Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/x75C2pv5FH-D8VGhPNFHSU51suA.roa
File: x75C2pv5FH-D8VGhPNFHSU51suA.roa (raw, json)
Hash identifier: jdLRs0uzPP5biE1djo0oTpe1HoGaSakhm+Y9Iwivhho=
Subject key identifier: C7:BE:42:DA:9B:F9:14:7F:83:F1:51:A1:3C:D1:47:49:4E:75:B2:E0
Certificate issuer: /CN=f5ff46ba6cd8e2f35afdb5b5f9f86502f834c34a
Certificate serial: 0190912104C21AA8E00442F564A6C70CD75C
Authority key identifier: F5:FF:46:BA:6C:D8:E2:F3:5A:FD:B5:B5:F9:F8:65:02:F8:34:C3:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9f9GumzY4vNa_bW1-fhlAvg0w0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/x75C2pv5FH-D8VGhPNFHSU51suA.roa
Signing time: Mon 08 Jul 2024 06:56:18 +0000
ROA not before: Mon 08 Jul 2024 06:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15704
IP address blocks: 185.140.64.0/22 maxlen: 22
213.194.128.0/20 maxlen: 20
213.194.144.0/21 maxlen: 21
213.194.152.0/21 maxlen: 21
213.194.160.0/20 maxlen: 20
213.194.176.0/22 maxlen: 22
213.194.180.0/22 maxlen: 22
213.194.184.0/21 maxlen: 21
213.195.64.0/19 maxlen: 19
213.195.78.0/24 maxlen: 24
213.195.96.0/20 maxlen: 20
213.195.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/9f9GumzY4vNa_bW1-fhlAvg0w0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/9f9GumzY4vNa_bW1-fhlAvg0w0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/9f9GumzY4vNa_bW1-fhlAvg0w0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:21:04:c2:1a:a8:e0:04:42:f5:64:a6:c7:0c:d7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5ff46ba6cd8e2f35afdb5b5f9f86502f834c34a
Validity
Not Before: Jul 8 06:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7be42da9bf9147f83f151a13cd147494e75b2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:f2:ce:15:fc:d7:79:0b:6a:9d:0f:ce:98:
e9:2d:7c:90:f0:c3:39:84:14:b8:5c:19:04:71:89:
33:c7:90:f3:50:1b:09:6e:0c:ef:5d:e1:d7:af:bd:
06:d9:2a:f4:93:2b:42:b9:27:27:37:65:9c:09:b0:
18:38:d1:a0:4e:8f:c7:fd:86:98:c6:09:4f:d8:7b:
2d:52:03:30:a6:10:32:42:6f:ef:62:39:55:bc:47:
ff:44:97:1c:52:1c:da:b8:b9:30:77:10:49:01:7c:
2c:03:89:0c:1e:cb:07:39:60:08:4e:56:dc:c8:5d:
d9:63:46:11:17:cb:34:77:38:f7:ff:43:8f:4b:d8:
1a:e1:45:48:02:28:00:8e:0d:de:74:45:21:56:0e:
10:9a:c0:43:92:ac:4f:36:18:e8:49:37:55:2d:03:
2d:a4:88:1f:66:e7:1a:c7:c7:32:46:55:af:cd:a7:
bc:84:ae:0a:9e:99:21:2e:af:da:04:a8:61:5c:9f:
89:f7:68:f5:76:3d:b0:1f:5e:9d:22:ba:2d:bd:2e:
51:19:a3:eb:a0:65:e0:a7:7a:ca:99:d6:7a:cd:ea:
1f:04:a8:95:f5:b6:30:41:4f:9a:4c:31:ee:e2:3e:
a2:09:71:3b:94:bc:87:a1:ef:bd:48:9d:8a:52:a0:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BE:42:DA:9B:F9:14:7F:83:F1:51:A1:3C:D1:47:49:4E:75:B2:E0
X509v3 Authority Key Identifier:
keyid:F5:FF:46:BA:6C:D8:E2:F3:5A:FD:B5:B5:F9:F8:65:02:F8:34:C3:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f9GumzY4vNa_bW1-fhlAvg0w0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/x75C2pv5FH-D8VGhPNFHSU51suA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1fde04-587b-4085-b585-6ad20a2eacb8/1/9f9GumzY4vNa_bW1-fhlAvg0w0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.64.0/22
213.194.128.0/18
213.195.64.0/18
Signature Algorithm: sha256WithRSAEncryption
87:af:75:c6:28:80:87:57:40:12:e0:3d:91:49:43:b2:18:99:
dc:9a:ca:3e:50:e9:c5:f3:8a:ae:2c:5b:a7:93:41:4f:9e:ba:
69:f1:42:d4:79:29:6f:50:2b:30:4e:dd:75:bb:db:f3:72:13:
9a:ac:25:87:9a:c9:0e:f0:4c:df:2d:fa:66:28:a0:c0:2e:d1:
b6:62:d6:f7:99:5e:4b:70:f2:92:bf:98:78:0e:3a:79:d9:82:
5f:59:54:b4:d9:f3:b5:62:a1:4d:fa:8e:4c:eb:ce:9d:6b:ae:
13:86:ca:b6:a0:61:d0:7f:e3:00:b4:5b:32:1c:97:bc:01:02:
35:f9:17:06:af:1c:1c:e5:a3:0e:33:15:45:a7:9d:f3:cc:e5:
de:a7:32:f8:0e:90:12:22:49:25:ad:e0:c0:42:e1:d4:28:6e:
38:fe:00:7a:13:78:73:15:a6:56:eb:7b:04:8b:2f:6f:3b:94:
7d:cd:d4:e6:8d:71:bc:1d:e7:8a:33:6a:f6:3b:02:f5:fc:38:
2b:87:71:1e:58:95:58:8f:66:23:04:c8:ed:c6:3e:23:b6:13:
ec:5b:70:13:c0:78:0a:2f:9f:8e:c3:08:89:30:fd:18:dd:c3:
82:df:02:49:19:ed:80:53:5c:4c:f1:2e:79:17:9d:ff:f4:a2:
c3:49:56:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCRIQTCGqjgBEL1ZKbHDNdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmY0NmJhNmNkOGUyZjM1YWZkYjViNWY5Zjg2NTAyZjgz
NGMzNGEwHhcNMjQwNzA4MDY1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JlNDJkYTliZjkxNDdmODNmMTUxYTEzY2QxNDc0OTRlNzViMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymXyzhX813kLap0PzpjpLXyQ8MM5
hBS4XBkEcYkzx5DzUBsJbgzvXeHXr70G2Sr0kytCuScnN2WcCbAYONGgTo/H/YaY
xglP2HstUgMwphAyQm/vYjlVvEf/RJccUhzauLkwdxBJAXwsA4kMHssHOWAITlbc
yF3ZY0YRF8s0dzj3/0OPS9ga4UVIAigAjg3edEUhVg4QmsBDkqxPNhjoSTdVLQMt
pIgfZucax8cyRlWvzae8hK4KnpkhLq/aBKhhXJ+J92j1dj2wH16dIrotvS5RGaPr
oGXgp3rKmdZ6zeofBKiV9bYwQU+aTDHu4j6iCXE7lLyHoe+9SJ2KUqAQVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMe+Qtqb+RR/g/FRoTzRR0lOdbLgMB8GA1UdIwQY
MBaAFPX/Rrps2OLzWv21tfn4ZQL4NMNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWY5R3Vtelk0dk5hX2JXMS1maGxBdmcwdzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xZmRlMDQtNTg3Yi00MDg1LWI1ODUt
NmFkMjBhMmVhY2I4LzEveDc1QzJwdjVGSC1EOFZHaFBORkhTVTUxc3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xZmRlMDQtNTg3Yi00MDg1LWI1ODUtNmFkMjBhMmVhY2I4
LzEvOWY5R3Vtelk0dk5hX2JXMS1maGxBdmcwdzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYxAAwQG
1cKAAwQG1cNAMA0GCSqGSIb3DQEBCwUAA4IBAQCHr3XGKICHV0AS4D2RSUOyGJnc
mso+UOnF84quLFunk0FPnrpp8ULUeSlvUCswTt11u9vzchOarCWHmskO8EzfLfpm
KKDALtG2Ytb3mV5LcPKSv5h4Djp52YJfWVS02fO1YqFN+o5M686da64Thsq2oGHQ
f+MAtFsyHJe8AQI1+RcGrxwc5aMOMxVFp53zzOXepzL4DpASIkklreDAQuHUKG44
/gB6E3hzFaZW63sEiy9vO5R9zdTmjXG8HeeKM2r2OwL1/Dgrh3EeWJVYj2YjBMjt
xj4jthPsW3ATwHgKL5+OwwiJMP0Y3cOC3wJJGe2AU1xM8S55F53/9KLDSVZB
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:35:30 2024 by rpki-client on console-ams.rpki-client.org