Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/50RvqOrnSEEYyyveIhPgm0cbJv0.roa
File: 50RvqOrnSEEYyyveIhPgm0cbJv0.roa (raw, json)
Hash identifier: B+zc6DDxALVqAu3D6q82HwP7HCszq3Cr3x/99Kr8eYc=
Subject key identifier: E7:44:6F:A8:EA:E7:48:41:18:CB:2B:DE:22:13:E0:9B:47:1B:26:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193305978D7B6FD931F8EEF047E33D5844E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/50RvqOrnSEEYyyveIhPgm0cbJv0.roa
Signing time: Fri 15 Nov 2024 15:03:10 +0000
ROA not before: Fri 15 Nov 2024 15:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.222.0/23 maxlen: 24
212.192.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:59:78:d7:b6:fd:93:1f:8e:ef:04:7e:33:d5:84:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 15 15:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7446fa8eae7484118cb2bde2213e09b471b26fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:2a:58:ef:ec:fa:e7:e8:36:8c:ac:81:8b:
11:24:ff:6a:4b:ea:81:20:3f:a4:fe:b3:4f:44:83:
20:b8:a2:74:5f:9b:56:65:c0:24:97:c5:21:b2:22:
6d:bb:41:75:8f:96:3c:7b:c3:1b:c0:a7:7d:ad:07:
22:d8:f7:f0:e2:ad:35:c3:d0:f4:71:98:38:e9:5b:
4e:89:e9:c6:41:b7:0a:75:0a:38:aa:32:25:37:4e:
fe:86:54:d1:f3:05:b4:db:5e:d3:a7:21:43:88:5d:
c8:ea:62:9a:10:56:39:2e:8d:4e:ac:21:32:c3:32:
7e:51:ff:de:0a:16:c1:6f:5b:76:d9:68:7a:00:ee:
e2:3d:bd:df:cb:fe:62:eb:21:ea:f5:bf:48:f9:b2:
b9:e7:34:c1:9b:ca:33:18:2a:cd:5f:6a:ee:a4:8f:
f3:89:14:bf:60:c5:1c:70:f8:65:96:0f:c2:b5:75:
f7:40:d7:40:8a:15:03:b6:44:76:15:80:01:e8:29:
0b:6d:a7:43:73:af:74:37:cd:ba:dc:34:f5:cf:27:
db:c8:89:20:27:3d:4d:05:4f:83:20:c0:e1:06:e8:
62:ed:6e:33:18:58:5a:83:9c:04:33:f4:f2:92:cb:
4c:5b:e0:7a:6f:0a:23:d6:1d:e5:63:6e:d8:5b:32:
3d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:44:6F:A8:EA:E7:48:41:18:CB:2B:DE:22:13:E0:9B:47:1B:26:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/50RvqOrnSEEYyyveIhPgm0cbJv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.222.0/23
212.192.0.0/23
Signature Algorithm: sha256WithRSAEncryption
05:1f:b7:20:85:18:e2:30:85:44:db:88:5f:4e:d8:36:db:c2:
30:e7:23:5a:ee:5b:b5:1a:36:5f:27:fc:a0:fe:bb:ea:24:41:
86:e3:be:97:72:38:9d:a4:90:9a:a6:53:33:c8:1d:65:a4:f1:
71:cb:20:97:34:cb:dc:0b:22:57:11:de:c8:e1:25:80:d7:ba:
71:a4:cd:b1:e0:44:af:74:59:2e:d5:5b:ac:82:21:53:50:76:
6e:1b:a0:59:3b:b6:27:d4:e4:b1:5e:35:61:57:21:f3:d3:44:
e8:dc:0e:db:60:6a:b2:1a:06:04:4b:78:47:b8:3f:ee:a7:a3:
85:85:45:12:33:98:65:5a:09:7e:10:df:16:80:30:b5:6a:ff:
9a:dc:21:7e:fa:95:07:db:11:0f:37:f3:ee:0a:14:ca:d6:7c:
18:39:4e:01:79:fa:81:9d:a8:df:80:5e:6c:b5:df:e2:db:46:
85:a5:34:5a:c2:13:0c:72:b6:a9:2a:3c:ca:80:a8:1b:53:fc:
06:2c:e5:d6:c0:cc:c0:87:7c:58:d3:d8:e5:c9:89:50:e1:62:
d2:0d:51:bf:5a:97:5e:c5:12:e0:8d:21:df:28:07:cb:69:24:
5c:8c:ea:df:4f:f5:df:f1:8e:ca:d3:35:01:2b:b7:b1:df:fa:
74:73:1b:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMwWXjXtv2TH47vBH4z1YROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTE1MTUwMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ0NmZhOGVhZTc0ODQxMThjYjJiZGUyMjEzZTA5YjQ3MWIyNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8kqWO/s+ufoNoysgYsRJP9qS+qB
ID+k/rNPRIMguKJ0X5tWZcAkl8UhsiJtu0F1j5Y8e8MbwKd9rQci2Pfw4q01w9D0
cZg46VtOienGQbcKdQo4qjIlN07+hlTR8wW0217TpyFDiF3I6mKaEFY5Lo1OrCEy
wzJ+Uf/eChbBb1t22Wh6AO7iPb3fy/5i6yHq9b9I+bK55zTBm8ozGCrNX2rupI/z
iRS/YMUccPhllg/CtXX3QNdAihUDtkR2FYAB6CkLbadDc690N8263DT1zyfbyIkg
Jz1NBU+DIMDhBuhi7W4zGFhag5wEM/TykstMW+B6bwoj1h3lY27YWzI9awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOdEb6jq50hBGMsr3iIT4JtHGyb9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNTBSdnFPcm5TRUVZeXl2ZUloUGdtMGNiSnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwlfeAwQB
1MAAMA0GCSqGSIb3DQEBCwUAA4IBAQAFH7cghRjiMIVE24hfTtg228Iw5yNa7lu1
GjZfJ/yg/rvqJEGG476XcjidpJCaplMzyB1lpPFxyyCXNMvcCyJXEd7I4SWA17px
pM2x4ESvdFku1VusgiFTUHZuG6BZO7Yn1OSxXjVhVyHz00To3A7bYGqyGgYES3hH
uD/up6OFhUUSM5hlWgl+EN8WgDC1av+a3CF++pUH2xEPN/PuChTK1nwYOU4BefqB
najfgF5std/i20aFpTRawhMMcrapKjzKgKgbU/wGLOXWwMzAh3xY09jlyYlQ4WLS
DVG/WpdexRLgjSHfKAfLaSRcjOrfT/Xf8Y7K0zUBK7ex3/p0cxui
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:36 2024 by rpki-client on console-fra.rpki-client.org