Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/a1EwcgsyBO4lXsUiLtwP0UD8Wxc.roa
File: a1EwcgsyBO4lXsUiLtwP0UD8Wxc.roa (raw, json)
Hash identifier: BCVUZ+J/TpmcpVt/hTAeoCCKJNekSKf80dsvhLB1fxw=
Subject key identifier: 6B:51:30:72:0B:32:04:EE:25:5E:C5:22:2E:DC:0F:D1:40:FC:5B:17
Certificate issuer: /CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Certificate serial: 018CC26D4E5676B2417FF5CF7E22327271AE
Authority key identifier: 2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/a1EwcgsyBO4lXsUiLtwP0UD8Wxc.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204581
IP address blocks: 194.59.157.0/24 maxlen: 24
194.59.168.0/24 maxlen: 24
185.239.228.0/22 maxlen: 24
194.59.176.0/24 maxlen: 24
194.59.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4e:56:76:b2:41:7f:f5:cf:7e:22:32:72:71:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b5130720b3204ee255ec5222edc0fd140fc5b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:91:ab:7a:4a:0b:fe:33:98:27:97:05:4d:82:
ac:17:54:4a:10:2a:20:f9:fb:d9:46:fa:bf:22:5d:
52:e3:c6:be:19:29:8a:50:67:aa:7b:f9:75:03:23:
bf:6f:eb:f7:71:ec:d3:e1:a2:bd:68:5b:8e:c2:cd:
b2:0d:5a:22:89:38:f2:e1:41:40:49:4b:30:03:ad:
39:8a:51:ea:76:e0:aa:16:7c:7d:b1:9c:03:50:47:
32:fd:85:12:42:f5:07:89:e0:36:fb:a6:4d:48:1d:
27:44:b5:96:90:7f:ac:ea:53:6c:8e:7b:db:8f:20:
17:cc:c0:0f:44:70:2c:9a:04:3f:63:91:f8:47:89:
61:17:d9:6b:a7:b3:59:00:f9:e1:3f:41:8c:a0:7b:
21:f7:7b:d8:76:af:3e:3d:c6:07:a3:0a:12:e0:d1:
75:18:71:c5:ac:78:3f:14:d1:a2:a1:cf:68:63:98:
d2:97:a4:68:57:49:fd:1b:64:db:5b:b1:89:7b:4f:
52:0e:8f:88:9b:58:38:b3:ea:b9:00:fa:5d:1c:a6:
1f:5c:79:7a:8f:58:02:15:54:33:d4:56:de:12:0e:
df:05:dd:8a:47:72:73:35:81:26:21:85:05:1d:68:
53:0c:1b:39:bc:48:bb:f9:2b:4c:7a:1d:e0:93:f5:
7e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:51:30:72:0B:32:04:EE:25:5E:C5:22:2E:DC:0F:D1:40:FC:5B:17
X509v3 Authority Key Identifier:
keyid:2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/a1EwcgsyBO4lXsUiLtwP0UD8Wxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.228.0/22
194.59.157.0/24
194.59.168.0/24
194.59.176.0/24
194.59.181.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:65:7c:41:19:62:18:bc:1a:1d:07:c2:4f:7d:c0:3a:69:ec:
b8:d8:96:63:2c:bb:26:4c:7b:46:58:61:8c:50:cf:5b:38:f2:
ca:24:63:cc:d6:5b:1b:22:1b:da:b0:c5:85:d7:f9:f8:16:48:
15:4a:cb:cc:e5:16:e1:36:ed:a7:ce:72:61:bd:1e:6e:a3:7a:
08:c3:a7:66:b7:81:4c:58:e3:ef:a2:ea:04:17:27:f2:0d:17:
60:fb:19:38:63:95:1b:c2:76:6a:4f:08:62:a5:0c:d0:ea:de:
23:7d:87:7c:0d:1e:00:9c:8d:53:7a:79:e8:e6:31:4e:55:68:
6b:0f:77:63:dd:2e:48:c5:7d:37:cd:6c:53:49:b6:df:5b:8d:
23:c4:25:02:c2:20:c6:f3:23:d1:28:8f:26:73:01:6b:3e:41:
2e:b9:2b:6a:0f:23:26:d3:3f:ec:7f:3f:55:4f:fe:f7:5b:cf:
96:6d:a7:33:f4:30:27:c3:48:db:01:19:79:85:46:49:b8:e1:
16:3e:b8:a5:55:31:04:0c:82:a2:d6:df:75:70:f7:81:11:4c:
07:27:8f:84:46:96:8d:21:f7:75:88:90:54:04:bc:87:fe:d7:
b5:ed:41:59:8e:58:4a:b3:aa:91:76:7d:ed:fd:17:98:66:11:
5d:8d:a0:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbU5WdrJBf/XPfiIycnGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYmQzYzdlOWM3N2Y5YTg4OTQ5MDU2NTBkN2Y1YTQzOWEw
NzI2NWQwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUxMzA3MjBiMzIwNGVlMjU1ZWM1MjIyZWRjMGZkMTQwZmM1YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5GrekoL/jOYJ5cFTYKsF1RKECog
+fvZRvq/Il1S48a+GSmKUGeqe/l1AyO/b+v3cezT4aK9aFuOws2yDVoiiTjy4UFA
SUswA605ilHqduCqFnx9sZwDUEcy/YUSQvUHieA2+6ZNSB0nRLWWkH+s6lNsjnvb
jyAXzMAPRHAsmgQ/Y5H4R4lhF9lrp7NZAPnhP0GMoHsh93vYdq8+PcYHowoS4NF1
GHHFrHg/FNGioc9oY5jSl6RoV0n9G2TbW7GJe09SDo+Im1g4s+q5APpdHKYfXHl6
j1gCFVQz1FbeEg7fBd2KR3JzNYEmIYUFHWhTDBs5vEi7+StMeh3gk/V+6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGtRMHILMgTuJV7FIi7cD9FA/FsXMB8GA1UdIwQY
MBaAFC+9PH6cd/moiUkFZQ1/WkOaByZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDcwOGZweDMtYWlKU1FWbERYOWFRNW9ISmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lZWJkY2QtODk2Zi00Njc1LWEyNDYt
NWRjYmJkZTM1ZGNkLzEvYTFFd2Nnc3lCTzRsWHNVaUx0d1AwVUQ4V3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9lZWJkY2QtODk2Zi00Njc1LWEyNDYtNWRjYmJkZTM1ZGNk
LzEvTDcwOGZweDMtYWlKU1FWbERYOWFRNW9ISmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCue/kAwQA
wjudAwQAwjuoAwQAwjuwAwQAwju1MA0GCSqGSIb3DQEBCwUAA4IBAQAtZXxBGWIY
vBodB8JPfcA6aey42JZjLLsmTHtGWGGMUM9bOPLKJGPM1lsbIhvasMWF1/n4FkgV
SsvM5RbhNu2nznJhvR5uo3oIw6dmt4FMWOPvouoEFyfyDRdg+xk4Y5UbwnZqTwhi
pQzQ6t4jfYd8DR4AnI1Tenno5jFOVWhrD3dj3S5IxX03zWxTSbbfW40jxCUCwiDG
8yPRKI8mcwFrPkEuuStqDyMm0z/sfz9VT/73W8+Wbacz9DAnw0jbARl5hUZJuOEW
PrilVTEEDIKi1t91cPeBEUwHJ4+ERpaNIfd1iJBUBLyH/te17UFZjlhKs6qRdn3t
/ReYZhFdjaDe
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:12:43 2024 by rpki-client on console-ams.rpki-client.org