Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/UEtW5jde2G6UaOJSSoBA0RpVmCs.roa
File: UEtW5jde2G6UaOJSSoBA0RpVmCs.roa (raw, json)
Hash identifier: 7DrjbBPIkM7KLARwUW7vpkyZqIjFwAn4RbU/8QLN0r8=
Subject key identifier: 50:4B:56:E6:37:5E:D8:6E:94:68:E2:52:4A:80:40:D1:1A:55:98:2B
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018CC7958E236F020D211151E0E92A72B86A
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/UEtW5jde2G6UaOJSSoBA0RpVmCs.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3598
IP address blocks: 194.69.96.0/19 maxlen: 19
194.69.100.0/22 maxlen: 24
2a01:110::/32 maxlen: 32
2a01:110:8068::/48 maxlen: 48
2a01:110:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8e:23:6f:02:0d:21:11:51:e0:e9:2a:72:b8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=504b56e6375ed86e9468e2524a8040d11a55982b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:22:cd:dc:2b:80:34:4a:bb:30:7b:7a:49:51:
b6:87:2a:8d:66:c2:58:2a:98:b7:cd:cd:a9:e7:d2:
8f:42:a8:eb:5f:e2:30:af:df:c2:b6:66:c0:c2:b1:
7e:cd:a2:12:cd:a1:78:3b:83:6c:27:c3:7f:50:f5:
dd:d8:51:0c:12:df:d0:b7:d4:32:9f:df:fc:33:51:
87:5c:38:a7:dd:8f:1d:38:16:b8:01:8c:7b:47:f2:
1e:28:cd:ca:d9:33:05:55:6c:d8:55:9f:20:9a:0f:
a3:7b:0f:59:c7:f2:9c:63:c3:25:8a:82:89:ce:05:
0b:e3:f5:07:50:63:b5:52:61:04:6d:1b:53:11:f4:
e0:07:e8:3d:ef:4f:16:14:b5:61:b7:9c:3c:7a:86:
fa:4d:25:64:64:99:03:ef:87:4a:f6:69:73:4e:66:
22:e8:a4:7a:00:7d:83:7e:33:77:cf:49:d1:4b:eb:
b3:14:f2:80:96:12:d1:ee:74:92:31:8e:3d:86:56:
33:4b:7e:53:92:67:01:a0:64:0e:da:9a:23:7b:43:
f1:92:02:37:dd:e2:00:ee:76:59:da:f7:e2:59:66:
49:d0:8e:4f:39:3c:f9:7b:52:f1:2a:dd:72:62:bc:
2e:57:22:01:d1:c5:10:a2:1f:6f:ce:e4:ab:80:97:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4B:56:E6:37:5E:D8:6E:94:68:E2:52:4A:80:40:D1:1A:55:98:2B
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/UEtW5jde2G6UaOJSSoBA0RpVmCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.96.0/19
IPv6:
2a01:110::/32
Signature Algorithm: sha256WithRSAEncryption
7f:7f:f5:77:4d:6b:d6:35:1c:92:ba:3a:5b:db:67:8e:b0:b1:
d6:e2:36:09:c6:39:de:c6:e6:16:8f:8e:02:49:2d:e0:c1:d3:
b5:a8:e6:a3:2b:f4:5b:18:b0:9a:04:7a:ea:97:23:c4:1a:b0:
cf:a5:70:78:75:18:aa:af:8d:c8:d7:8a:55:10:28:ef:e1:a4:
6b:c0:ee:72:1f:55:b9:e4:b3:28:d4:69:e8:79:21:4d:de:9e:
21:75:fe:c6:54:22:07:34:1a:db:18:d0:d1:24:d5:4a:6b:e5:
8e:13:4c:3c:25:ba:d4:ad:6a:ae:37:66:cc:99:af:1e:7a:72:
88:82:45:e1:46:dd:9c:64:31:4b:87:6c:59:1b:89:db:2f:7b:
31:5c:8a:22:f1:59:d6:4f:13:a0:fc:57:d8:17:9d:de:78:c5:
1c:88:d5:a4:33:8d:29:51:0f:b2:2e:e6:5a:31:10:48:80:dc:
8a:f9:8d:c2:cf:62:aa:c9:9d:e0:01:d3:f7:10:36:79:d4:d5:
89:5c:80:fa:f0:5f:0b:07:00:7d:26:4d:31:5b:14:b6:35:f0:
e5:ec:a7:f1:3d:e7:73:90:f5:76:58:3e:97:00:7c:8b:fe:aa:
18:07:d3:0f:d7:5b:9b:e8:1a:1d:90:6f:ac:17:da:69:80:be:
d3:75:55:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlY4jbwINIRFR4OkqcrhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRiNTZlNjM3NWVkODZlOTQ2OGUyNTI0YTgwNDBkMTFhNTU5ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCLN3CuANEq7MHt6SVG2hyqNZsJY
Kpi3zc2p59KPQqjrX+Iwr9/CtmbAwrF+zaISzaF4O4NsJ8N/UPXd2FEMEt/Qt9Qy
n9/8M1GHXDin3Y8dOBa4AYx7R/IeKM3K2TMFVWzYVZ8gmg+jew9Zx/KcY8MlioKJ
zgUL4/UHUGO1UmEEbRtTEfTgB+g9708WFLVht5w8eob6TSVkZJkD74dK9mlzTmYi
6KR6AH2DfjN3z0nRS+uzFPKAlhLR7nSSMY49hlYzS35TkmcBoGQO2poje0PxkgI3
3eIA7nZZ2vfiWWZJ0I5POTz5e1LxKt1yYrwuVyIB0cUQoh9vzuSrgJeA9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFBLVuY3XthulGjiUkqAQNEaVZgrMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvVUV0VzVqZGUyRzZVYU9KU1NvQkEwUnBWbUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwkVgMA0E
AgACMAcDBQAqAQEQMA0GCSqGSIb3DQEBCwUAA4IBAQB/f/V3TWvWNRySujpb22eO
sLHW4jYJxjnexuYWj44CSS3gwdO1qOajK/RbGLCaBHrqlyPEGrDPpXB4dRiqr43I
14pVECjv4aRrwO5yH1W55LMo1GnoeSFN3p4hdf7GVCIHNBrbGNDRJNVKa+WOE0w8
JbrUrWquN2bMma8eenKIgkXhRt2cZDFLh2xZG4nbL3sxXIoi8VnWTxOg/FfYF53e
eMUciNWkM40pUQ+yLuZaMRBIgNyK+Y3Cz2KqyZ3gAdP3EDZ51NWJXID68F8LBwB9
Jk0xWxS2NfDl7KfxPedzkPV2WD6XAHyL/qoYB9MP11ub6BodkG+sF9ppgL7TdVXx
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:43:20 2024 by rpki-client on console-ams.rpki-client.org