Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/fHeYJ2Smg9vEbBojb_F6yV56OkA.roa
File: fHeYJ2Smg9vEbBojb_F6yV56OkA.roa (raw, json)
Hash identifier: supk2X9b5yd+D1QtCPTWu/ccFxgWeb/2UO5SKLZwNRc=
Subject key identifier: 7C:77:98:27:64:A6:83:DB:C4:6C:1A:23:6F:F1:7A:C9:5E:7A:3A:40
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 018CC94D824299246200353AEC939CB04B89
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/fHeYJ2Smg9vEbBojb_F6yV56OkA.roa
Signing time: Tue 02 Jan 2024 08:32:29 +0000
ROA not before: Tue 02 Jan 2024 08:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43775
IP address blocks: 91.147.184.0/24 maxlen: 24
91.147.186.0/24 maxlen: 24
91.147.180.0/24 maxlen: 24
91.147.185.0/24 maxlen: 24
91.147.183.0/24 maxlen: 24
91.147.181.0/24 maxlen: 24
91.147.188.0/24 maxlen: 24
91.147.190.0/24 maxlen: 24
91.147.187.0/24 maxlen: 24
91.147.191.0/24 maxlen: 24
91.147.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:82:42:99:24:62:00:35:3a:ec:93:9c:b0:4b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: Jan 2 08:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c77982764a683dbc46c1a236ff17ac95e7a3a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:93:03:98:ad:6b:1e:e2:b2:61:6c:6a:bf:75:
9d:56:13:58:2f:1f:3b:36:89:0d:54:de:10:44:6c:
77:d9:27:79:1c:04:35:1e:ed:39:89:5a:d0:bc:fd:
bf:2a:d4:fd:0a:5d:2b:7b:78:6b:1b:33:91:eb:79:
3d:0f:c4:cb:d2:e6:47:11:d7:cd:dd:8b:2c:0f:fb:
89:0e:dc:2d:7f:db:12:74:a8:1c:c6:58:ba:b5:a1:
16:25:2b:d4:4d:0d:72:f0:0d:e5:24:77:a1:8a:68:
ed:5f:5e:3a:3e:84:48:2d:4b:57:ba:a2:0f:b4:84:
2e:f4:93:c3:22:33:c9:25:51:49:89:b7:d9:ba:94:
f9:9b:ea:d0:38:22:aa:44:17:85:2e:5d:d5:5d:4b:
67:bd:1e:4c:64:64:7d:ea:e2:08:d2:ad:3d:ce:47:
43:93:bb:55:c1:5a:36:51:cf:02:44:ad:67:2d:d8:
e3:a4:e2:f7:e8:c4:5c:b9:6d:f6:aa:26:7a:29:83:
50:19:e6:fe:28:25:7e:0b:fc:41:b7:38:e4:48:16:
86:d1:ad:0b:98:12:00:13:ec:ad:a3:ec:94:d0:65:
21:18:91:56:73:80:d3:ac:45:ba:95:67:fc:f0:a4:
f5:99:c2:54:b9:3f:ec:15:9a:29:32:a7:15:bb:7d:
36:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:77:98:27:64:A6:83:DB:C4:6C:1A:23:6F:F1:7A:C9:5E:7A:3A:40
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/fHeYJ2Smg9vEbBojb_F6yV56OkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.180.0/23
91.147.183.0-91.147.191.255
Signature Algorithm: sha256WithRSAEncryption
ae:b9:3d:b4:c0:11:aa:91:0f:81:c1:80:80:b6:6f:aa:b6:dd:
3f:9e:07:8a:79:8b:92:08:0c:16:27:7e:74:34:a8:48:21:ea:
0a:e7:c8:db:db:94:1f:ce:e8:cf:8c:11:4b:cf:0d:b5:fc:4d:
4d:07:18:85:31:f0:1f:fa:93:07:dc:82:44:2a:8b:71:ed:b7:
e2:1b:55:eb:19:fa:66:b3:bd:f1:fa:37:05:c2:c0:f3:c2:91:
73:a1:02:e7:01:7c:59:41:2a:b1:2e:23:71:b3:14:b2:c4:52:
37:6d:7d:ec:dc:c5:fd:08:88:82:98:c9:e5:6b:88:94:5a:96:
6a:3b:71:7c:51:74:26:45:93:39:fb:a7:9a:bc:ec:08:6c:18:
0c:4e:07:1f:54:e5:69:72:aa:3d:16:e5:f2:25:09:c7:54:9e:
28:40:97:bf:ec:62:64:d3:a8:7a:5e:fb:be:68:8e:b6:44:f2:
70:a0:05:a2:b0:2d:81:8f:52:c2:5c:0f:46:4c:db:bc:75:75:
32:84:c4:73:67:ff:02:9b:bb:ca:be:74:31:43:7b:ba:af:20:
4d:2e:fd:1b:f8:f8:90:4f:b5:30:91:df:64:a5:db:1f:b0:8f:
95:38:1f:02:29:53:63:af:04:02:07:13:e3:ba:ba:74:31:9f:
6a:46:ce:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJTYJCmSRiADU67JOcsEuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjQwMTAyMDgzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc3OTgyNzY0YTY4M2RiYzQ2YzFhMjM2ZmYxN2FjOTVlN2EzYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupMDmK1rHuKyYWxqv3WdVhNYLx87
NokNVN4QRGx32Sd5HAQ1Hu05iVrQvP2/KtT9Cl0re3hrGzOR63k9D8TL0uZHEdfN
3YssD/uJDtwtf9sSdKgcxli6taEWJSvUTQ1y8A3lJHehimjtX146PoRILUtXuqIP
tIQu9JPDIjPJJVFJibfZupT5m+rQOCKqRBeFLl3VXUtnvR5MZGR96uII0q09zkdD
k7tVwVo2Uc8CRK1nLdjjpOL36MRcuW32qiZ6KYNQGeb+KCV+C/xBtzjkSBaG0a0L
mBIAE+yto+yU0GUhGJFWc4DTrEW6lWf88KT1mcJUuT/sFZopMqcVu302RwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHx3mCdkpoPbxGwaI2/xesleejpAMB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvZkhlWUoyU21nOXZFYkJvamJfRjZ5VjU2T2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW5O0MAwD
BABbk7cDBAZbk4AwDQYJKoZIhvcNAQELBQADggEBAK65PbTAEaqRD4HBgIC2b6q2
3T+eB4p5i5IIDBYnfnQ0qEgh6grnyNvblB/O6M+MEUvPDbX8TU0HGIUx8B/6kwfc
gkQqi3Htt+IbVesZ+mazvfH6NwXCwPPCkXOhAucBfFlBKrEuI3GzFLLEUjdtfezc
xf0IiIKYyeVriJRalmo7cXxRdCZFkzn7p5q87AhsGAxOBx9U5Wlyqj0W5fIlCcdU
nihAl7/sYmTTqHpe+75ojrZE8nCgBaKwLYGPUsJcD0ZM27x1dTKExHNn/wKbu8q+
dDFDe7qvIE0u/Rv4+JBPtTCR32Sl2x+wj5U4HwIpU2OvBAIHE+O6unQxn2pGzpQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:44:50 2024 by rpki-client on console-fra.rpki-client.org