Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4E7L4eZreoK4O4EcE2sw-kVrhbI.roa
File: 4E7L4eZreoK4O4EcE2sw-kVrhbI.roa (raw, json)
Hash identifier: aiB0ScoyipqdCo3zrNPgvaeoZcU+yHYyG+qgCjDvt7E=
Subject key identifier: E0:4E:CB:E1:E6:6B:7A:82:B8:3B:81:1C:13:6B:30:FA:45:6B:85:B2
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F1B88953AB4C9E4EA28F6D42D21CB360C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4E7L4eZreoK4O4EcE2sw-kVrhbI.roa
Signing time: Fri 26 Apr 2024 17:51:26 +0000
ROA not before: Fri 26 Apr 2024 17:51:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52053
IP address blocks: 185.255.112.0/24 maxlen: 24
193.38.250.0/24 maxlen: 24
194.110.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:88:95:3a:b4:c9:e4:ea:28:f6:d4:2d:21:cb:36:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 26 17:51:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e04ecbe1e66b7a82b83b811c136b30fa456b85b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:94:f7:6f:d2:2a:9e:27:26:39:fc:6e:5c:e6:
c2:60:4b:5e:f4:d1:2a:f1:ef:ad:99:92:08:78:be:
4a:f8:22:36:d2:2f:37:5e:2f:40:f0:ff:ce:b0:fd:
78:d4:a7:e2:a0:44:fe:e4:ff:2b:dd:5d:c2:8e:64:
e5:e1:18:08:b0:01:5a:e4:82:29:0b:72:0f:f1:09:
0e:77:d3:0c:70:72:2c:93:5b:5e:b4:02:04:af:37:
55:f3:cb:1e:83:38:ee:08:1c:c2:ff:21:dc:d6:92:
98:c5:ae:b2:ba:61:52:2a:23:f9:dc:12:af:ba:b4:
40:f1:b2:2f:15:12:10:ae:24:e1:2a:7f:62:0c:13:
4c:91:2e:1f:ec:9c:ed:36:bd:fb:28:48:73:38:14:
b2:2b:d4:05:64:e7:25:8e:5d:1a:7c:64:de:e4:fc:
05:75:3f:c4:72:5e:7f:3e:65:f3:7e:4a:b4:10:6d:
3a:4e:62:a2:66:ef:78:56:27:30:8c:15:4d:40:62:
bc:c6:46:55:54:83:68:e2:52:49:fb:29:9d:65:6a:
d6:38:eb:75:18:b6:f5:ae:93:3b:de:aa:e0:d7:f4:
aa:0b:87:2c:b7:ed:4a:41:6d:b7:eb:f1:03:da:e1:
8a:45:51:0a:fe:a5:2a:ce:03:dc:36:ba:73:46:85:
f7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4E:CB:E1:E6:6B:7A:82:B8:3B:81:1C:13:6B:30:FA:45:6B:85:B2
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/4E7L4eZreoK4O4EcE2sw-kVrhbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.112.0/24
193.38.250.0/24
194.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:d0:b8:bd:2e:12:23:90:77:cf:0e:f4:e2:7f:15:22:49:50:
6e:5d:f1:7c:6a:c5:cc:ca:75:fd:95:42:8d:c5:2a:f8:e2:6d:
de:78:ed:d9:30:0e:18:c7:57:f3:c0:cb:44:91:59:f7:36:21:
d8:4f:a5:2f:6c:d9:57:c9:ad:b0:7f:3f:4f:e3:3f:ca:f4:30:
d3:15:e1:e7:6b:6f:39:7e:cc:4d:95:ff:6d:a0:94:c9:2b:52:
3e:d6:61:2c:1c:6e:3b:03:0f:65:4e:ad:d7:77:94:72:b4:65:
3c:e9:1b:79:9b:b0:97:3c:40:9d:db:6f:aa:f3:58:79:6c:e7:
c3:70:26:49:29:ed:a0:09:54:20:1c:54:60:b7:81:6a:26:7e:
d8:2d:01:8f:3c:ce:44:79:7e:85:ea:5d:d9:91:6a:50:10:0c:
95:ea:8c:c2:40:a7:12:03:35:9a:0b:ac:da:79:c3:ff:bb:7d:
6a:61:f1:df:23:a5:22:6d:c6:c8:d4:45:27:fb:ac:2d:55:23:
c2:34:18:fd:67:49:b1:02:e5:bc:e8:16:1c:cd:f9:7c:76:14:
1e:f9:c7:87:40:7d:12:59:9e:b7:3c:96:78:e8:ad:ac:ad:ab:
ca:3d:5e:91:be:45:10:52:b0:d5:f8:ee:09:f1:b8:2d:19:85:
9d:e7:07:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8biJU6tMnk6ij21C0hyzYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDI2MTc1MTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRlY2JlMWU2NmI3YTgyYjgzYjgxMWMxMzZiMzBmYTQ1NmI4NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5T3b9IqnicmOfxuXObCYEte9NEq
8e+tmZIIeL5K+CI20i83Xi9A8P/OsP141KfioET+5P8r3V3CjmTl4RgIsAFa5IIp
C3IP8QkOd9MMcHIsk1tetAIErzdV88segzjuCBzC/yHc1pKYxa6yumFSKiP53BKv
urRA8bIvFRIQriThKn9iDBNMkS4f7JztNr37KEhzOBSyK9QFZOcljl0afGTe5PwF
dT/Ecl5/PmXzfkq0EG06TmKiZu94VicwjBVNQGK8xkZVVINo4lJJ+ymdZWrWOOt1
GLb1rpM73qrg1/SqC4cst+1KQW236/ED2uGKRVEK/qUqzgPcNrpzRoX3CQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOBOy+Hma3qCuDuBHBNrMPpFa4WyMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvNEU3TDRlWnJlb0s0TzRFY0Uyc3cta1ZyaGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuf9wAwQA
wSb6AwQAwm6uMA0GCSqGSIb3DQEBCwUAA4IBAQCa0Li9LhIjkHfPDvTifxUiSVBu
XfF8asXMynX9lUKNxSr44m3eeO3ZMA4Yx1fzwMtEkVn3NiHYT6UvbNlXya2wfz9P
4z/K9DDTFeHna285fsxNlf9toJTJK1I+1mEsHG47Aw9lTq3Xd5RytGU86Rt5m7CX
PECd22+q81h5bOfDcCZJKe2gCVQgHFRgt4FqJn7YLQGPPM5EeX6F6l3ZkWpQEAyV
6ozCQKcSAzWaC6zaecP/u31qYfHfI6UibcbI1EUn+6wtVSPCNBj9Z0mxAuW86BYc
zfl8dhQe+ceHQH0SWZ63PJZ46K2sravKPV6RvkUQUrDV+O4J8bgtGYWd5weF
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:12:04 2024 by rpki-client on console-ams.rpki-client.org