Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/77dUyJ4MeSsZD5mHQ2GEP5BtfSE.roa
File: 77dUyJ4MeSsZD5mHQ2GEP5BtfSE.roa (raw, json)
Hash identifier: jHJDtgJVQyrEHnuCV5zBliauO87wSta2I3ITNS58r6s=
Subject key identifier: EF:B7:54:C8:9E:0C:79:2B:19:0F:99:87:43:61:84:3F:90:6D:7D:21
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018CC7956A641961DB9770052150C18BFCEB
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/77dUyJ4MeSsZD5mHQ2GEP5BtfSE.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43581
IP address blocks: 85.159.226.0/24 maxlen: 24
85.159.231.0/24 maxlen: 24
85.159.230.0/24 maxlen: 24
46.29.239.0/24 maxlen: 24
46.29.237.0/24 maxlen: 24
46.29.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 14:14:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6a:64:19:61:db:97:70:05:21:50:c1:8b:fc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efb754c89e0c792b190f99874361843f906d7d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:9b:af:fa:71:c6:9e:35:8b:c7:c1:ae:01:
32:61:01:39:76:38:de:9c:50:73:43:96:2c:f5:ac:
3d:e4:29:1d:df:12:10:f2:fb:9b:ec:64:36:44:3d:
11:9a:d8:45:89:e1:65:df:30:92:ec:b2:d4:4c:ca:
d3:6d:45:a9:a3:b8:f6:53:e0:9c:eb:ae:8f:e4:14:
2f:2a:29:f1:2a:fd:b2:c4:05:40:a7:c7:ba:4c:57:
42:62:a1:5a:d3:00:36:9d:49:33:f5:99:ca:9e:6a:
92:c9:2b:44:ac:09:a0:de:2a:b9:36:10:91:56:98:
63:31:c8:2e:77:3a:56:68:9f:f5:19:34:57:b9:1f:
1a:35:ae:3f:8d:9b:c8:4c:dc:a5:5a:9e:de:51:0f:
d1:3f:39:b1:a2:8d:4e:d0:e1:32:f4:2a:ae:87:2d:
05:d9:64:78:a5:bf:f7:a2:f7:8e:84:ac:87:a8:8e:
64:43:33:7c:f0:e6:3f:9d:66:0d:3d:e6:28:6f:6a:
0d:c0:86:da:6b:a3:f1:b3:d1:f0:08:e3:06:4f:a6:
9f:a1:88:b4:11:64:90:7d:7b:7e:6a:0a:75:da:a0:
b7:c4:d4:4f:68:b0:b0:56:71:6a:53:be:d2:bc:98:
da:95:d6:af:dd:d5:6d:8f:d6:19:2d:de:22:de:36:
81:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B7:54:C8:9E:0C:79:2B:19:0F:99:87:43:61:84:3F:90:6D:7D:21
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/77dUyJ4MeSsZD5mHQ2GEP5BtfSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.236.0/23
46.29.239.0/24
85.159.226.0/24
85.159.230.0/23
Signature Algorithm: sha256WithRSAEncryption
05:a2:08:f0:ed:98:5f:4e:03:0c:93:27:ba:6a:68:0b:1c:7c:
1a:b5:1d:11:de:b2:0f:35:4e:19:11:50:e9:db:70:02:ce:e4:
9a:7c:7a:7f:6a:c4:4d:ba:b8:93:da:a4:0b:ac:18:c7:03:64:
3b:19:3a:9c:23:4a:3d:c6:13:56:9d:a4:38:6d:53:04:8f:fe:
2d:af:ee:1e:94:2f:5f:83:a7:46:fc:00:d1:23:04:7a:9f:0c:
0e:b9:88:d9:63:34:ab:d8:65:9d:f5:d9:76:dc:9e:f1:24:9b:
45:4b:d0:e6:d9:d2:cd:2d:7c:0d:19:bd:c5:6d:24:9c:22:06:
06:a7:b6:8e:63:68:07:ab:21:3a:4b:59:cb:7c:87:b7:83:26:
22:11:e6:6e:08:19:e1:22:93:b2:54:7b:a7:f8:10:a4:0c:5d:
10:bd:d0:4b:01:b2:8a:8a:b7:bb:d0:21:27:1b:27:80:07:7f:
f3:f7:24:de:c8:63:56:5f:f3:b3:c8:89:ad:c7:6f:c6:08:1a:
c3:d5:13:42:85:90:81:b5:a6:53:c6:5f:e9:57:ee:76:a7:9e:
a7:64:e5:83:23:60:22:ab:f6:82:30:86:97:5d:82:ec:63:12:
1a:9b:d2:58:8e:e4:0f:20:8b:7b:b8:e2:94:b9:ad:f4:c9:b6:
54:68:8c:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlWpkGWHbl3AFIVDBi/zrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmI3NTRjODllMGM3OTJiMTkwZjk5ODc0MzYxODQzZjkwNmQ3ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYibr/pxxp41i8fBrgEyYQE5djje
nFBzQ5Ys9aw95Ckd3xIQ8vub7GQ2RD0RmthFieFl3zCS7LLUTMrTbUWpo7j2U+Cc
666P5BQvKinxKv2yxAVAp8e6TFdCYqFa0wA2nUkz9ZnKnmqSyStErAmg3iq5NhCR
VphjMcgudzpWaJ/1GTRXuR8aNa4/jZvITNylWp7eUQ/RPzmxoo1O0OEy9Cquhy0F
2WR4pb/3oveOhKyHqI5kQzN88OY/nWYNPeYob2oNwIbaa6Pxs9HwCOMGT6afoYi0
EWSQfXt+agp12qC3xNRPaLCwVnFqU77SvJjaldav3dVtj9YZLd4i3jaBqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO+3VMieDHkrGQ+Zh0NhhD+QbX0hMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvNzdkVXlKNE1lU3NaRDVtSFEyR0VQNUJ0ZlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLh3sAwQA
Lh3vAwQAVZ/iAwQBVZ/mMA0GCSqGSIb3DQEBCwUAA4IBAQAFogjw7ZhfTgMMkye6
amgLHHwatR0R3rIPNU4ZEVDp23ACzuSafHp/asRNuriT2qQLrBjHA2Q7GTqcI0o9
xhNWnaQ4bVMEj/4tr+4elC9fg6dG/ADRIwR6nwwOuYjZYzSr2GWd9dl23J7xJJtF
S9Dm2dLNLXwNGb3FbSScIgYGp7aOY2gHqyE6S1nLfIe3gyYiEeZuCBnhIpOyVHun
+BCkDF0QvdBLAbKKire70CEnGyeAB3/z9yTeyGNWX/OzyImtx2/GCBrD1RNChZCB
taZTxl/pV+52p56nZOWDI2Aiq/aCMIaXXYLsYxIam9JYjuQPIIt7uOKUua30ybZU
aIzl
-----END CERTIFICATE-----
Generated at Mon May 13 18:10:40 2024 by rpki-client on console-ams.rpki-client.org