Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/7InhY5Wa7eDUA5x8oO12JLgqwLw.roa
File: 7InhY5Wa7eDUA5x8oO12JLgqwLw.roa (raw, json)
Hash identifier: sHzxzZTgOEtffcc0QXzPFm078X5dMCT3ne5i11sQGU8=
Subject key identifier: EC:89:E1:63:95:9A:ED:E0:D4:03:9C:7C:A0:ED:76:24:B8:2A:C0:BC
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018E757B188389F89DDD7374C573253FC4AC
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/7InhY5Wa7eDUA5x8oO12JLgqwLw.roa
Signing time: Mon 25 Mar 2024 11:59:45 +0000
ROA not before: Mon 25 Mar 2024 11:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 91.108.226.0/24 maxlen: 24
91.108.227.0/24 maxlen: 24
91.108.244.0/24 maxlen: 24
91.108.245.0/24 maxlen: 24
91.108.246.0/24 maxlen: 24
91.108.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:7b:18:83:89:f8:9d:dd:73:74:c5:73:25:3f:c4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Mar 25 11:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec89e163959aede0d4039c7ca0ed7624b82ac0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:38:b7:13:4c:67:c7:49:cf:36:ed:bb:28:
70:49:9f:66:05:4d:0d:0e:11:1f:06:3d:53:a9:5c:
ff:a9:09:80:b5:5f:25:ba:92:3d:c8:10:84:77:b8:
0c:36:5a:8b:58:fb:27:de:c5:0c:ee:6d:83:c4:dd:
91:f6:d4:9b:e5:11:d7:cb:6a:16:99:5a:a0:7a:95:
e3:0a:d2:d7:b0:a4:32:c5:1f:02:52:68:81:af:42:
e6:92:d7:22:43:01:ea:b6:dd:c4:10:66:8e:61:08:
f8:20:c9:99:3b:b5:e5:9d:95:1c:9c:4f:a8:71:29:
8c:58:8f:9a:15:d2:fc:db:d9:8c:71:59:8d:9f:d7:
35:78:0f:cf:2d:ff:56:4d:8f:41:a0:c2:e4:a0:fd:
ce:87:de:04:77:35:91:ea:50:1e:2d:47:39:a4:ce:
ba:44:f1:bf:16:4d:d3:68:c8:68:79:40:c3:66:4f:
9b:83:25:53:12:87:57:4f:c2:ff:41:41:8c:bf:a5:
10:cb:f4:75:f1:f8:24:00:4e:e4:8b:de:48:c9:0c:
54:ff:0d:b1:7e:cc:97:1e:89:2f:47:54:ca:b4:7d:
35:88:12:e0:f3:e5:1e:80:af:0a:6a:55:31:38:8c:
bf:90:35:99:06:46:8c:f3:c1:ef:56:c5:d3:b9:b9:
84:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:89:E1:63:95:9A:ED:E0:D4:03:9C:7C:A0:ED:76:24:B8:2A:C0:BC
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/7InhY5Wa7eDUA5x8oO12JLgqwLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.226.0/23
91.108.244.0/22
Signature Algorithm: sha256WithRSAEncryption
58:b7:5c:d5:35:f5:84:05:14:51:6e:4b:cb:59:c4:d5:bd:2c:
3b:e5:25:c4:4b:87:bc:3d:a1:9e:23:58:46:7a:7e:14:1f:bd:
e7:67:a4:09:aa:74:bb:42:72:ab:10:72:b3:1b:0f:bb:6f:e7:
a3:2f:04:a7:19:40:1f:b2:c4:02:30:62:15:9e:f0:31:6d:d7:
4c:c0:9a:7f:de:bc:50:3f:3a:2a:bf:23:75:60:18:84:c7:1a:
ec:03:b6:9e:61:38:a6:11:3e:40:dc:26:c3:80:6e:90:dc:5d:
66:3e:4b:6c:fc:57:2d:8f:dc:74:ee:1d:c6:f0:62:34:28:3b:
c4:f1:e3:cb:6d:8c:a3:cb:15:d1:b7:76:c3:16:0f:12:4f:55:
da:d4:a7:16:b7:8b:b6:23:ea:f8:f7:9f:c5:b0:0b:da:eb:a0:
9a:55:98:54:71:a9:65:52:cc:48:c8:a5:27:40:01:f0:93:9e:
45:06:b3:ab:c4:6a:89:a3:d1:63:94:5c:0f:5b:17:2c:5c:5a:
d7:d4:15:04:19:e2:2a:6b:0c:42:3d:52:25:3a:14:97:26:ae:
d6:0e:12:5d:fd:d7:bc:a3:51:54:fd:fe:6a:18:5a:a7:c3:41:
c9:4a:e7:ea:b7:44:a5:33:f8:e0:21:db:d7:28:64:bc:7d:cb:
dc:36:ae:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY51exiDifid3XN0xXMlP8SsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQwMzI1MTE1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg5ZTE2Mzk1OWFlZGUwZDQwMzljN2NhMGVkNzYyNGI4MmFjMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR84txNMZ8dJzzbtuyhwSZ9mBU0N
DhEfBj1TqVz/qQmAtV8lupI9yBCEd7gMNlqLWPsn3sUM7m2DxN2R9tSb5RHXy2oW
mVqgepXjCtLXsKQyxR8CUmiBr0LmktciQwHqtt3EEGaOYQj4IMmZO7XlnZUcnE+o
cSmMWI+aFdL829mMcVmNn9c1eA/PLf9WTY9BoMLkoP3Oh94EdzWR6lAeLUc5pM66
RPG/Fk3TaMhoeUDDZk+bgyVTEodXT8L/QUGMv6UQy/R18fgkAE7ki95IyQxU/w2x
fsyXHokvR1TKtH01iBLg8+UegK8KalUxOIy/kDWZBkaM88HvVsXTubmEuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOyJ4WOVmu3g1AOcfKDtdiS4KsC8MB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvN0luaFk1V2E3ZURVQTV4OG9PMTJKTGdxd0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW2ziAwQC
W2z0MA0GCSqGSIb3DQEBCwUAA4IBAQBYt1zVNfWEBRRRbkvLWcTVvSw75SXES4e8
PaGeI1hGen4UH73nZ6QJqnS7QnKrEHKzGw+7b+ejLwSnGUAfssQCMGIVnvAxbddM
wJp/3rxQPzoqvyN1YBiExxrsA7aeYTimET5A3CbDgG6Q3F1mPkts/Fctj9x07h3G
8GI0KDvE8ePLbYyjyxXRt3bDFg8ST1Xa1KcWt4u2I+r495/FsAva66CaVZhUcall
UsxIyKUnQAHwk55FBrOrxGqJo9FjlFwPWxcsXFrX1BUEGeIqawxCPVIlOhSXJq7W
DhJd/de8o1FU/f5qGFqnw0HJSufqt0SlM/jgIdvXKGS8fcvcNq6v
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:17 2024 by rpki-client on console-fra.rpki-client.org