Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/52S3qFuAEOu2cJAAG5yEN7d75HI.roa
File: 52S3qFuAEOu2cJAAG5yEN7d75HI.roa (raw, json)
Hash identifier: 0UUUuupDKbDdKT5CcFpwnifQEcRyxQAROOapNw4PEJw=
Subject key identifier: E7:64:B7:A8:5B:80:10:EB:B6:70:90:00:1B:9C:84:37:B7:7B:E4:72
Certificate issuer: /CN=e875464e89816ef00b0369502018a7e59ce2d36c
Certificate serial: 0190BB9AFA9207329290E32BEA29F2C57581
Authority key identifier: E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/52S3qFuAEOu2cJAAG5yEN7d75HI.roa
Signing time: Tue 16 Jul 2024 12:53:34 +0000
ROA not before: Tue 16 Jul 2024 12:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57304
IP address blocks: 87.245.192.0/20 maxlen: 20
139.45.224.0/19 maxlen: 19
185.134.72.0/22 maxlen: 22
2a02:2d9::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.mft
rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:9a:fa:92:07:32:92:90:e3:2b:ea:29:f2:c5:75:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e875464e89816ef00b0369502018a7e59ce2d36c
Validity
Not Before: Jul 16 12:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e764b7a85b8010ebb67090001b9c8437b77be472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ef:de:2a:33:8b:4c:09:3b:79:fb:45:e9:18:
fd:f8:50:6b:c3:ea:7d:60:9e:e3:54:b4:71:60:9d:
b6:2c:6e:19:d9:bb:11:6d:bd:98:63:c8:0d:50:7d:
83:44:73:88:b3:9f:f7:3e:a8:7a:60:35:11:1b:24:
34:e0:c9:8c:48:63:f7:19:6c:b8:e6:81:bc:53:17:
26:6a:89:4a:a6:87:a8:91:60:7b:13:97:96:30:37:
1d:71:3b:59:15:88:30:76:dc:66:2f:4d:12:d2:27:
7c:6d:e9:44:b9:f8:4b:25:9f:57:a4:05:b4:6d:a4:
8f:ba:13:ee:10:bf:bf:1b:a5:72:b1:78:e4:79:11:
90:4c:4f:7b:a5:d6:97:35:2d:17:f8:35:35:16:5e:
7e:a3:ff:99:8b:93:d6:75:a1:69:53:46:53:bd:e9:
23:54:e2:75:db:51:73:2f:20:25:3f:0e:69:33:9d:
95:35:a4:52:80:48:43:5e:ac:78:29:d0:5c:c6:c8:
1a:fb:fe:6a:dd:b5:73:da:07:46:8f:60:a9:d9:be:
a6:c6:3c:5c:24:0a:37:08:36:fb:cb:7d:3a:01:d7:
b6:f4:08:c0:a9:b8:30:3f:97:ec:18:49:a3:48:7f:
71:bd:3f:b3:8f:f6:2e:f9:ef:66:58:38:16:e5:85:
0e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:64:B7:A8:5B:80:10:EB:B6:70:90:00:1B:9C:84:37:B7:7B:E4:72
X509v3 Authority Key Identifier:
keyid:E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/52S3qFuAEOu2cJAAG5yEN7d75HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/20
139.45.224.0/19
185.134.72.0/22
IPv6:
2a02:2d9::/32
Signature Algorithm: sha256WithRSAEncryption
b7:6c:a4:c5:4f:13:f6:f0:39:30:44:97:21:dc:98:ff:b6:e3:
df:db:3a:88:16:e9:8b:42:7c:c5:91:a7:cd:31:49:ff:fc:c9:
c6:17:7b:c7:5b:b0:52:0b:c5:ce:8a:5e:cf:bd:03:27:1b:0f:
d2:1a:7e:15:e9:79:a5:ca:28:af:94:55:22:a8:34:a1:41:05:
c2:00:cd:a0:89:fb:af:92:62:38:de:a2:d6:59:07:2d:b2:7d:
a9:4d:b6:71:de:1b:ec:35:20:eb:2f:24:e3:89:01:a2:b1:07:
cd:26:1f:d8:24:94:4d:7e:51:96:ce:0f:98:bd:1e:53:4c:a5:
3e:e3:c7:fe:79:9d:10:db:bf:03:65:b9:3f:33:b2:04:c0:76:
5f:75:e0:8e:b9:71:f5:e0:90:65:39:39:30:f8:2b:b2:fb:07:
5b:9e:ae:33:49:f3:51:56:c1:17:2c:63:80:6c:48:09:e3:53:
a4:43:4c:9d:d8:79:43:70:be:25:1e:ca:d2:3d:be:07:f9:9e:
10:57:9b:0e:b9:3e:33:56:2a:f1:93:49:c9:d1:36:04:c4:f8:
f2:7b:05:c3:6e:7d:e6:ff:91:af:a1:87:ac:15:a4:55:fb:66:
8f:a2:12:43:7a:ce:8f:f7:c1:8c:3f:e1:b6:f6:2d:64:04:45:
eb:b8:ec:62
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZC7mvqSBzKSkOMr6inyxXWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzU0NjRlODk4MTZlZjAwYjAzNjk1MDIwMThhN2U1OWNl
MmQzNmMwHhcNMjQwNzE2MTI1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzY0YjdhODViODAxMGViYjY3MDkwMDAxYjljODQzN2I3N2JlNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+/eKjOLTAk7eftF6Rj9+FBrw+p9
YJ7jVLRxYJ22LG4Z2bsRbb2YY8gNUH2DRHOIs5/3Pqh6YDURGyQ04MmMSGP3GWy4
5oG8UxcmaolKpoeokWB7E5eWMDcdcTtZFYgwdtxmL00S0id8belEufhLJZ9XpAW0
baSPuhPuEL+/G6VysXjkeRGQTE97pdaXNS0X+DU1Fl5+o/+Zi5PWdaFpU0ZTvekj
VOJ121FzLyAlPw5pM52VNaRSgEhDXqx4KdBcxsga+/5q3bVz2gdGj2Cp2b6mxjxc
JAo3CDb7y306Ade29AjAqbgwP5fsGEmjSH9xvT+zj/Yu+e9mWDgW5YUOsQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOdkt6hbgBDrtnCQABuchDe3e+RyMB8GA1UdIwQY
MBaAFOh1Rk6JgW7wCwNpUCAYp+Wc4tNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMt
MzFkMTk3ZjEzOWQ4LzEvNTJTM3FGdUFFT3UyY0pBQUc1eUVON2Q3NUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMtMzFkMTk3ZjEzOWQ4
LzEvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEV/XAAwQF
iy3gAwQCuYZIMA0EAgACMAcDBQAqAgLZMA0GCSqGSIb3DQEBCwUAA4IBAQC3bKTF
TxP28DkwRJch3Jj/tuPf2zqIFumLQnzFkafNMUn//MnGF3vHW7BSC8XOil7PvQMn
Gw/SGn4V6XmlyiivlFUiqDShQQXCAM2gifuvkmI43qLWWQctsn2pTbZx3hvsNSDr
LyTjiQGisQfNJh/YJJRNflGWzg+YvR5TTKU+48f+eZ0Q278DZbk/M7IEwHZfdeCO
uXH14JBlOTkw+Cuy+wdbnq4zSfNRVsEXLGOAbEgJ41OkQ0yd2HlDcL4lHsrSPb4H
+Z4QV5sOuT4zVirxk0nJ0TYExPjyewXDbn3m/5GvoYesFaRV+2aPohJDes6P98GM
P+G29i1kBEXruOxi
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:26 2024 by rpki-client on console-ams.rpki-client.org