Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f7S3PdtsgxnRDt-yKh1AugqjdCk.roa
File: f7S3PdtsgxnRDt-yKh1AugqjdCk.roa (raw, json)
Hash identifier: 3mVFnha97DnBiStDLkVzjzI9vPU6Baalo/2VQXXIXWk=
Subject key identifier: 7F:B4:B7:3D:DB:6C:83:19:D1:0E:DF:B2:2A:1D:40:BA:0A:A3:74:29
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC727604B2652093512C0C1E73A8C8C2F
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f7S3PdtsgxnRDt-yKh1AugqjdCk.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2590
IP address blocks: 89.174.32.0/23 maxlen: 24
89.174.73.128/25 maxlen: 25
89.174.74.128/25 maxlen: 25
78.133.144.0/22 maxlen: 24
89.174.229.0/24 maxlen: 24
85.219.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:60:4b:26:52:09:35:12:c0:c1:e7:3a:8c:8c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fb4b73ddb6c8319d10edfb22a1d40ba0aa37429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:58:23:36:e0:7b:12:5f:b3:c7:e7:78:e0:
2a:3f:b6:be:0f:92:30:95:a0:5f:1b:c3:f3:ac:bb:
d9:40:53:b5:2c:0f:1f:39:42:80:67:72:a4:6f:95:
0c:5f:ff:4e:2f:26:7c:02:83:70:2b:ff:19:ae:25:
7c:e9:c7:86:d5:35:34:62:f8:ce:25:de:aa:31:4d:
b8:f1:c9:56:5c:a4:02:70:c9:e9:bd:00:ce:f2:52:
60:b1:51:cc:70:b0:4b:fa:28:37:8f:11:b6:ea:2b:
41:32:17:04:d4:c9:04:a8:1a:30:b7:05:68:d4:3a:
ab:9c:0d:47:ab:a5:d7:15:e3:94:29:68:93:15:b5:
c6:c1:03:51:a3:4a:9a:d9:dc:fd:b2:ae:f1:78:7d:
33:cd:28:33:f6:13:be:88:a4:b7:ce:c6:1d:43:f3:
ec:4a:1e:c4:3f:af:e0:b4:03:2b:03:b0:84:35:f2:
ca:d6:87:0d:89:de:55:52:21:8e:61:ae:dd:a2:5c:
3d:b4:79:bd:9e:13:22:93:47:3a:b0:db:0d:5d:c1:
a3:9b:e4:e8:a9:68:da:a0:f3:ec:cd:56:19:9d:d5:
ae:06:56:1b:b8:e3:72:4f:98:95:47:bc:66:c7:15:
6b:85:a3:eb:ba:a4:a8:cf:e8:c3:94:94:da:50:85:
67:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B4:B7:3D:DB:6C:83:19:D1:0E:DF:B2:2A:1D:40:BA:0A:A3:74:29
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f7S3PdtsgxnRDt-yKh1AugqjdCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.144.0/22
85.219.244.0/22
89.174.32.0/23
89.174.73.128/25
89.174.74.128/25
89.174.229.0/24
Signature Algorithm: sha256WithRSAEncryption
15:41:ed:04:cd:63:a4:1a:a6:da:c5:b1:22:0a:8d:78:d8:7a:
22:37:43:e5:d2:22:aa:b4:8b:92:25:60:04:ef:da:40:15:c5:
ad:ca:5b:3b:2e:8b:3e:98:43:78:1f:b1:34:e2:69:0a:f9:60:
b5:ae:06:e4:01:c2:79:42:1e:ae:2c:d0:d5:90:5e:c1:28:30:
d9:63:c3:6b:7a:05:40:e3:2f:cb:20:62:b6:5b:8b:c3:23:e3:
8d:34:82:64:64:d0:68:d6:b7:85:98:72:db:98:23:23:6b:b7:
7c:13:69:ea:51:b1:09:26:f6:aa:a7:63:66:d1:32:d9:f7:72:
f6:34:a7:8d:ee:2b:df:21:8c:0c:ff:6d:bf:92:24:08:aa:4c:
bb:87:ea:16:00:61:b7:a2:4f:74:c1:bf:30:ec:2d:73:a8:fd:
50:82:52:8f:2c:6e:1e:cf:cd:31:de:51:54:7c:ef:1e:9a:d6:
7a:10:d9:87:cd:ca:ac:af:1f:50:fd:ee:5c:f7:a0:42:91:2f:
c0:a6:7e:e4:57:24:49:9f:4f:38:be:2a:68:7f:45:69:ca:b6:
a2:cf:54:c8:3b:50:7a:55:b9:61:68:ce:54:d1:22:7b:67:03:
8d:45:1a:b3:33:44:70:a0:78:ba:37:6b:1c:89:00:5d:00:20:
f5:f3:36:4b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJ2BLJlIJNRLAwec6jIwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmI0YjczZGRiNmM4MzE5ZDEwZWRmYjIyYTFkNDBiYTBhYTM3NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYtYIzbgexJfs8fneOAqP7a+D5Iw
laBfG8PzrLvZQFO1LA8fOUKAZ3Kkb5UMX/9OLyZ8AoNwK/8ZriV86ceG1TU0YvjO
Jd6qMU248clWXKQCcMnpvQDO8lJgsVHMcLBL+ig3jxG26itBMhcE1MkEqBowtwVo
1DqrnA1Hq6XXFeOUKWiTFbXGwQNRo0qa2dz9sq7xeH0zzSgz9hO+iKS3zsYdQ/Ps
Sh7EP6/gtAMrA7CENfLK1ocNid5VUiGOYa7dolw9tHm9nhMik0c6sNsNXcGjm+To
qWjaoPPszVYZndWuBlYbuONyT5iVR7xmxxVrhaPruqSoz+jDlJTaUIVn6QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFH+0tz3bbIMZ0Q7fsiodQLoKo3QpMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvZjdTM1BkdHNneG5SRHQteUtoMUF1Z3FqZENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCToWQAwQC
Vdv0AwQBWa4gAwUHWa5JgAMFB1muSoADBABZruUwDQYJKoZIhvcNAQELBQADggEB
ABVB7QTNY6QaptrFsSIKjXjYeiI3Q+XSIqq0i5IlYATv2kAVxa3KWzsuiz6YQ3gf
sTTiaQr5YLWuBuQBwnlCHq4s0NWQXsEoMNljw2t6BUDjL8sgYrZbi8Mj4400gmRk
0GjWt4WYctuYIyNrt3wTaepRsQkm9qqnY2bRMtn3cvY0p43uK98hjAz/bb+SJAiq
TLuH6hYAYbeiT3TBvzDsLXOo/VCCUo8sbh7PzTHeUVR87x6a1noQ2YfNyqyvH1D9
7lz3oEKRL8CmfuRXJEmfTzi+Kmh/RWnKtqLPVMg7UHpVuWFozlTRIntnA41FGrMz
RHCgeLo3axyJAF0AIPXzNks=
-----END CERTIFICATE-----
Generated at Fri May 17 09:09:31 2024 by rpki-client on console-fra.rpki-client.org