Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/7Zj3QBXGOPDx8uqtNwCTFw0o75g.roa
File: 7Zj3QBXGOPDx8uqtNwCTFw0o75g.roa (raw, json)
Hash identifier: HebdIG8fHflbhMrlKxKUT9Nihylji9ZVC2jTBguijmA=
Subject key identifier: ED:98:F7:40:15:C6:38:F0:F1:F2:EA:AD:37:00:93:17:0D:28:EF:98
Certificate issuer: /CN=4e622bc550687b6d0ef60788ceadb0fc820a381f
Certificate serial: 018CC86FA6F10246E243DAEDECC940782DAC
Authority key identifier: 4E:62:2B:C5:50:68:7B:6D:0E:F6:07:88:CE:AD:B0:FC:82:0A:38:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TmIrxVBoe20O9geIzq2w_IIKOB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/7Zj3QBXGOPDx8uqtNwCTFw0o75g.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13113
IP address blocks: 213.144.64.0/19 maxlen: 24
87.253.96.0/19 maxlen: 24
37.60.32.0/21 maxlen: 24
93.88.112.0/20 maxlen: 24
185.145.84.0/22 maxlen: 24
109.75.112.0/20 maxlen: 24
5.198.224.0/20 maxlen: 24
185.3.252.0/22 maxlen: 24
5.172.208.0/21 maxlen: 24
2a03:3d80::/29 maxlen: 48
2a0c:8a80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/TmIrxVBoe20O9geIzq2w_IIKOB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/TmIrxVBoe20O9geIzq2w_IIKOB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TmIrxVBoe20O9geIzq2w_IIKOB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a6:f1:02:46:e2:43:da:ed:ec:c9:40:78:2d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e622bc550687b6d0ef60788ceadb0fc820a381f
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed98f74015c638f0f1f2eaad370093170d28ef98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5f:63:0d:e9:62:2e:f3:7a:c7:75:e3:82:c0:
04:80:f6:9e:19:37:7e:ab:84:4e:98:0c:f9:b7:14:
76:7f:cc:8f:90:e8:72:22:52:b7:45:67:cf:7c:f2:
fa:6e:3f:c8:23:a4:a0:0d:b7:89:fa:7e:bc:91:51:
60:34:27:01:aa:3f:4a:b9:95:7c:22:b3:b6:5b:4f:
f0:ea:29:a9:ca:a1:d3:d9:de:82:fa:64:ff:d3:1b:
7b:8b:80:44:f8:80:d2:95:49:74:bc:b2:bf:d2:98:
7a:fd:a4:f1:1c:46:1a:5b:e4:d7:a0:1d:6a:ce:50:
f4:26:61:74:6b:af:2e:d6:28:a7:53:f6:64:4a:9e:
f2:fb:9c:e2:f8:49:ca:1d:86:07:44:a3:07:63:0d:
5d:9f:53:19:4c:38:c8:cb:b9:bd:82:74:5e:3f:c5:
7b:6a:f5:db:f3:1d:d3:a9:47:38:b6:20:40:54:1d:
d5:3f:42:88:19:3e:89:40:64:77:45:34:a6:93:9e:
12:7d:c7:3e:21:3f:c1:73:c7:7d:e5:f8:11:c7:d9:
28:cf:02:7d:35:a3:01:12:c1:d0:ac:75:35:f6:73:
9b:2b:c1:1a:55:ef:59:6f:1d:47:27:d6:55:56:5f:
40:b9:3c:56:c4:f8:a8:15:ea:7e:8c:e6:98:cc:f1:
17:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:98:F7:40:15:C6:38:F0:F1:F2:EA:AD:37:00:93:17:0D:28:EF:98
X509v3 Authority Key Identifier:
keyid:4E:62:2B:C5:50:68:7B:6D:0E:F6:07:88:CE:AD:B0:FC:82:0A:38:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TmIrxVBoe20O9geIzq2w_IIKOB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/7Zj3QBXGOPDx8uqtNwCTFw0o75g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca4c34-2704-4f82-bff8-a7ccd0098477/1/TmIrxVBoe20O9geIzq2w_IIKOB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.208.0/21
5.198.224.0/20
37.60.32.0/21
87.253.96.0/19
93.88.112.0/20
109.75.112.0/20
185.3.252.0/22
185.145.84.0/22
213.144.64.0/19
IPv6:
2a03:3d80::/29
2a0c:8a80::/29
Signature Algorithm: sha256WithRSAEncryption
5f:8f:29:6d:a7:7d:5c:07:69:93:55:58:19:bb:9d:77:74:1b:
38:52:7d:a5:f3:71:89:0a:ef:ef:3d:71:19:bd:eb:66:09:c6:
34:aa:a2:31:b9:e4:a3:9e:de:cd:9b:8d:94:d3:82:6b:b4:66:
81:05:49:0f:46:52:f7:5c:13:de:be:60:87:7d:5c:95:0d:51:
38:d1:ac:10:61:e0:29:ce:8d:fb:ed:d9:6e:90:50:8f:89:08:
7c:ff:25:b7:4b:5b:dc:d3:8b:11:98:9e:ff:d7:cf:b5:f7:7f:
73:d5:98:6f:7e:fc:33:db:93:7b:3d:2b:f1:b5:b2:cc:d4:80:
ab:61:41:db:cc:b3:52:da:c4:de:a9:f7:08:63:72:f2:86:b6:
fd:20:44:20:4a:93:5e:63:ba:b5:31:31:18:b9:b8:5e:06:9b:
47:9a:4c:9c:46:f8:22:f9:65:cb:b0:a3:2d:01:ac:62:8f:34:
d6:2d:34:72:f8:3d:18:21:dc:17:a5:bb:bb:84:a0:7c:30:8e:
55:98:ea:80:f7:58:de:90:71:ec:3c:0f:0a:61:bc:63:a4:52:
03:55:6c:b0:a4:cb:36:24:1b:64:6e:9e:61:95:92:2b:97:db:
86:cc:52:20:e5:84:17:e1:12:23:d1:58:4f:73:84:dc:55:f2:
7a:9d:9e:5a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzIb6bxAkbiQ9rt7MlAeC2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjIyYmM1NTA2ODdiNmQwZWY2MDc4OGNlYWRiMGZjODIw
YTM4MWYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDk4Zjc0MDE1YzYzOGYwZjFmMmVhYWQzNzAwOTMxNzBkMjhlZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq19jDeliLvN6x3XjgsAEgPaeGTd+
q4ROmAz5txR2f8yPkOhyIlK3RWfPfPL6bj/II6SgDbeJ+n68kVFgNCcBqj9KuZV8
IrO2W0/w6impyqHT2d6C+mT/0xt7i4BE+IDSlUl0vLK/0ph6/aTxHEYaW+TXoB1q
zlD0JmF0a68u1iinU/ZkSp7y+5zi+EnKHYYHRKMHYw1dn1MZTDjIy7m9gnReP8V7
avXb8x3TqUc4tiBAVB3VP0KIGT6JQGR3RTSmk54Sfcc+IT/Bc8d95fgRx9kozwJ9
NaMBEsHQrHU19nObK8EaVe9Zbx1HJ9ZVVl9AuTxWxPioFep+jOaYzPEXHQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFO2Y90AVxjjw8fLqrTcAkxcNKO+YMB8GA1UdIwQY
MBaAFE5iK8VQaHttDvYHiM6tsPyCCjgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1JcnhWQm9lMjBPOWdlSXpxMndfSUlLT0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jYTRjMzQtMjcwNC00ZjgyLWJmZjgt
YTdjY2QwMDk4NDc3LzEvN1pqM1FCWEdPUER4OHVxdE53Q1RGdzBvNzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jYTRjMzQtMjcwNC00ZjgyLWJmZjgtYTdjY2QwMDk4NDc3
LzEvVG1JcnhWQm9lMjBPOWdlSXpxMndfSUlLT0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDBazQAwQE
BcbgAwQDJTwgAwQFV/1gAwQEXVhwAwQEbUtwAwQCuQP8AwQCuZFUAwQF1ZBAMBQE
AgACMA4DBQMqAz2AAwUDKgyKgDANBgkqhkiG9w0BAQsFAAOCAQEAX48pbad9XAdp
k1VYGbudd3QbOFJ9pfNxiQrv7z1xGb3rZgnGNKqiMbnko57ezZuNlNOCa7RmgQVJ
D0ZS91wT3r5gh31clQ1RONGsEGHgKc6N++3ZbpBQj4kIfP8lt0tb3NOLEZie/9fP
tfd/c9WYb378M9uTez0r8bWyzNSAq2FB28yzUtrE3qn3CGNy8oa2/SBEIEqTXmO6
tTExGLm4XgabR5pMnEb4Ivlly7CjLQGsYo801i00cvg9GCHcF6W7u4SgfDCOVZjq
gPdY3pBx7DwPCmG8Y6RSA1VssKTLNiQbZG6eYZWSK5fbhsxSIOWEF+ESI9FYT3OE
3FXyep2eWg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:05:10 2024 by rpki-client on console-fra.rpki-client.org