Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/r7_7kTyolk7kGA8EKa6Y8cw-sLY.roa
File: r7_7kTyolk7kGA8EKa6Y8cw-sLY.roa (raw, json)
Hash identifier: NZyKlENyPp3IUmcZUZs8Y3Xxhc4EYSmw4Nzb+ub7PlE=
Subject key identifier: AF:BF:FB:91:3C:A8:96:4E:E4:18:0F:04:29:AE:98:F1:CC:3E:B0:B6
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0193630015328E29B6258FC049A409F8F6AA
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/r7_7kTyolk7kGA8EKa6Y8cw-sLY.roa
Signing time: Mon 25 Nov 2024 11:06:10 +0000
ROA not before: Mon 25 Nov 2024 11:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:00:15:32:8e:29:b6:25:8f:c0:49:a4:09:f8:f6:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Nov 25 11:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afbffb913ca8964ee4180f0429ae98f1cc3eb0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:f9:05:0a:0e:e0:af:be:af:69:79:e5:8b:
47:a8:b1:09:63:7b:16:2c:d4:7f:9a:df:f6:a4:04:
29:9e:49:ca:f8:45:2e:8b:34:a3:2a:e4:f3:2d:4e:
ea:93:68:2a:c9:b1:5a:8b:83:0f:25:30:97:16:48:
eb:d5:7e:15:f0:33:75:28:7b:94:04:73:4b:22:56:
c8:0f:ee:ca:36:36:e5:a6:da:cd:de:be:2d:b8:26:
f6:87:3e:70:56:0e:6d:27:86:a5:02:53:97:30:48:
95:af:75:8a:eb:30:50:56:44:b0:3e:f8:cd:de:76:
91:7e:30:fb:d3:b3:74:4f:fc:96:f9:c8:02:aa:82:
a2:c8:1f:d1:2f:4b:62:59:89:b5:bd:bf:09:ea:31:
39:54:fa:a8:9d:ff:e2:e4:bf:0a:c0:65:b9:11:37:
7c:6b:4e:b6:66:44:7d:d3:4e:2d:9c:0e:82:fe:2e:
67:dd:79:ce:1f:16:3f:72:de:50:a1:f7:fb:65:ef:
d4:a8:34:6c:1f:f9:0f:a5:8f:d3:0a:ac:08:43:11:
a2:f5:37:fb:a9:e2:b2:b4:3a:fb:a5:14:72:48:8d:
9a:f8:0e:f8:a3:62:9b:72:58:40:2f:10:d7:54:e3:
2b:e0:63:94:7f:7e:2f:e8:cc:76:de:5e:5c:e8:d5:
7c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BF:FB:91:3C:A8:96:4E:E4:18:0F:04:29:AE:98:F1:CC:3E:B0:B6
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/r7_7kTyolk7kGA8EKa6Y8cw-sLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.236.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:bd:b2:ab:3c:11:43:48:00:95:39:f0:ba:62:75:d6:f3:4e:
99:05:3b:5a:c1:74:95:6a:19:89:70:60:98:bb:e8:77:ef:e5:
77:fc:63:7c:5d:82:e2:8b:02:9e:4a:70:07:da:ee:d5:55:d1:
36:b9:6a:0b:bb:cf:13:f9:cd:0c:48:26:d6:f7:8c:1a:8e:b4:
e3:6c:b9:25:c9:08:1a:ff:da:f5:96:81:9f:5c:1c:ab:05:89:
06:9b:45:2c:4f:b5:cd:51:e0:a9:ce:10:c0:95:5b:6d:b3:6e:
6e:cc:09:e4:c4:d8:fa:04:43:be:0c:37:e0:86:22:87:de:e5:
c6:1f:3f:fd:d9:75:0c:08:f9:85:f7:b2:af:f9:fb:3e:9d:b6:
01:60:fa:86:c4:93:cf:92:06:58:09:44:8a:b5:17:29:03:0f:
76:d7:17:23:96:dc:88:96:3e:aa:5b:8d:6f:3c:2d:d8:c8:fd:
9f:70:f3:8c:7a:d7:4f:18:67:20:a6:1e:65:b8:86:3f:bf:c7:
ad:65:e0:7d:98:52:08:a1:4e:3e:37:b7:ff:f0:33:f9:e4:95:
75:1c:f1:39:9d:32:e3:7f:3f:d8:be:fc:ff:15:2a:1d:bc:b0:
7d:05:49:70:46:cd:b5:97:a9:84:9d:74:01:18:75:10:59:e8:
1c:85:7e:92
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNjABUyjim2JY/ASaQJ+PaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjQxMTI1MTEwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJmZmI5MTNjYTg5NjRlZTQxODBmMDQyOWFlOThmMWNjM2ViMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraH5BQoO4K++r2l55YtHqLEJY3sW
LNR/mt/2pAQpnknK+EUuizSjKuTzLU7qk2gqybFai4MPJTCXFkjr1X4V8DN1KHuU
BHNLIlbID+7KNjblptrN3r4tuCb2hz5wVg5tJ4alAlOXMEiVr3WK6zBQVkSwPvjN
3naRfjD707N0T/yW+cgCqoKiyB/RL0tiWYm1vb8J6jE5VPqonf/i5L8KwGW5ETd8
a062ZkR9004tnA6C/i5n3XnOHxY/ct5Qoff7Ze/UqDRsH/kPpY/TCqwIQxGi9Tf7
qeKytDr7pRRySI2a+A74o2KbclhALxDXVOMr4GOUf34v6Mx23l5c6NV89wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK+/+5E8qJZO5BgPBCmumPHMPrC2MB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvcjdfN2tUeW9sazdrR0E4RUthNlk4Y3ctc0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgMAwD
BADRI+kDBADRI+wDBAPUO0AwDQYJKoZIhvcNAQELBQADggEBAD69sqs8EUNIAJU5
8LpiddbzTpkFO1rBdJVqGYlwYJi76Hfv5Xf8Y3xdguKLAp5KcAfa7tVV0Ta5agu7
zxP5zQxIJtb3jBqOtONsuSXJCBr/2vWWgZ9cHKsFiQabRSxPtc1R4KnOEMCVW22z
bm7MCeTE2PoEQ74MN+CGIofe5cYfP/3ZdQwI+YX3sq/5+z6dtgFg+obEk8+SBlgJ
RIq1FykDD3bXFyOW3IiWPqpbjW88LdjI/Z9w84x6108YZyCmHmW4hj+/x61l4H2Y
UgihTj43t//wM/nklXUc8TmdMuN/P9i+/P8VKh28sH0FSXBGzbWXqYSddAEYdRBZ
6ByFfpI=
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:35 2024 by rpki-client on console-fra.rpki-client.org