Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/7g_OxODexRJyVpuR3jV4We86DM0.roa
File: 7g_OxODexRJyVpuR3jV4We86DM0.roa (raw, json)
Hash identifier: Y3ZOCO2ZFGT7Kh2dLOgv73kzDS6NP/Sld5JYuvknJbQ=
Subject key identifier: EE:0F:CE:C4:E0:DE:C5:12:72:56:9B:91:DE:35:78:59:EF:3A:0C:CD
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 018D078E4490AA8BE6CFCD833F290B94AB05
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/7g_OxODexRJyVpuR3jV4We86DM0.roa
Signing time: Sun 14 Jan 2024 10:39:40 +0000
ROA not before: Sun 14 Jan 2024 10:39:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/22 maxlen: 24
192.161.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:8e:44:90:aa:8b:e6:cf:cd:83:3f:29:0b:94:ab:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Jan 14 10:39:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee0fcec4e0dec51272569b91de357859ef3a0ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:96:94:25:ce:82:29:88:0f:38:ac:d7:5b:4d:
ba:8b:cb:5a:79:4e:91:90:b7:f1:6a:ea:03:22:41:
49:91:e6:32:ab:12:f6:0e:b0:a8:97:1f:98:75:1f:
12:6e:5a:dc:78:04:57:f2:08:be:34:c9:6d:f1:12:
7c:a1:da:93:6f:d2:7f:eb:a2:d2:5a:db:a0:91:b6:
fe:e9:af:4e:df:ff:d5:18:df:9e:60:c9:c2:6f:68:
71:aa:a1:71:14:55:15:3c:fe:1c:10:69:64:e7:72:
66:be:f8:f4:7e:6d:4b:6d:7a:42:97:f2:fb:ad:55:
8c:df:f5:4e:da:8b:40:5a:cd:f3:fb:29:96:86:ac:
b4:14:05:63:97:ce:37:45:9a:57:fe:97:b3:e3:23:
7b:f6:87:6e:2b:37:41:b0:ab:72:8e:fe:c5:ff:a5:
4a:c4:a1:fb:99:b6:02:a3:1b:8c:c8:7b:d4:56:8e:
8b:fa:3c:82:e5:ae:2a:0c:11:8e:66:c9:00:78:9c:
ed:27:24:91:5a:a6:c6:e7:2b:66:2e:17:09:e6:0c:
e7:65:71:fa:92:1a:dd:38:a0:c1:46:91:63:0a:d8:
7b:f8:ce:26:27:cf:ef:69:39:4d:c5:cb:d7:79:11:
da:49:bb:3e:9a:de:4f:f6:2d:b6:85:43:1a:3b:90:
da:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:0F:CE:C4:E0:DE:C5:12:72:56:9B:91:DE:35:78:59:EF:3A:0C:CD
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/7g_OxODexRJyVpuR3jV4We86DM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
03:9b:dc:93:a4:b2:d6:f4:eb:e1:5c:0a:6c:62:6e:5d:2a:96:
d7:b6:b7:9e:6b:c0:68:2b:77:d3:ce:5d:f3:75:2b:0d:ba:dd:
6a:5c:09:be:0c:27:eb:4d:b9:4f:b3:de:dd:49:43:9e:55:e8:
78:1c:8c:eb:08:df:a4:08:4c:8b:a1:09:74:91:c3:0e:c6:52:
f5:0b:99:ca:53:bf:bd:d3:0e:68:df:cc:92:46:fc:90:af:4d:
7d:99:55:81:76:fa:07:ec:cb:d1:2d:17:5c:17:8c:3b:07:ae:
13:af:f3:b2:0c:54:20:ba:e5:1a:ee:b1:19:15:41:e5:0f:5a:
86:f1:98:55:dc:6e:0b:d6:28:57:0e:eb:94:a5:48:02:9f:4b:
5a:e4:5e:87:5b:5b:3b:3e:cd:87:26:a4:23:b1:14:3b:b3:24:
11:36:9b:6b:78:66:d4:3a:a5:dd:20:f3:6d:86:7a:85:72:d4:
48:3d:cf:bd:b1:66:d4:04:df:20:60:a6:c1:2e:51:1e:ec:61:
60:96:13:96:8b:26:f2:06:79:a0:5a:c4:9f:51:88:68:5c:65:
6b:81:04:8f:ea:85:5b:8e:ee:e3:23:55:6e:80:6a:10:41:bc:
99:ee:8e:91:a7:c2:9c:a6:de:ca:cf:da:c8:ba:69:0a:9a:bb:
28:ee:28:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0HjkSQqovmz82DPykLlKsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjQwMTE0MTAzOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTBmY2VjNGUwZGVjNTEyNzI1NjliOTFkZTM1Nzg1OWVmM2EwY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZaUJc6CKYgPOKzXW026i8taeU6R
kLfxauoDIkFJkeYyqxL2DrColx+YdR8SblrceARX8gi+NMlt8RJ8odqTb9J/66LS
Wtugkbb+6a9O3//VGN+eYMnCb2hxqqFxFFUVPP4cEGlk53Jmvvj0fm1LbXpCl/L7
rVWM3/VO2otAWs3z+ymWhqy0FAVjl843RZpX/pez4yN79oduKzdBsKtyjv7F/6VK
xKH7mbYCoxuMyHvUVo6L+jyC5a4qDBGOZskAeJztJySRWqbG5ytmLhcJ5gznZXH6
khrdOKDBRpFjCth7+M4mJ8/vaTlNxcvXeRHaSbs+mt5P9i22hUMaO5DaEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO4PzsTg3sUSclabkd41eFnvOgzNMB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvN2dfT3hPRGV4Ukp5VnB1UjNqVjRXZTg2RE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQADm9yTpLLW9OvhXAps
Ym5dKpbXtreea8BoK3fTzl3zdSsNut1qXAm+DCfrTblPs97dSUOeVeh4HIzrCN+k
CEyLoQl0kcMOxlL1C5nKU7+90w5o38ySRvyQr019mVWBdvoH7MvRLRdcF4w7B64T
r/OyDFQguuUa7rEZFUHlD1qG8ZhV3G4L1ihXDuuUpUgCn0ta5F6HW1s7Ps2HJqQj
sRQ7syQRNptreGbUOqXdIPNthnqFctRIPc+9sWbUBN8gYKbBLlEe7GFglhOWiyby
BnmgWsSfUYhoXGVrgQSP6oVbju7jI1VugGoQQbyZ7o6Rp8Kcpt7Kz9rIumkKmrso
7ijW
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:42:23 2024 by rpki-client on console-fra.rpki-client.org