Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/t7233KXPl37J_na-5rRix0a9Gl8.roa
File: t7233KXPl37J_na-5rRix0a9Gl8.roa (raw, json)
Hash identifier: THKruN4j7eLu18BDAQ/sEjjmYVScxW5Plp/jv7GyeNU=
Subject key identifier: B7:BD:B7:DC:A5:CF:97:7E:C9:FE:76:BE:E6:B4:62:C7:46:BD:1A:5F
Certificate issuer: /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial: 019035223D527B5BA183C4BB93220A0C122D
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/t7233KXPl37J_na-5rRix0a9Gl8.roa
Signing time: Thu 20 Jun 2024 10:12:34 +0000
ROA not before: Thu 20 Jun 2024 10:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41678
IP address blocks: 89.185.128.0/21 maxlen: 21
89.185.129.0/24 maxlen: 24
89.185.136.0/21 maxlen: 21
89.185.143.0/24 maxlen: 24
89.185.144.0/20 maxlen: 20
89.185.154.0/24 maxlen: 24
89.185.157.0/24 maxlen: 24
194.46.0.0/19 maxlen: 19
194.46.132.0/22 maxlen: 22
194.46.152.0/22 maxlen: 22
194.46.160.0/24 maxlen: 24
194.46.161.0/24 maxlen: 24
194.46.164.0/22 maxlen: 22
212.108.64.0/20 maxlen: 20
212.108.77.0/24 maxlen: 24
212.108.92.0/22 maxlen: 22
212.108.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:22:3d:52:7b:5b:a1:83:c4:bb:93:22:0a:0c:12:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Validity
Not Before: Jun 20 10:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7bdb7dca5cf977ec9fe76bee6b462c746bd1a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5c:45:73:db:5a:e0:4b:9e:33:e2:e6:82:74:
88:ae:26:b4:19:72:41:b7:d5:62:9a:cd:a5:58:45:
29:63:89:25:52:cb:59:67:de:76:d3:6c:17:01:dc:
05:d2:0b:05:60:89:8a:9f:72:b0:b3:07:ca:ce:fb:
71:3d:c5:34:8e:f4:0c:50:7a:39:b3:5c:5b:4f:7a:
13:87:76:95:4f:d6:67:6e:ed:8f:fd:a0:37:6c:09:
29:be:c2:a3:68:8c:7b:ff:32:91:42:38:95:89:8f:
63:48:f2:2f:07:24:a1:bb:3f:81:3b:4b:dc:bf:96:
59:da:f4:aa:60:19:32:1d:7f:ec:ff:4d:35:45:77:
36:8c:da:00:ed:c0:b4:29:e9:44:ad:e8:e0:70:91:
98:f4:8b:18:ff:fd:aa:a2:4b:85:a0:81:85:dc:4d:
db:cd:93:3c:cc:0a:a4:e9:6e:c1:13:69:61:45:10:
13:cd:97:56:2a:ef:92:5b:f3:7d:58:d1:6a:65:ba:
63:c1:f9:72:34:cb:d6:d8:9d:93:00:7a:38:63:e9:
20:7d:1b:3f:66:d3:b9:a3:ff:40:45:0b:16:62:1f:
3e:c6:9e:bb:7e:66:42:ca:93:d7:0c:38:ca:04:f1:
1b:a1:59:45:ec:39:68:36:08:dc:e2:16:7b:eb:1e:
8e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BD:B7:DC:A5:CF:97:7E:C9:FE:76:BE:E6:B4:62:C7:46:BD:1A:5F
X509v3 Authority Key Identifier:
keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/t7233KXPl37J_na-5rRix0a9Gl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.128.0/19
194.46.0.0/19
194.46.132.0/22
194.46.152.0/22
194.46.160.0/23
194.46.164.0/22
212.108.64.0/20
212.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
02:64:db:fa:8f:6e:9e:d7:37:9d:1b:d1:4e:dc:a8:c3:a0:3f:
04:28:f7:67:4f:af:eb:27:84:c3:56:fe:52:63:06:dd:62:62:
47:6b:53:b0:8d:e4:ec:d8:c3:e1:a8:37:9a:25:af:aa:50:d9:
2f:c7:06:25:9b:c1:31:62:0f:f3:e9:15:0d:e1:91:40:c9:1a:
4a:50:8e:8b:20:38:fb:5f:51:d8:0a:4e:7d:af:f5:be:09:c2:
fb:d2:46:38:fe:57:21:cd:fd:76:64:81:d2:41:30:91:c0:dc:
09:97:63:3e:f9:c7:b9:58:89:76:02:57:7c:58:43:b0:c0:f8:
fb:8b:d9:3f:19:d9:89:be:c0:88:c4:fe:ba:6c:37:d7:1a:f1:
80:e1:b7:9e:0f:f6:53:f8:08:42:e9:de:d9:70:f1:65:81:24:
56:87:6d:4d:e8:44:a3:c2:af:cd:d9:b5:79:3d:6f:ae:8a:77:
e7:13:78:80:f1:4f:c0:f9:8f:87:94:59:15:0a:95:04:b1:15:
44:12:d3:1a:57:a7:4c:d6:23:c4:28:83:86:cc:c9:8f:cf:92:
38:a7:aa:67:7a:fe:a2:65:11:bf:f8:6a:75:a5:ec:29:73:98:
ac:84:2c:14:ea:89:28:73:d3:4c:0f:36:74:44:c0:26:35:0e:
f1:fe:92:21
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZA1Ij1Se1uhg8S7kyIKDBItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjQwNjIwMTAxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2JkYjdkY2E1Y2Y5NzdlYzlmZTc2YmVlNmI0NjJjNzQ2YmQxYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VxFc9ta4EueM+LmgnSIria0GXJB
t9Vims2lWEUpY4klUstZZ95202wXAdwF0gsFYImKn3KwswfKzvtxPcU0jvQMUHo5
s1xbT3oTh3aVT9Znbu2P/aA3bAkpvsKjaIx7/zKRQjiViY9jSPIvByShuz+BO0vc
v5ZZ2vSqYBkyHX/s/001RXc2jNoA7cC0KelErejgcJGY9IsY//2qokuFoIGF3E3b
zZM8zAqk6W7BE2lhRRATzZdWKu+SW/N9WNFqZbpjwflyNMvW2J2TAHo4Y+kgfRs/
ZtO5o/9ARQsWYh8+xp67fmZCypPXDDjKBPEboVlF7DloNgjc4hZ76x6O9wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLe9t9ylz5d+yf52vua0YsdGvRpfMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvdDcyMzNLWFBsMzdKX25hLTVyUml4MGE5R2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQFWbmAAwQF
wi4AAwQCwi6EAwQCwi6YAwQBwi6gAwQCwi6kAwQE1GxAAwQC1GxcMA0GCSqGSIb3
DQEBCwUAA4IBAQACZNv6j26e1zedG9FO3KjDoD8EKPdnT6/rJ4TDVv5SYwbdYmJH
a1OwjeTs2MPhqDeaJa+qUNkvxwYlm8ExYg/z6RUN4ZFAyRpKUI6LIDj7X1HYCk59
r/W+CcL70kY4/lchzf12ZIHSQTCRwNwJl2M++ce5WIl2Ald8WEOwwPj7i9k/GdmJ
vsCIxP66bDfXGvGA4beeD/ZT+AhC6d7ZcPFlgSRWh21N6ESjwq/N2bV5PW+uinfn
E3iA8U/A+Y+HlFkVCpUEsRVEEtMaV6dM1iPEKIOGzMmPz5I4p6pnev6iZRG/+Gp1
pewpc5ishCwU6okoc9NMDzZ0RMAmNQ7x/pIh
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:58 2024 by rpki-client on console-fra.rpki-client.org