Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/f7BZ5lyATdJEIT8QQujdsNaaU-w.roa
File: f7BZ5lyATdJEIT8QQujdsNaaU-w.roa (raw, json)
Hash identifier: y0NjCds7ODXV5R1UiqKeym3cZYHBEMlt70W7/rxDOB4=
Subject key identifier: 7F:B0:59:E6:5C:80:4D:D2:44:21:3F:10:42:E8:DD:B0:D6:9A:53:EC
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018D209C0255CC7D621E374D69476D99320B
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/f7BZ5lyATdJEIT8QQujdsNaaU-w.roa
Signing time: Fri 19 Jan 2024 07:25:11 +0000
ROA not before: Fri 19 Jan 2024 07:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197695
IP address blocks: 79.174.80.0/21 maxlen: 24
79.174.88.0/21 maxlen: 24
89.104.64.0/21 maxlen: 24
89.111.152.0/22 maxlen: 24
89.111.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:9c:02:55:cc:7d:62:1e:37:4d:69:47:6d:99:32:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 19 07:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fb059e65c804dd244213f1042e8ddb0d69a53ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4e:b9:00:40:e8:1f:d0:e4:0e:cf:76:ac:0c:
33:9f:ff:0d:49:db:08:93:21:e4:33:ef:3b:23:bd:
aa:9e:3b:b2:62:15:f5:dc:f5:11:77:07:e8:15:58:
ab:6c:ce:57:43:bc:e8:8c:23:8a:e3:3c:0b:f3:0d:
ac:d0:cf:dc:2c:ca:a2:d8:43:4f:83:7b:06:e4:45:
40:2c:f6:05:54:a6:df:af:c8:bb:d6:52:59:48:0c:
38:46:49:f5:34:77:3a:58:54:0d:86:de:7b:fa:11:
65:f7:82:eb:3d:ed:69:0a:ff:63:06:a3:5e:37:a7:
b0:3b:ce:d5:7e:e1:18:46:79:e7:7c:e3:4e:a1:25:
96:91:47:ef:51:b3:c2:6f:e7:6f:df:bf:19:f0:40:
db:40:9b:86:5e:e2:91:d9:91:58:1e:7b:55:a0:5f:
f3:12:b8:ec:f2:73:38:52:95:ef:ff:d9:17:75:9e:
1f:6b:84:e1:b2:2d:93:63:48:79:8f:7b:04:5d:ea:
ca:17:9a:55:4a:af:c2:2b:48:2b:a0:3a:a0:58:0d:
bc:e5:1a:23:98:75:af:b8:64:bd:22:9a:6e:86:2d:
1f:c5:8b:62:f4:bf:7f:6c:bd:ac:af:d7:b9:ed:81:
60:39:62:96:76:ee:6d:35:89:c1:4e:ae:5b:fe:f5:
be:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B0:59:E6:5C:80:4D:D2:44:21:3F:10:42:E8:DD:B0:D6:9A:53:EC
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/f7BZ5lyATdJEIT8QQujdsNaaU-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.80.0/20
89.104.64.0/21
89.111.152.0/22
89.111.168.0/21
Signature Algorithm: sha256WithRSAEncryption
28:75:8b:c0:63:8c:26:00:1e:06:f9:99:24:14:8f:f2:31:4f:
39:22:dd:fc:58:24:bc:ac:b7:b9:8a:cd:08:2f:45:60:88:93:
39:9c:f3:85:6a:aa:c8:69:26:b8:6a:ce:c4:79:00:1c:35:ff:
fd:25:6d:d2:64:16:c8:cb:b0:e2:37:8b:45:51:87:ef:27:78:
c6:3a:e7:d2:da:fc:03:2f:80:28:b7:1d:90:a1:56:ff:9a:ed:
9c:2f:f9:13:70:a2:db:26:c4:15:30:2d:43:70:89:01:cb:a9:
cb:7a:23:3e:c7:70:14:b8:5a:bb:82:bc:7f:9d:b1:87:3a:78:
53:e8:db:78:15:16:87:7a:bd:e9:0e:87:bf:ca:ef:f4:91:91:
f6:69:c9:c5:01:73:5f:2c:a6:31:d3:66:5b:bd:88:48:2b:01:
aa:38:cc:a7:8f:a3:56:81:d1:1b:18:bd:d1:a6:4f:01:40:ac:
ce:e6:78:3f:97:e2:9a:62:33:6c:78:01:5d:e8:26:2c:bf:e1:
68:62:94:e1:56:8b:39:f6:11:0e:05:2f:c9:11:4d:83:d5:e3:
da:7f:a4:ff:f6:41:67:6c:94:4b:6f:5f:4a:65:77:61:2c:1b:
32:d0:6a:15:e9:32:65:f1:22:a8:aa:84:df:61:16:67:0a:a2:
1b:3f:14:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0gnAJVzH1iHjdNaUdtmTILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjQwMTE5MDcyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmIwNTllNjVjODA0ZGQyNDQyMTNmMTA0MmU4ZGRiMGQ2OWE1M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE65AEDoH9DkDs92rAwzn/8NSdsI
kyHkM+87I72qnjuyYhX13PURdwfoFVirbM5XQ7zojCOK4zwL8w2s0M/cLMqi2ENP
g3sG5EVALPYFVKbfr8i71lJZSAw4Rkn1NHc6WFQNht57+hFl94LrPe1pCv9jBqNe
N6ewO87VfuEYRnnnfONOoSWWkUfvUbPCb+dv378Z8EDbQJuGXuKR2ZFYHntVoF/z
Erjs8nM4UpXv/9kXdZ4fa4Thsi2TY0h5j3sEXerKF5pVSq/CK0groDqgWA285Roj
mHWvuGS9Ippuhi0fxYti9L9/bL2sr9e57YFgOWKWdu5tNYnBTq5b/vW+RQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH+wWeZcgE3SRCE/EELo3bDWmlPsMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvZjdCWjVseUFUZEpFSVQ4UVF1amRzTmFhVS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQET65QAwQD
WWhAAwQCWW+YAwQDWW+oMA0GCSqGSIb3DQEBCwUAA4IBAQAodYvAY4wmAB4G+Zkk
FI/yMU85It38WCS8rLe5is0IL0VgiJM5nPOFaqrIaSa4as7EeQAcNf/9JW3SZBbI
y7DiN4tFUYfvJ3jGOufS2vwDL4Aotx2QoVb/mu2cL/kTcKLbJsQVMC1DcIkBy6nL
eiM+x3AUuFq7grx/nbGHOnhT6Nt4FRaHer3pDoe/yu/0kZH2acnFAXNfLKYx02Zb
vYhIKwGqOMynj6NWgdEbGL3Rpk8BQKzO5ng/l+KaYjNseAFd6CYsv+FoYpThVos5
9hEOBS/JEU2D1ePaf6T/9kFnbJRLb19KZXdhLBsy0GoV6TJl8SKoqoTfYRZnCqIb
PxT7
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:47:51 2024 by rpki-client on console-fra.rpki-client.org