Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/7vPBLaintQcdTGPjzYAsMSw9I6c.roa
File: 7vPBLaintQcdTGPjzYAsMSw9I6c.roa (raw, json)
Hash identifier: RSsnK4IH0ZZxbuphudlR9/IWFxs7Z/5yOJN/+QcoJmE=
Subject key identifier: EE:F3:C1:2D:A8:A7:B5:07:1D:4C:63:E3:CD:80:2C:31:2C:3D:23:A7
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 018F0A49A17C75FF56CAC6E4E56812EA3825
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/7vPBLaintQcdTGPjzYAsMSw9I6c.roa
Signing time: Tue 23 Apr 2024 09:29:08 +0000
ROA not before: Tue 23 Apr 2024 09:29:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215551
IP address blocks: 193.189.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:49:a1:7c:75:ff:56:ca:c6:e4:e5:68:12:ea:38:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Apr 23 09:29:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eef3c12da8a7b5071d4c63e3cd802c312c3d23a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:71:12:f2:38:dd:04:9e:f2:51:10:24:47:3e:
24:e6:5b:47:7d:13:44:55:3e:14:5a:6e:a8:d5:79:
cb:65:77:31:66:fe:f5:20:71:44:ae:57:2b:64:e9:
fe:7d:22:64:e0:27:72:18:46:cf:5c:25:89:51:d1:
97:a2:ff:f0:a6:32:da:c4:dd:0b:cb:43:47:42:5c:
ba:f6:81:30:c0:fe:2b:55:9b:33:0f:50:26:e5:57:
3b:33:b0:49:4c:30:99:14:a4:68:73:2e:ed:52:b1:
83:73:23:fc:0e:4b:b8:15:3e:50:36:51:07:67:ba:
f7:2d:1b:c2:54:41:d9:d1:fd:8c:97:59:e4:5e:00:
0c:a1:de:5f:8f:8e:e3:48:80:eb:34:7b:37:86:21:
23:07:52:c7:f9:07:02:2f:91:b8:b2:4e:f5:3e:43:
2b:a5:9b:aa:4c:f7:4c:a9:d4:4e:6d:e0:38:d8:61:
c3:cf:f1:81:36:ab:4f:da:2f:c4:b3:6c:72:69:59:
de:50:b4:52:78:41:98:a4:43:96:24:e4:ae:b4:98:
80:c3:21:c3:53:0b:c8:51:c4:91:cd:e8:b2:14:fd:
32:41:dd:d0:eb:d6:c5:54:07:5f:fc:95:9d:28:91:
e3:45:7e:f9:e6:a5:ae:69:bb:13:a6:df:52:0d:e1:
2a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F3:C1:2D:A8:A7:B5:07:1D:4C:63:E3:CD:80:2C:31:2C:3D:23:A7
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/7vPBLaintQcdTGPjzYAsMSw9I6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.101.0/24
Signature Algorithm: sha256WithRSAEncryption
78:a7:41:09:e1:e2:00:48:df:3e:58:5a:fb:44:29:89:ac:9f:
60:f4:a6:c5:6e:43:71:a4:4d:8a:da:34:5b:b5:0d:a0:a4:0f:
5f:02:98:8d:87:b1:2f:45:c8:35:35:7a:f8:c2:24:72:d3:14:
24:17:3c:b5:b0:c9:51:67:e7:10:50:22:d0:ea:cf:82:e4:ba:
7b:9d:3e:16:d5:4d:ba:d7:08:a2:0f:fc:2c:60:56:b4:33:c6:
1c:51:5e:c9:4d:f6:1e:9f:82:1f:88:05:d0:20:81:88:fd:b7:
7e:e3:6e:8a:5f:4d:57:ed:82:c7:af:26:39:1b:fe:a3:a9:13:
ce:9e:24:3f:91:6c:86:e0:7c:00:c8:e0:6c:2b:63:ae:44:3f:
57:30:fd:f5:f1:48:99:fd:a8:85:27:50:9e:07:44:f9:d2:03:
32:b5:5f:07:ef:d1:3d:3e:5d:27:8a:ba:ac:b0:c7:17:07:d4:
d4:90:2c:13:4f:fe:5a:d3:1e:69:e4:1c:8c:af:5c:be:bf:cd:
de:f2:67:56:ac:62:4f:22:b4:18:2b:a7:c3:b6:42:51:96:55:
f1:0c:e4:29:17:83:c6:94:a5:b2:9c:41:4d:2b:bd:a4:13:5f:
05:1f:3c:98:da:e0:5a:dc:c5:2d:dd:91:05:e8:ab:09:41:d8:
63:de:75:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8KSaF8df9Wysbk5WgS6jglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjQwNDIzMDkyOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWYzYzEyZGE4YTdiNTA3MWQ0YzYzZTNjZDgwMmMzMTJjM2QyM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonES8jjdBJ7yURAkRz4k5ltHfRNE
VT4UWm6o1XnLZXcxZv71IHFErlcrZOn+fSJk4CdyGEbPXCWJUdGXov/wpjLaxN0L
y0NHQly69oEwwP4rVZszD1Am5Vc7M7BJTDCZFKRocy7tUrGDcyP8Dku4FT5QNlEH
Z7r3LRvCVEHZ0f2Ml1nkXgAMod5fj47jSIDrNHs3hiEjB1LH+QcCL5G4sk71PkMr
pZuqTPdMqdRObeA42GHDz/GBNqtP2i/Es2xyaVneULRSeEGYpEOWJOSutJiAwyHD
UwvIUcSRzeiyFP0yQd3Q69bFVAdf/JWdKJHjRX755qWuabsTpt9SDeEqjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7zwS2op7UHHUxj482ALDEsPSOnMB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvN3ZQQkxhaW50UWNkVEdQanpZQXNNU3c5STZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwb1lMA0G
CSqGSIb3DQEBCwUAA4IBAQB4p0EJ4eIASN8+WFr7RCmJrJ9g9KbFbkNxpE2K2jRb
tQ2gpA9fApiNh7EvRcg1NXr4wiRy0xQkFzy1sMlRZ+cQUCLQ6s+C5Lp7nT4W1U26
1wiiD/wsYFa0M8YcUV7JTfYen4IfiAXQIIGI/bd+426KX01X7YLHryY5G/6jqRPO
niQ/kWyG4HwAyOBsK2OuRD9XMP318UiZ/aiFJ1CeB0T50gMytV8H79E9Pl0nirqs
sMcXB9TUkCwTT/5a0x5p5ByMr1y+v83e8mdWrGJPIrQYK6fDtkJRllXxDOQpF4PG
lKWynEFNK72kE18FHzyY2uBa3MUt3ZEF6KsJQdhj3nVD
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:20 2024 by rpki-client on console-ams.rpki-client.org