Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/7TJHC85CIV8tyox3k59tomJvvA0.roa
File: 7TJHC85CIV8tyox3k59tomJvvA0.roa (raw, json)
Hash identifier: VBtEJSEAHOxod5wyem4xokQgyq2vHo7Hnvmh7eLGwIM=
Subject key identifier: ED:32:47:0B:CE:42:21:5F:2D:CA:8C:77:93:9F:6D:A2:62:6F:BC:0D
Certificate issuer: /CN=ae501827144a3188bea1ccee58656fd6429d8f95
Certificate serial: 018D419D69F78A73A9165EA4D5DE8DA28100
Authority key identifier: AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/7TJHC85CIV8tyox3k59tomJvvA0.roa
Signing time: Thu 25 Jan 2024 17:14:11 +0000
ROA not before: Thu 25 Jan 2024 17:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48152
IP address blocks: 137.221.32.0/19 maxlen: 24
185.173.76.0/22 maxlen: 24
2a0b:3d00::/30 maxlen: 48
2a0b:3d04::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:9d:69:f7:8a:73:a9:16:5e:a4:d5:de:8d:a2:81:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae501827144a3188bea1ccee58656fd6429d8f95
Validity
Not Before: Jan 25 17:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed32470bce42215f2dca8c77939f6da2626fbc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:e9:cc:62:05:44:5c:a9:bf:21:f7:b5:7e:
01:bb:c0:01:7b:c1:06:2c:92:37:58:db:c2:47:6d:
38:dc:2b:b5:51:44:3b:fd:bf:6d:9f:e7:dc:e5:00:
90:1a:f4:19:58:58:a0:7a:5a:75:9e:21:a7:55:9d:
53:ba:92:ec:9b:d9:43:24:c9:c1:72:5f:0d:1b:73:
44:5a:cd:a1:ec:f8:99:7e:b5:32:79:6a:5f:eb:fe:
bd:77:88:3e:c6:70:14:5d:4d:b6:37:50:0e:cd:75:
7d:fb:5c:ae:7d:ea:65:3d:2e:c5:e7:e7:d9:8b:b2:
53:9c:95:d2:ba:ff:9a:35:ed:84:95:06:33:f5:8a:
45:41:bd:12:d8:3f:8e:3b:3d:fe:25:7a:b9:f5:54:
df:15:40:6e:06:1f:cd:f7:03:79:54:4e:18:02:36:
e0:5f:64:a1:d1:4d:7b:aa:49:e3:75:da:61:fa:85:
8a:9e:5f:db:9f:fb:96:e4:0f:73:9b:93:b7:79:69:
fd:22:3a:32:ec:c6:65:0a:ca:15:ee:4e:41:ec:17:
b3:60:da:eb:04:70:cd:8b:f8:fd:b6:41:54:c3:c6:
1e:74:80:e9:f2:f3:2d:af:ea:35:25:10:b6:3a:a1:
d6:b0:54:4a:03:f5:ba:89:cf:8d:54:52:a5:11:07:
d9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:32:47:0B:CE:42:21:5F:2D:CA:8C:77:93:9F:6D:A2:62:6F:BC:0D
X509v3 Authority Key Identifier:
keyid:AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/7TJHC85CIV8tyox3k59tomJvvA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.32.0/19
185.173.76.0/22
IPv6:
2a0b:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e0:a9:d6:6c:88:9e:2f:3c:14:fd:a9:f5:1c:6d:58:f1:0d:
44:b0:94:60:c3:df:e9:32:af:ff:2e:94:42:a5:14:07:44:4e:
95:22:75:48:4c:60:cd:ff:00:b4:f3:f6:86:61:1a:7b:c8:b0:
f9:2e:69:3f:f5:90:5d:c3:fe:9a:55:a0:7a:6a:7a:55:56:f8:
4f:30:74:80:29:67:a4:92:96:de:ea:69:08:6e:50:01:3f:ea:
9b:45:a8:aa:79:b3:5b:5f:29:49:31:6b:da:9d:21:58:5f:5f:
0e:1b:e2:81:1a:9d:3e:b8:09:19:e6:8c:e5:e1:27:b5:f3:4f:
2c:02:df:b8:f1:50:bc:9e:c2:c5:96:15:1c:e7:1f:b8:1f:f4:
20:61:2d:0e:d4:db:41:6e:1c:93:03:ff:dc:22:bf:77:43:b4:
54:03:4d:de:86:a3:c1:1c:f7:34:57:73:8b:a2:84:42:05:03:
16:da:7d:aa:41:4d:26:a7:b2:cb:08:07:6c:6b:0f:fa:a7:49:
99:d9:af:46:df:51:aa:86:23:f1:ac:76:6c:3f:12:0f:7f:14:
df:4c:f2:a3:84:f5:2a:7f:d1:28:11:46:d8:78:55:d0:2d:4e:
d7:bf:9f:e9:10:f5:51:df:6e:01:60:1c:96:be:3f:6f:af:c6:
b4:61:5e:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1BnWn3inOpFl6k1d6NooEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTAxODI3MTQ0YTMxODhiZWExY2NlZTU4NjU2ZmQ2NDI5
ZDhmOTUwHhcNMjQwMTI1MTcxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDMyNDcwYmNlNDIyMTVmMmRjYThjNzc5MzlmNmRhMjYyNmZiYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdzpzGIFRFypvyH3tX4Bu8ABe8EG
LJI3WNvCR2043Cu1UUQ7/b9tn+fc5QCQGvQZWFigelp1niGnVZ1TupLsm9lDJMnB
cl8NG3NEWs2h7PiZfrUyeWpf6/69d4g+xnAUXU22N1AOzXV9+1yufeplPS7F5+fZ
i7JTnJXSuv+aNe2ElQYz9YpFQb0S2D+OOz3+JXq59VTfFUBuBh/N9wN5VE4YAjbg
X2Sh0U17qknjddph+oWKnl/bn/uW5A9zm5O3eWn9Ijoy7MZlCsoV7k5B7BezYNrr
BHDNi/j9tkFUw8YedIDp8vMtr+o1JRC2OqHWsFRKA/W6ic+NVFKlEQfZ+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO0yRwvOQiFfLcqMd5OfbaJib7wNMB8GA1UdIwQY
MBaAFK5QGCcUSjGIvqHM7lhlb9ZCnY+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODIt
MDk4NmQ4YjBjNmQ5LzEvN1RKSEM4NUNJVjh0eW94M2s1OXRvbUp2dkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODItMDk4NmQ4YjBjNmQ5
LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFid0gAwQC
ua1MMA0EAgACMAcDBQMqCz0AMA0GCSqGSIb3DQEBCwUAA4IBAQA/4KnWbIieLzwU
/an1HG1Y8Q1EsJRgw9/pMq//LpRCpRQHRE6VInVITGDN/wC08/aGYRp7yLD5Lmk/
9ZBdw/6aVaB6anpVVvhPMHSAKWekkpbe6mkIblABP+qbRaiqebNbXylJMWvanSFY
X18OG+KBGp0+uAkZ5ozl4Se1808sAt+48VC8nsLFlhUc5x+4H/QgYS0O1NtBbhyT
A//cIr93Q7RUA03ehqPBHPc0V3OLooRCBQMW2n2qQU0mp7LLCAdsaw/6p0mZ2a9G
31GqhiPxrHZsPxIPfxTfTPKjhPUqf9EoEUbYeFXQLU7Xv5/pEPVR324BYByWvj9v
r8a0YV4O
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:07:16 2024 by rpki-client on console-ams.rpki-client.org