Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/q7IkgOwH6h--euCSk5RNEdYhs7A.roa
File: q7IkgOwH6h--euCSk5RNEdYhs7A.roa (raw, json)
Hash identifier: ejbFtoKkU6yDg3dDX2/EcMz4UWZJlqTIYvhLzPZwaRk=
Subject key identifier: AB:B2:24:80:EC:07:EA:1F:BE:7A:E0:92:93:94:4D:11:D6:21:B3:B0
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 018CC7953CE24B52847B8DDAAC7AE4C57E07
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/q7IkgOwH6h--euCSk5RNEdYhs7A.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35790
IP address blocks: 213.204.219.0/24 maxlen: 24
213.204.218.0/24 maxlen: 24
213.204.216.0/23 maxlen: 23
213.204.215.0/24 maxlen: 24
213.204.224.0/20 maxlen: 20
213.204.222.0/24 maxlen: 24
213.204.221.0/24 maxlen: 24
213.204.232.0/24 maxlen: 24
213.204.237.0/24 maxlen: 24
213.204.244.0/24 maxlen: 24
213.204.240.0/21 maxlen: 21
213.204.252.0/22 maxlen: 22
213.204.248.0/22 maxlen: 23
213.204.247.0/24 maxlen: 24
185.31.143.0/24 maxlen: 24
185.31.140.0/22 maxlen: 22
213.204.192.0/23 maxlen: 23
213.204.192.0/20 maxlen: 20
213.204.198.0/24 maxlen: 24
213.204.208.0/20 maxlen: 20
185.105.244.0/22 maxlen: 22
185.57.84.0/22 maxlen: 22
185.217.224.0/22 maxlen: 22
2a0b:cdc7::/32 maxlen: 32
2a0b:cdc0::/29 maxlen: 29
2a0b:cdc1::/32 maxlen: 32
2a0b:cdc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3c:e2:4b:52:84:7b:8d:da:ac:7a:e4:c5:7e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abb22480ec07ea1fbe7ae09293944d11d621b3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1e:83:e5:af:38:d0:44:92:39:17:ba:d1:c5:
d5:89:ce:cc:49:f8:1d:d3:00:4b:34:61:87:c4:57:
ae:c0:42:e9:80:76:a3:0e:29:44:54:96:2b:54:2a:
81:7b:f3:ce:0d:72:fa:1e:f8:74:19:1d:ed:60:41:
d7:6a:8a:16:b7:72:a7:f4:e0:7d:30:11:60:bf:ac:
de:be:79:32:4e:47:f7:1e:e2:65:d5:71:ab:35:65:
02:48:83:00:b4:e7:b2:bb:d3:8f:c5:74:c5:b0:37:
c0:03:46:ed:43:a1:ff:3e:3f:54:a4:83:3b:88:75:
43:0c:6a:51:68:12:6d:c9:02:cd:3a:47:50:e5:3d:
3c:44:b0:b5:6d:86:e4:bc:66:a2:75:37:a2:f2:e9:
62:c7:1b:23:5e:8e:ad:85:c7:b3:17:c7:ef:3b:45:
2e:4a:54:94:95:30:f2:63:6b:e0:eb:8d:92:9b:83:
59:2f:c6:24:64:6a:14:c2:25:10:6a:84:fa:8d:26:
52:12:35:51:bd:55:db:bd:a1:64:ca:97:36:42:3f:
70:fa:fb:94:d3:61:91:7b:6e:cd:85:96:54:20:06:
c2:05:05:eb:99:49:c4:c5:d0:4f:91:be:b7:8e:cd:
50:42:00:22:31:f4:45:c8:60:6d:f3:26:74:b9:ed:
0b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B2:24:80:EC:07:EA:1F:BE:7A:E0:92:93:94:4D:11:D6:21:B3:B0
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/q7IkgOwH6h--euCSk5RNEdYhs7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.140.0/22
185.57.84.0/22
185.105.244.0/22
185.217.224.0/22
213.204.192.0/18
IPv6:
2a0b:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:7b:42:9c:13:a0:e1:cc:33:6f:ad:97:58:57:2e:c4:4e:bd:
4f:89:30:4f:6f:fb:cf:96:b7:5d:db:9d:98:96:a7:c4:ea:47:
8d:e9:f6:ff:fb:33:6f:fe:fa:91:7c:96:8a:bb:b5:df:50:04:
77:6f:44:3e:29:6e:14:ad:ce:fd:dd:0f:37:d1:8c:4b:76:ae:
e9:74:57:ff:a5:90:7d:2a:6a:7a:2c:d3:b8:aa:07:ea:26:1a:
1c:08:5f:fe:39:c6:46:58:db:30:92:cc:6f:16:e6:16:3a:93:
d4:fe:b1:c7:2c:9e:14:71:e9:70:3e:94:00:ca:98:a8:9d:51:
fd:35:d4:aa:a1:8b:16:4d:3e:e7:da:1b:c4:7c:3b:24:e8:f6:
3d:48:ea:e6:af:ed:2f:f0:1c:e5:47:0a:f3:a2:28:b7:62:81:
84:d3:b2:6b:7c:0f:2b:e4:7a:74:29:a2:25:1f:fe:65:e5:3a:
85:16:ed:c0:fa:99:cd:e3:54:c0:7f:f0:f7:72:d8:96:85:57:
ee:ea:38:fd:4f:f4:0b:aa:c9:42:4b:f7:e2:1b:c0:41:1a:00:
2d:d6:64:fc:84:52:6b:00:43:a8:47:73:9c:f7:52:b3:0c:d7:
2d:95:5b:28:62:d4:7b:ef:9d:ca:4a:1e:28:07:75:68:76:5e:
f0:f2:f9:5c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHlTziS1KEe43arHrkxX4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjFiODM3OGU4ZjM2OGFlNDk5OGQ1MWMzYTlhY2U2NDE0
OGQ2Y2QwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmIyMjQ4MGVjMDdlYTFmYmU3YWUwOTI5Mzk0NGQxMWQ2MjFiM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh6D5a840ESSORe60cXVic7MSfgd
0wBLNGGHxFeuwELpgHajDilEVJYrVCqBe/PODXL6Hvh0GR3tYEHXaooWt3Kn9OB9
MBFgv6zevnkyTkf3HuJl1XGrNWUCSIMAtOeyu9OPxXTFsDfAA0btQ6H/Pj9UpIM7
iHVDDGpRaBJtyQLNOkdQ5T08RLC1bYbkvGaidTei8ulixxsjXo6thcezF8fvO0Uu
SlSUlTDyY2vg642Sm4NZL8YkZGoUwiUQaoT6jSZSEjVRvVXbvaFkypc2Qj9w+vuU
02GRe27NhZZUIAbCBQXrmUnExdBPkb63js1QQgAiMfRFyGBt8yZ0ue0LvwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKuyJIDsB+ofvnrgkpOUTRHWIbOwMB8GA1UdIwQY
MBaAFH1huDeOjzaK5JmNUcOprOZBSNbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQt
ZDE2ZTRhZTYxZjgwLzEvcTdJa2dPd0g2aC0tZXVDU2s1Uk5FZFloczdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQtZDE2ZTRhZTYxZjgw
LzEvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuR+MAwQC
uTlUAwQCuWn0AwQCudngAwQG1czAMA0EAgACMAcDBQMqC83AMA0GCSqGSIb3DQEB
CwUAA4IBAQA7e0KcE6DhzDNvrZdYVy7ETr1PiTBPb/vPlrdd252YlqfE6keN6fb/
+zNv/vqRfJaKu7XfUAR3b0Q+KW4Urc793Q830YxLdq7pdFf/pZB9Kmp6LNO4qgfq
JhocCF/+OcZGWNswksxvFuYWOpPU/rHHLJ4UcelwPpQAypionVH9NdSqoYsWTT7n
2hvEfDsk6PY9SOrmr+0v8BzlRwrzoii3YoGE07JrfA8r5Hp0KaIlH/5l5TqFFu3A
+pnN41TAf/D3ctiWhVfu6jj9T/QLqslCS/fiG8BBGgAt1mT8hFJrAEOoR3Oc91Kz
DNctlVsoYtR7753KSh4oB3Vodl7w8vlc
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:31:56 2024 by rpki-client on console-ams.rpki-client.org