Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/7QEIkKYGfJitxSBQAg-_PjzPkEk.roa
File: 7QEIkKYGfJitxSBQAg-_PjzPkEk.roa (raw, json)
Hash identifier: WJ5EORTmyA5T8aH/bHhYJ6lhi6/PHo3ZHgTuPCovagc=
Subject key identifier: ED:01:08:90:A6:06:7C:98:AD:C5:20:50:02:0F:BF:3E:3C:CF:90:49
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 018D81B8CD7F95C1CA15D42D12984D16DD6D
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/7QEIkKYGfJitxSBQAg-_PjzPkEk.roa
Signing time: Wed 07 Feb 2024 03:59:48 +0000
ROA not before: Wed 07 Feb 2024 03:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 62.238.0.0/16 maxlen: 24
81.172.128.0/17 maxlen: 24
82.176.0.0/16 maxlen: 24
87.99.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
149.143.64.0/18 maxlen: 24
185.200.96.0/22 maxlen: 24
204.168.128.0/17 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
2a07:31c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:b8:cd:7f:95:c1:ca:15:d4:2d:12:98:4d:16:dd:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Feb 7 03:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed010890a6067c98adc52050020fbf3e3ccf9049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ee:d1:cb:2c:72:55:75:c8:70:4e:22:63:db:
17:c3:4a:c1:00:30:02:e2:7f:3a:74:fa:94:c9:4d:
a8:f5:6b:78:25:e4:94:a3:03:1d:38:db:89:4e:c6:
45:ad:88:87:36:c3:07:d2:71:65:2d:30:97:b9:f8:
c7:cd:81:26:29:2a:1b:63:19:20:3d:26:9e:be:d3:
16:58:d6:07:f2:62:ab:c7:32:d0:f0:02:b3:5f:e9:
c4:ee:fe:41:73:30:2c:49:85:e3:9d:e7:b0:ab:a5:
0a:57:f5:78:85:06:0e:61:fe:d8:a7:d6:2f:59:4a:
8b:fa:07:4d:c7:56:fb:4c:4b:8e:46:70:d5:18:31:
55:87:d5:0e:4e:08:7e:c0:69:67:5a:11:09:5d:65:
6c:9a:0c:23:6a:cf:69:52:29:fc:dd:4f:6d:61:7b:
11:d8:6f:f1:c3:98:43:96:d7:ee:ac:9c:c0:be:cf:
66:54:40:d0:6c:5c:d5:f4:59:6d:41:18:dd:00:ab:
c7:ab:c8:ac:89:ff:48:1e:18:cb:ab:12:65:28:9f:
e7:00:61:6e:99:fa:f5:36:67:da:7b:a3:c5:6e:68:
8c:1b:f0:51:a4:7a:ab:f8:60:ce:e4:d6:e1:c7:e2:
0d:f7:8d:ea:9a:05:bf:73:f0:f4:c2:f2:e7:69:66:
44:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:01:08:90:A6:06:7C:98:AD:C5:20:50:02:0F:BF:3E:3C:CF:90:49
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/7QEIkKYGfJitxSBQAg-_PjzPkEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.0.0/16
81.172.128.0/17
82.176.0.0/16
87.99.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
185.200.96.0/22
204.168.128.0/17
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:28:66:5e:d1:61:cd:26:68:4d:2f:99:8d:45:2a:26:56:32:
d7:84:27:5b:df:ec:cb:43:16:40:6f:9e:82:ca:70:49:69:3b:
f3:70:e3:62:f9:63:d3:84:ef:22:31:b1:7c:6a:d6:9f:96:d7:
db:81:e4:84:a9:a1:2d:54:2d:53:36:19:9b:af:13:f8:82:a9:
f9:4d:f6:47:b1:c8:60:17:43:64:3f:0d:2f:e6:46:5f:01:55:
ee:26:0d:2a:bb:7b:3e:5a:95:15:aa:5e:52:c3:78:1a:91:eb:
6b:92:f5:9a:eb:ac:44:d3:dd:fc:a9:d2:0a:f3:27:ea:79:4c:
0c:08:79:ac:18:98:35:4f:86:e8:93:10:e8:6e:a6:d8:b2:c0:
fb:a5:1d:57:c2:a5:6a:08:0d:8c:0c:fd:15:1d:6b:d0:78:c1:
96:78:23:c0:62:6f:61:98:16:0a:44:8c:7b:f3:e1:52:6f:06:
35:08:9a:c3:de:9e:e9:50:34:a2:a5:6a:bd:bf:9e:1a:38:3b:
ab:a1:27:0b:23:55:f2:9d:90:22:f2:ea:0e:88:bf:6b:84:c3:
05:24:d4:2c:7b:d5:38:8b:12:79:b9:18:59:3d:f9:b0:4c:59:
62:04:cb:ff:b4:8c:b2:a6:c1:e2:77:87:af:d4:a2:a1:f4:b4:
f8:62:25:36
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY2BuM1/lcHKFdQtEphNFt1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQwMjA3MDM1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDAxMDg5MGE2MDY3Yzk4YWRjNTIwNTAwMjBmYmYzZTNjY2Y5MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO7RyyxyVXXIcE4iY9sXw0rBADAC
4n86dPqUyU2o9Wt4JeSUowMdONuJTsZFrYiHNsMH0nFlLTCXufjHzYEmKSobYxkg
PSaevtMWWNYH8mKrxzLQ8AKzX+nE7v5BczAsSYXjneewq6UKV/V4hQYOYf7Yp9Yv
WUqL+gdNx1b7TEuORnDVGDFVh9UOTgh+wGlnWhEJXWVsmgwjas9pUin83U9tYXsR
2G/xw5hDltfurJzAvs9mVEDQbFzV9FltQRjdAKvHq8isif9IHhjLqxJlKJ/nAGFu
mfr1Nmfae6PFbmiMG/BRpHqr+GDO5Nbhx+IN943qmgW/c/D0wvLnaWZE1wIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFO0BCJCmBnyYrcUgUAIPvz48z5BJMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvN1FFSWtLWUdmSml0eFNCUUFnLV9QanpQa0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMDAD7uAwQH
UayAAwMAUrADBAdXY4ADBAaN4MAwDAMEBZWPIAMEB5WPAAMEArnIYAMEB8yogAME
BdRcQAMEBdRzwAMEBdUi4AMEBdk/QAMEBNlm8DAUBAIAAjAOAwUDKgIPaAMFAyoH
McAwDQYJKoZIhvcNAQELBQADggEBAGsoZl7RYc0maE0vmY1FKiZWMteEJ1vf7MtD
FkBvnoLKcElpO/Nw42L5Y9OE7yIxsXxq1p+W19uB5ISpoS1ULVM2GZuvE/iCqflN
9kexyGAXQ2Q/DS/mRl8BVe4mDSq7ez5alRWqXlLDeBqR62uS9ZrrrETT3fyp0grz
J+p5TAwIeawYmDVPhuiTEOhuptiywPulHVfCpWoIDYwM/RUda9B4wZZ4I8Bib2GY
FgpEjHvz4VJvBjUImsPenulQNKKlar2/nho4O6uhJwsjVfKdkCLy6g6Iv2uEwwUk
1Cx71TiLEnm5GFk9+bBMWWIEy/+0jLKmweJ3h6/UoqH0tPhiJTY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:20:06 2024 by rpki-client on console-fra.rpki-client.org