Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/h7HAn4Ce7BUAbUjstAae_27GwaA.roa
File: h7HAn4Ce7BUAbUjstAae_27GwaA.roa (raw, json)
Hash identifier: sdh/sTHs7LVhmSI8lL/zVlu6DYOLv47u83wdZYEeV9w=
Subject key identifier: 87:B1:C0:9F:80:9E:EC:15:00:6D:48:EC:B4:06:9E:FF:6E:C6:C1:A0
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 019325B3F1B21784F6CD72187EA7381BDDD2
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/h7HAn4Ce7BUAbUjstAae_27GwaA.roa
Signing time: Wed 13 Nov 2024 13:26:10 +0000
ROA not before: Wed 13 Nov 2024 13:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4601
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
193.5.19.0/24 maxlen: 24
2a0d:3dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:b3:f1:b2:17:84:f6:cd:72:18:7e:a7:38:1b:dd:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Nov 13 13:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87b1c09f809eec15006d48ecb4069eff6ec6c1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ec:4a:b4:60:86:86:4c:17:71:18:1f:28:79:
b2:5b:22:8d:6e:7b:8c:aa:8e:0e:6f:fe:6e:7f:9f:
5f:41:e2:25:c1:fc:be:db:b0:22:1b:12:0d:f5:b4:
b5:79:8f:96:fd:05:4f:24:66:7b:d2:10:fd:1b:54:
36:02:0b:9b:74:75:8a:25:f4:e6:c8:1d:e3:13:f3:
2c:60:a7:32:28:11:2d:4d:6d:ce:25:7d:ba:94:6e:
15:70:21:82:b4:d8:02:ab:0d:9f:07:74:fa:67:8c:
82:a6:a4:22:59:cf:18:67:88:b8:f9:46:e3:f9:ec:
8a:ed:8a:67:b5:fa:65:83:6b:56:6b:f5:c8:36:d7:
4b:56:5c:a3:2e:49:cc:1c:01:91:43:d4:a3:da:57:
58:59:5d:ae:d1:a9:c9:99:99:9c:e2:c1:8c:bd:79:
06:de:8e:e5:4c:92:7d:61:e1:d6:af:66:30:fc:d1:
57:a9:29:e0:8b:e6:03:de:64:aa:5c:01:4a:7d:45:
4b:e0:11:2b:78:81:2d:e1:3f:13:84:8e:dc:24:60:
8d:36:d1:72:8d:ca:e2:5a:4c:e1:5f:d0:ef:83:db:
d4:b7:1e:5a:38:c6:57:cd:a9:58:b1:ee:bd:a0:ee:
1f:54:68:a7:67:46:54:a5:11:41:f0:c3:72:fd:12:
76:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B1:C0:9F:80:9E:EC:15:00:6D:48:EC:B4:06:9E:FF:6E:C6:C1:A0
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/h7HAn4Ce7BUAbUjstAae_27GwaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:47:a3:73:cd:2a:eb:20:77:7f:35:13:7f:e2:dd:a5:64:4e:
7e:e1:95:d1:09:64:a7:41:c3:f7:96:d5:b5:28:f0:e9:7b:ac:
d5:b3:26:c9:4a:f1:49:fb:1f:6f:79:27:63:8d:22:47:2b:2d:
0c:64:28:b6:6b:cf:b0:0c:b8:8c:f8:ea:5f:d2:0c:3b:cc:75:
1b:3a:f3:ab:10:53:b0:f0:02:83:02:8c:cd:fd:72:6c:a8:5d:
43:4f:c8:f7:93:9d:fc:0f:39:10:50:d0:41:35:c3:ea:c3:a8:
d6:05:8d:05:c4:1a:d6:36:ca:6d:26:58:09:83:91:e9:3b:ee:
81:38:fa:83:d0:b7:2f:83:8f:f6:64:4a:42:12:9f:40:f3:08:
2f:23:01:77:f7:87:d5:86:3d:26:33:f0:aa:9d:0e:51:4b:af:
3b:ba:b7:c5:61:24:0c:79:78:b0:31:8c:73:00:a3:a3:25:e1:
df:db:85:df:ba:f5:b3:f8:9a:82:bd:7a:12:f0:ca:df:21:ea:
be:4a:fd:2c:16:da:a4:3b:ff:03:20:46:72:fe:88:01:25:d9:
bb:c6:3e:5e:3f:47:db:d4:ce:ad:6c:2c:cc:f9:fa:18:8e:6a:
6a:6d:da:44:58:8b:95:48:a8:48:3f:5c:89:fb:3c:c0:5e:5d:
46:88:7c:ef
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMls/GyF4T2zXIYfqc4G93SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMTEzMTMyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IxYzA5ZjgwOWVlYzE1MDA2ZDQ4ZWNiNDA2OWVmZjZlYzZjMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwexKtGCGhkwXcRgfKHmyWyKNbnuM
qo4Ob/5uf59fQeIlwfy+27AiGxIN9bS1eY+W/QVPJGZ70hD9G1Q2AgubdHWKJfTm
yB3jE/MsYKcyKBEtTW3OJX26lG4VcCGCtNgCqw2fB3T6Z4yCpqQiWc8YZ4i4+Ubj
+eyK7Ypntfplg2tWa/XINtdLVlyjLknMHAGRQ9Sj2ldYWV2u0anJmZmc4sGMvXkG
3o7lTJJ9YeHWr2Yw/NFXqSngi+YD3mSqXAFKfUVL4BEreIEt4T8ThI7cJGCNNtFy
jcriWkzhX9Dvg9vUtx5aOMZXzalYse69oO4fVGinZ0ZUpRFB8MNy/RJ2VQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIexwJ+AnuwVAG1I7LQGnv9uxsGgMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvaDdIQW40Q2U3QlVBYlVqc3RBYWVfMjdHd2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQAvR6NzzSrrIHd/
NRN/4t2lZE5+4ZXRCWSnQcP3ltW1KPDpe6zVsybJSvFJ+x9veSdjjSJHKy0MZCi2
a8+wDLiM+Opf0gw7zHUbOvOrEFOw8AKDAozN/XJsqF1DT8j3k538DzkQUNBBNcPq
w6jWBY0FxBrWNsptJlgJg5HpO+6BOPqD0Lcvg4/2ZEpCEp9A8wgvIwF394fVhj0m
M/CqnQ5RS687urfFYSQMeXiwMYxzAKOjJeHf24XfuvWz+JqCvXoS8MrfIeq+Sv0s
FtqkO/8DIEZy/ogBJdm7xj5eP0fb1M6tbCzM+foYjmpqbdpEWIuVSKhIP1yJ+zzA
Xl1GiHzv
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:33:19 2024 by rpki-client on console-fra.rpki-client.org