Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/anNQqr40QHoYkg5WmhRHRNe5NOo.roa
File: anNQqr40QHoYkg5WmhRHRNe5NOo.roa (raw, json)
Hash identifier: 1hs2l4fydLBStWBHLrPYx9dTsggsncXfQKuJdcapoqQ=
Subject key identifier: 6A:73:50:AA:BE:34:40:7A:18:92:0E:56:9A:14:47:44:D7:B9:34:EA
Certificate issuer: /CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Certificate serial: 018CC26D66E0A01FF4F7B6F0689A9FA76864
Authority key identifier: 7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/anNQqr40QHoYkg5WmhRHRNe5NOo.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31236
IP address blocks: 160.20.214.0/23 maxlen: 23
82.112.64.0/19 maxlen: 24
94.198.48.0/23 maxlen: 23
2a00:92c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:66:e0:a0:1f:f4:f7:b6:f0:68:9a:9f:a7:68:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a7350aabe34407a18920e569a144744d7b934ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:a6:df:6f:75:e2:66:70:63:90:b0:9e:7b:
16:a3:a7:e1:c8:c9:63:99:f7:75:a2:a7:51:15:13:
fa:4d:7b:f7:d1:42:a7:55:1c:6d:88:d1:bb:f4:a8:
b3:11:2b:91:e2:92:f3:3d:11:05:c0:0c:33:13:12:
0f:a8:93:95:3d:40:db:8d:79:4c:46:a1:6c:00:e6:
8b:4c:e7:52:f1:8d:a6:4e:68:68:c7:52:4c:9c:96:
da:85:86:51:12:3e:64:ad:0b:2a:c6:c5:c7:c9:e1:
5c:5c:6b:a8:b7:4b:80:97:a5:f0:46:67:34:b3:3b:
83:29:fc:c3:6a:29:17:31:4d:56:55:08:b5:33:38:
fd:a3:f7:a3:f8:ee:31:00:2d:8e:73:7e:a0:c3:12:
f2:a2:8a:16:fd:c3:28:7f:76:8c:0e:69:62:89:0e:
09:d5:20:de:46:6d:a4:e9:19:b8:7f:06:82:78:0b:
50:7b:84:35:12:f2:d6:f0:46:44:92:06:d7:c6:27:
c3:b3:f2:59:3d:f8:16:85:db:ec:2c:df:5d:31:1f:
73:8f:89:8a:51:89:b0:68:bb:5e:21:37:23:d8:b4:
cb:55:16:3a:54:b6:aa:9e:3a:dd:41:7a:a3:5e:b8:
41:66:61:f1:65:4b:98:e5:17:a7:b6:68:4a:08:20:
3f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:73:50:AA:BE:34:40:7A:18:92:0E:56:9A:14:47:44:D7:B9:34:EA
X509v3 Authority Key Identifier:
keyid:7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/anNQqr40QHoYkg5WmhRHRNe5NOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.64.0/19
94.198.48.0/23
160.20.214.0/23
IPv6:
2a00:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:76:8f:2e:5f:9f:f1:5e:8d:cf:f8:94:c9:d5:44:9e:34:ee:
6e:c7:27:da:3f:f1:d7:3a:69:54:5e:3b:34:c5:15:17:94:cb:
cc:c4:5c:11:e1:01:68:c0:21:b0:b6:13:78:02:18:1e:39:85:
cc:56:95:f2:d8:40:c1:a3:d1:93:2f:d8:c0:76:14:84:12:12:
15:34:70:ee:39:3a:e6:e8:20:cc:63:5c:12:7d:7b:4e:df:cd:
84:15:a4:f6:80:e5:5e:e8:b1:3a:0c:aa:f9:24:69:f6:8a:42:
a8:3f:11:bb:60:cf:fd:ca:cb:d6:92:80:3a:77:91:bc:d9:cb:
f7:89:fa:4b:02:2c:96:c0:0e:b8:87:58:b4:d8:b8:52:07:e9:
4b:9f:8f:13:a4:29:58:d7:db:32:61:0d:ea:34:17:ce:07:7b:
26:95:e8:68:54:d8:5b:50:47:26:cf:49:7f:2a:d2:b2:e0:4a:
61:7e:57:3a:ee:30:32:34:73:4d:6e:4d:3f:bb:7b:37:f6:97:
42:2e:93:c0:c4:46:42:17:27:bc:56:c0:f0:2c:4a:4e:7c:51:
80:21:30:df:e4:d6:40:b1:ed:c2:c5:49:6d:f0:b4:94:fb:de:
15:aa:ad:5c:49:a7:25:7d:2f:e1:c8:9f:72:ca:f0:af:77:47:
1a:ee:a4:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbWbgoB/097bwaJqfp2hkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTdiMTUzZWVkMTEwYmNiZDE0ZGM3ZTMzZmQ0N2YwMmUy
ZmUwNzEwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTczNTBhYWJlMzQ0MDdhMTg5MjBlNTY5YTE0NDc0NGQ3YjkzNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lum32914mZwY5CwnnsWo6fhyMlj
mfd1oqdRFRP6TXv30UKnVRxtiNG79KizESuR4pLzPREFwAwzExIPqJOVPUDbjXlM
RqFsAOaLTOdS8Y2mTmhox1JMnJbahYZREj5krQsqxsXHyeFcXGuot0uAl6XwRmc0
szuDKfzDaikXMU1WVQi1Mzj9o/ej+O4xAC2Oc36gwxLyoooW/cMof3aMDmliiQ4J
1SDeRm2k6Rm4fwaCeAtQe4Q1EvLW8EZEkgbXxifDs/JZPfgWhdvsLN9dMR9zj4mK
UYmwaLteITcj2LTLVRY6VLaqnjrdQXqjXrhBZmHxZUuY5RentmhKCCA/SQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGpzUKq+NEB6GJIOVpoUR0TXuTTqMB8GA1UdIwQY
MBaAFH1XsVPu0RC8vRTcfjP9R/AuL+BxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQt
MDgwNzA5MWFhNzdkLzEvYW5OUXFyNDBRSG9Za2c1V21oUkhSTmU1Tk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQtMDgwNzA5MWFhNzdk
LzEvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUnBAAwQB
XsYwAwQBoBTWMA0EAgACMAcDBQMqAJLAMA0GCSqGSIb3DQEBCwUAA4IBAQArdo8u
X5/xXo3P+JTJ1USeNO5uxyfaP/HXOmlUXjs0xRUXlMvMxFwR4QFowCGwthN4Ahge
OYXMVpXy2EDBo9GTL9jAdhSEEhIVNHDuOTrm6CDMY1wSfXtO382EFaT2gOVe6LE6
DKr5JGn2ikKoPxG7YM/9ysvWkoA6d5G82cv3ifpLAiyWwA64h1i02LhSB+lLn48T
pClY19syYQ3qNBfOB3smlehoVNhbUEcmz0l/KtKy4Ephflc67jAyNHNNbk0/u3s3
9pdCLpPAxEZCFye8VsDwLEpOfFGAITDf5NZAse3CxUlt8LSU+94Vqq1cSaclfS/h
yJ9yyvCvd0ca7qTj
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:05:19 2024 by rpki-client on console-fra.rpki-client.org