Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7UV9t_s12FK9wNTwpWkvqu1dzLQ.roa
File: 7UV9t_s12FK9wNTwpWkvqu1dzLQ.roa (raw, json)
Hash identifier: Nnch0gQLoZNXEBzg4G6g3m09D8T+RfelExAddRTj378=
Subject key identifier: ED:45:7D:B7:FB:35:D8:52:BD:C0:D4:F0:A5:69:2F:AA:ED:5D:CC:B4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019007E5BB2B199E80E1BBECDADAEEA50673
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7UV9t_s12FK9wNTwpWkvqu1dzLQ.roa
Signing time: Tue 11 Jun 2024 15:23:34 +0000
ROA not before: Tue 11 Jun 2024 15:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:e5:bb:2b:19:9e:80:e1:bb:ec:da:da:ee:a5:06:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 11 15:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed457db7fb35d852bdc0d4f0a5692faaed5dccb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:82:c6:24:f3:84:3a:44:f8:83:9e:fe:31:03:
21:2c:6d:e8:19:62:6d:72:12:54:f0:34:fa:06:af:
3c:cf:6e:5a:dc:9f:b0:61:7f:7d:72:7a:7a:d2:e3:
c8:20:d4:bb:e0:ec:a9:a9:b0:ba:c4:fb:dd:c2:62:
e1:e8:9e:c5:40:02:e6:b4:db:2e:3d:58:af:99:02:
5f:3f:41:a0:48:8a:bb:8c:1b:c1:a1:f6:ab:7d:ef:
27:21:d6:12:21:1f:1f:4f:ff:a3:d6:4e:2d:55:85:
ee:59:26:54:cc:c0:c2:f2:11:fc:d3:1d:fc:3d:57:
37:a9:49:1b:62:24:db:ae:9a:44:c8:a5:0f:b8:29:
88:6b:f0:2e:63:1c:85:c9:e3:83:18:da:b1:e5:43:
4e:f0:e2:31:ae:48:8e:50:d1:59:01:ba:94:d2:8a:
76:ec:c5:30:4a:1d:f9:8a:28:19:8a:da:d5:d0:0b:
01:2c:48:7e:85:da:48:b7:03:d3:3c:12:99:74:37:
42:cd:f1:6a:c0:99:7c:f7:d1:61:1a:91:e0:cd:3c:
7c:df:14:68:7e:bb:34:28:d2:ef:6b:f1:0e:6f:6e:
6f:c5:c3:b5:9d:ef:47:f6:be:a8:db:f9:12:6f:21:
01:a2:8c:0c:3c:a6:dc:a5:4a:d1:7e:22:fa:b4:fb:
5b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:45:7D:B7:FB:35:D8:52:BD:C0:D4:F0:A5:69:2F:AA:ED:5D:CC:B4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7UV9t_s12FK9wNTwpWkvqu1dzLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
02:c4:42:52:31:96:4b:41:f7:af:b5:1a:b0:97:90:8f:0b:bb:
be:5b:71:56:b0:58:a8:4e:9a:41:50:51:e6:c0:90:47:37:29:
f1:8e:4a:b5:f0:9d:d2:8d:f6:7b:1e:d7:bb:75:08:9a:53:6e:
5d:d6:9c:ff:a6:0b:d6:f5:21:41:f7:59:99:e4:7d:19:80:b0:
7d:59:40:c8:96:72:70:9d:7c:6e:53:59:6e:3b:45:cb:c5:d7:
e0:ae:53:fe:34:aa:df:d0:31:9b:01:bf:fd:2d:2f:f7:a7:e5:
38:85:5a:8f:16:26:60:8d:b1:d2:d6:d0:29:da:12:f1:ac:28:
2c:12:12:fa:ce:86:8d:fc:a7:16:d2:bf:b2:9d:3e:29:38:5b:
7d:1e:a5:90:d2:48:75:2a:d0:89:e7:04:fe:00:77:00:5e:ad:
8b:7c:9c:c1:47:52:ab:ec:d7:5c:d5:4b:ed:0d:2c:1d:67:23:
69:96:e1:bd:ee:78:f5:6e:24:2d:98:34:6a:c5:62:94:cc:47:
c2:5d:2b:5a:72:ab:db:d1:33:3d:6f:fe:f2:e8:18:8f:b0:99:
5e:ce:be:7a:9d:81:ac:46:6c:86:0e:12:fd:38:d3:58:9c:ea:
08:3c:b5:00:02:44:33:e5:b1:b6:20:17:19:d4:7b:05:75:7e:
fe:ed:4a:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAH5bsrGZ6A4bvs2trupQZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjExMTUyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ1N2RiN2ZiMzVkODUyYmRjMGQ0ZjBhNTY5MmZhYWVkNWRjY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YLGJPOEOkT4g57+MQMhLG3oGWJt
chJU8DT6Bq88z25a3J+wYX99cnp60uPIINS74OypqbC6xPvdwmLh6J7FQALmtNsu
PVivmQJfP0GgSIq7jBvBofarfe8nIdYSIR8fT/+j1k4tVYXuWSZUzMDC8hH80x38
PVc3qUkbYiTbrppEyKUPuCmIa/AuYxyFyeODGNqx5UNO8OIxrkiOUNFZAbqU0op2
7MUwSh35iigZitrV0AsBLEh+hdpItwPTPBKZdDdCzfFqwJl899FhGpHgzTx83xRo
frs0KNLva/EOb25vxcO1ne9H9r6o2/kSbyEBoowMPKbcpUrRfiL6tPtb+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO1Ffbf7NdhSvcDU8KVpL6rtXcy0MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvN1VWOXRfczEyRks5d05Ud3BXa3ZxdTFkekxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQD
W7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQACxEJSMZZLQfevtRqwl5CPC7u+
W3FWsFioTppBUFHmwJBHNynxjkq18J3SjfZ7Hte7dQiaU25d1pz/pgvW9SFB91mZ
5H0ZgLB9WUDIlnJwnXxuU1luO0XLxdfgrlP+NKrf0DGbAb/9LS/3p+U4hVqPFiZg
jbHS1tAp2hLxrCgsEhL6zoaN/KcW0r+ynT4pOFt9HqWQ0kh1KtCJ5wT+AHcAXq2L
fJzBR1Kr7Ndc1UvtDSwdZyNpluG97nj1biQtmDRqxWKUzEfCXStacqvb0TM9b/7y
6BiPsJlezr56nYGsRmyGDhL9ONNYnOoIPLUAAkQz5bG2IBcZ1HsFdX7+7UoZ
-----END CERTIFICATE-----
Generated at Thu Jun 13 05:50:20 2024 by rpki-client on console-fra.rpki-client.org