6:b2:f2:74:f0:f2:96:
41:e6:68:61:dd:0c:84:6b:d6:26:5c:71:46:89:96:
38:b5:7a:8b:59:0b:36:27:d9:81:08:9b:df:73:f0:
16:0d:85:24:8e:08:78:48:77:b4:00:ae:0a:b0:31:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7B:3F:09:9A:37:57:23:02:49:4C:23:9E:96:BA:19:42:4F:0A:76
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/EXs_CZo3VyMCSUwjnpa6GUJPCnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:c4:9e:b3:53:87:7c:34:ab:99:db:ad:ee:55:7c:55:7d:49:
80:72:59:f1:62:b0:63:10:3a:bb:96:d9:bb:50:5a:38:92:69:
c5:81:81:b6:ab:7d:21:04:a0:70:3e:fc:80:a2:4c:20:82:5d:
f9:bb:11:90:7b:c8:52:d4:e1:a5:fa:02:48:c0:4b:72:0e:53:
c8:22:eb:d8:38:32:bd:14:33:cd:32:6e:12:4b:37:8e:b1:1c:
78:ec:cd:5a:81:88:32:e8:25:40:6b:41:91:4f:aa:6f:3b:b4:
28:fc:c1:cb:9e:43:f1:17:40:c7:37:8a:d4:e8:25:6d:49:76:
02:94:0d:45:49:27:27:4e:c5:c0:49:a5:6f:f5:a4:ec:fe:69:
13:c1:10:09:a0:1c:9f:3a:47:62:34:d5:7e:e5:60:ad:5a:30:
3b:bf:37:15:06:3e:fa:31:ac:08:0f:20:51:b6:32:53:0b:d4:
e6:d4:3a:dd:09:f4:01:0e:60:da:5d:76:b2:5c:5a:86:7f:29:
08:11:96:9a:61:37:7d:e2:3c:b2:e4:49:76:0b:36:d6:47:f0:
fd:8e:ef:a4:89:03:47:9e:0e:dd:aa:57:da:cd:d0:33:71:63:
1b:4d:c3:ff:f1:68:7c:43:d4:b1:57:2c:89:77:b7:1e:85:c2:
18:31:b2:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKmTp/S7Nl++AVI7hEW10TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdiM2YwOTlhMzc1NzIzMDI0OTRjMjM5ZTk2YmExOTQyNGYwYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMpbgYXcUn3I502oeMRvEhBcildb
+WQsxvIzXiG64q2JkFK5EaBqimIhs5jfzyBDGSG28TRGTETzcIIIqzEmjCbw2rPQ
IIMqmmP0gFI/bW40fEcz0hfs9ywKSIAZR/xs72Fz4cTPJMPpglytj8bJi4IqMCB1
RQj4CzFpCuKPKoGJmw8H9Y3j2qFb5JnvMjbJ/XZ7coK2izgNlKMlAGFZK+m723zY
81NrQs4Uky/cmQOCIcuR2uhqwYQBKDPKFVB7Q+pMePakYgTX8vay8nTw8pZB5mhh
3QyEa9YmXHFGiZY4tXqLWQs2J9mBCJvfc/AWDYUkjgh4SHe0AK4KsDEc1QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBF7PwmaN1cjAklMI56WuhlCTwp2MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvRVhzX0NabzNWeU1DU1V3am5wYTZHVUpQQ25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQC
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQCqxJ6zU4d8NKuZ263uVXxVfUmAclnxYrBjEDq7ltm7UFo4kmnFgYG2q30h
BKBwPvyAokwggl35uxGQe8hS1OGl+gJIwEtyDlPIIuvYODK9FDPNMm4SSzeOsRx4
7M1agYgy6CVAa0GRT6pvO7Qo/MHLnkPxF0DHN4rU6CVtSXYClA1FSScnTsXASaVv
9aTs/mkTwRAJoByfOkdiNNV+5WCtWjA7vzcVBj76MawIDyBRtjJTC9Tm1DrdCfQB
DmDaXXayXFqGfykIEZaaYTd94jyy5El2CzbWR/D9ju+kiQNHng7dqlfazdAzcWMb
TcP/8Wh8Q9SxVyyJd7cehcIYMbJg
-----END CERTIFICATE-----
Generated at Fri May 17 15:03:40 2024 by rpki-client on console-fra.rpki-client.org