Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eWOJ7eiefIdR2HPIYDl-NschQDI.roa
File: eWOJ7eiefIdR2HPIYDl-NschQDI.roa (raw, json)
Hash identifier: 7YufwDUMbTeC+at1f7nds1kvVzcDyWYD2xVvq15LO3s=
Subject key identifier: 79:63:89:ED:E8:9E:7C:87:51:D8:73:C8:60:39:7E:36:C7:21:40:32
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CC801C4DB40FCCCDD91A760D97FBA6460
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eWOJ7eiefIdR2HPIYDl-NschQDI.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 94.74.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 06:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c4:db:40:fc:cc:dd:91:a7:60:d9:7f:ba:64:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=796389ede89e7c8751d873c860397e36c7214032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:fa:d7:81:0f:9d:02:f8:c3:e1:e8:31:01:
4e:8d:68:7e:9a:22:10:9f:a2:19:6a:8a:52:86:69:
f2:7d:40:51:e0:74:ce:4e:32:f5:48:86:4b:00:9d:
d7:c7:cd:84:be:35:ca:71:7e:20:a5:65:c5:53:9e:
6e:6d:7d:8e:ea:ef:a7:3f:e7:4f:f9:cb:0b:ed:f4:
7d:76:6a:48:aa:b6:dd:8e:08:c0:27:cf:d4:c3:29:
75:69:c3:37:1f:32:db:d8:57:70:64:52:1a:6b:8f:
dc:42:44:35:b8:a0:91:20:1d:72:da:90:2e:04:56:
a5:a6:09:6a:01:9f:c7:63:ac:be:3f:48:73:23:7b:
18:8d:d0:5b:e3:eb:0b:23:5f:83:a0:be:f9:30:6c:
7b:03:0e:db:85:87:c5:1e:6c:f4:0f:e3:0e:42:a1:
fc:cc:78:8e:be:fa:6b:bf:ef:17:a2:2f:a1:77:eb:
d1:fe:26:af:f5:b0:e4:9c:7a:21:7a:84:42:f8:85:
aa:ae:b7:1a:0b:61:c7:ae:65:7a:c0:91:6d:43:e0:
80:46:93:3a:5a:f4:01:11:e7:39:0d:0b:3c:3e:1f:
ae:0f:1e:8a:55:a4:4a:05:5e:80:62:94:0e:55:33:
11:6a:44:3f:f7:05:19:d8:e6:24:72:cc:7a:0c:77:
9a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:63:89:ED:E8:9E:7C:87:51:D8:73:C8:60:39:7E:36:C7:21:40:32
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eWOJ7eiefIdR2HPIYDl-NschQDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.157.0/24
Signature Algorithm: sha256WithRSAEncryption
60:4f:19:8d:4d:d8:9d:b5:df:79:80:9f:c5:b2:88:48:25:08:
3a:d4:80:05:a4:95:cb:0d:9b:96:71:d3:d2:3e:26:63:ae:53:
67:eb:6d:65:7f:bf:e6:d6:86:39:ed:55:01:d6:d3:c9:0a:00:
0f:95:2c:f9:0c:d7:c4:2d:a3:f5:4f:f0:ee:dc:98:69:32:37:
07:eb:2f:6b:eb:6a:cd:48:18:fc:fe:22:8d:0b:d0:a4:0a:bb:
e8:6b:bb:b4:78:72:ad:1f:e4:a8:81:4b:34:24:25:10:44:3b:
f3:af:b0:5c:aa:5d:72:7f:24:ff:c0:42:c6:03:62:89:66:c6:
32:a7:05:b9:a3:f7:c0:13:d0:02:29:01:b0:6a:0e:1c:0d:43:
b4:37:f5:67:42:84:8c:82:2b:58:2d:a2:3b:05:4a:cd:80:e1:
01:1f:dc:27:76:21:d1:ca:54:2f:5e:62:52:66:f9:bc:ff:fb:
c4:39:bd:4c:ff:a6:f6:3a:6f:86:41:8a:32:28:c3:a5:55:62:
67:d6:a7:61:a8:66:d6:63:b6:b7:d8:47:ff:28:ae:ab:f2:02:
6f:72:ef:00:aa:01:4a:02:f4:11:ec:7c:f0:c7:d0:1c:2f:88:
44:e4:fa:72:cf:51:76:61:2b:e4:a4:b8:3e:92:f0:05:07:90:
b1:2f:72:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAcTbQPzM3ZGnYNl/umRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTYzODllZGU4OWU3Yzg3NTFkODczYzg2MDM5N2UzNmM3MjE0MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDv614EPnQL4w+HoMQFOjWh+miIQ
n6IZaopShmnyfUBR4HTOTjL1SIZLAJ3Xx82EvjXKcX4gpWXFU55ubX2O6u+nP+dP
+csL7fR9dmpIqrbdjgjAJ8/Uwyl1acM3HzLb2FdwZFIaa4/cQkQ1uKCRIB1y2pAu
BFalpglqAZ/HY6y+P0hzI3sYjdBb4+sLI1+DoL75MGx7Aw7bhYfFHmz0D+MOQqH8
zHiOvvprv+8Xoi+hd+vR/iav9bDknHoheoRC+IWqrrcaC2HHrmV6wJFtQ+CARpM6
WvQBEec5DQs8Ph+uDx6KVaRKBV6AYpQOVTMRakQ/9wUZ2OYkcsx6DHeaBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHljie3onnyHUdhzyGA5fjbHIUAyMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZVdPSjdlaWVmSWRSMkhQSVlEbC1Oc2NoUURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqdMA0G
CSqGSIb3DQEBCwUAA4IBAQBgTxmNTdidtd95gJ/FsohIJQg61IAFpJXLDZuWcdPS
PiZjrlNn621lf7/m1oY57VUB1tPJCgAPlSz5DNfELaP1T/Du3JhpMjcH6y9r62rN
SBj8/iKNC9CkCrvoa7u0eHKtH+SogUs0JCUQRDvzr7Bcql1yfyT/wELGA2KJZsYy
pwW5o/fAE9ACKQGwag4cDUO0N/VnQoSMgitYLaI7BUrNgOEBH9wndiHRylQvXmJS
Zvm8//vEOb1M/6b2Om+GQYoyKMOlVWJn1qdhqGbWY7a32Ef/KK6r8gJvcu8AqgFK
AvQR7Hzwx9AcL4hE5Ppyz1F2YSvkpLg+kvAFB5CxL3Lk
-----END CERTIFICATE-----
Generated at Sun May 5 12:07:31 2024 by rpki-client on console-ams.rpki-client.org