Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZJmXdF24BxjXkXEgJ7XulqBbGg.roa
File: EZJmXdF24BxjXkXEgJ7XulqBbGg.roa (raw, json)
Hash identifier: 7MmMpKZJJ6iNbFpDNYT5NX75nUDQshSyYdBCn1eSMXg=
Subject key identifier: 11:92:66:5D:D1:76:E0:1C:63:5E:45:C4:80:9E:D7:BA:5A:81:6C:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7184D3F44BA4D29CDAF950EB4DBE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZJmXdF24BxjXkXEgJ7XulqBbGg.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 194.87.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 17:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:71:84:d3:f4:4b:a4:d2:9c:da:f9:50:eb:4d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1192665dd176e01c635e45c4809ed7ba5a816c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:ff:bd:6f:99:0d:dd:e8:24:ec:c6:5c:13:
07:20:04:4f:1c:61:47:d1:4e:a0:a0:5e:30:7f:b6:
dd:34:94:2c:50:37:05:b2:73:76:90:03:86:4f:9a:
ff:43:55:6a:53:06:5b:15:cb:64:d8:31:3f:ee:77:
cc:a4:0d:b8:09:4d:bc:6f:6c:ef:34:ee:d4:f6:f6:
9a:51:3d:f7:27:ca:4f:55:eb:1a:68:7c:f7:2e:17:
08:67:36:56:b4:74:b7:49:9e:53:4d:1b:dc:16:61:
c0:4f:39:aa:93:17:ec:42:69:d9:4a:e8:2d:38:4d:
11:32:d8:aa:3d:0b:fc:5d:4a:37:1c:79:9e:39:75:
10:ac:f4:72:af:8b:23:6b:4e:b1:c9:c4:56:88:8f:
59:4d:6c:60:fe:45:5d:47:6e:9b:a4:b4:3f:d6:f5:
e7:16:2e:18:02:06:9e:3b:d9:90:a5:3a:64:50:0f:
1f:92:84:3c:e1:a5:56:ce:22:07:50:77:3a:5b:67:
01:9a:f3:91:28:49:24:5e:36:ac:df:c1:ae:43:16:
13:71:1c:58:fc:07:7f:3e:00:a8:1f:95:01:da:27:
f1:4f:22:5e:f7:38:6c:8c:bf:3d:df:f5:ff:98:51:
fa:39:40:42:f8:39:3c:83:4a:8d:6b:71:40:27:54:
34:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:92:66:5D:D1:76:E0:1C:63:5E:45:C4:80:9E:D7:BA:5A:81:6C:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZJmXdF24BxjXkXEgJ7XulqBbGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.4.0/24
Signature Algorithm: sha256WithRSAEncryption
64:41:ec:23:a9:33:41:4e:af:65:df:23:4f:4c:12:63:01:c1:
82:0e:70:a4:07:59:17:d0:78:bc:6f:73:7c:e1:0b:2c:f9:4b:
b0:d9:ee:86:58:d0:fe:d9:2f:95:24:75:05:e3:4e:33:e1:b7:
43:4c:44:44:44:f0:08:9f:a4:ba:f5:e9:fc:be:cd:10:79:35:
7c:9a:a8:51:b5:cb:c4:15:68:94:b6:00:b9:42:bf:c6:e1:3d:
45:49:22:dd:a2:5c:8d:15:0d:0e:52:4d:2d:45:31:e2:e1:33:
4a:15:c0:38:73:d4:8d:d7:ff:e0:43:22:ad:5e:d4:83:04:9d:
0f:5a:db:4b:c0:92:68:0c:61:73:c0:48:87:c3:5a:ad:8f:97:
da:bb:60:e8:9d:d1:6c:d4:7b:88:cd:00:a9:45:96:be:f0:ba:
a5:77:ed:35:48:f2:b8:08:f5:63:05:d1:2e:33:6a:34:eb:f5:
a4:c0:26:78:de:37:23:a4:6e:7a:01:84:cc:91:c5:7f:eb:18:
8b:ac:43:fa:2f:3e:a0:22:fc:c7:c8:d1:35:9b:d8:a2:8f:90:
1c:d5:18:fd:6d:63:ee:40:ae:14:36:76:84:f3:11:8a:ea:78:
80:39:ce:2f:a9:8d:d9:6c:2b:f8:5e:a9:e0:67:e0:32:67:64:
35:4f:16:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnGE0/RLpNKc2vlQ602+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTkyNjY1ZGQxNzZlMDFjNjM1ZTQ1YzQ4MDllZDdiYTVhODE2YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5D/vW+ZDd3oJOzGXBMHIARPHGFH
0U6goF4wf7bdNJQsUDcFsnN2kAOGT5r/Q1VqUwZbFctk2DE/7nfMpA24CU28b2zv
NO7U9vaaUT33J8pPVesaaHz3LhcIZzZWtHS3SZ5TTRvcFmHATzmqkxfsQmnZSugt
OE0RMtiqPQv8XUo3HHmeOXUQrPRyr4sja06xycRWiI9ZTWxg/kVdR26bpLQ/1vXn
Fi4YAgaeO9mQpTpkUA8fkoQ84aVWziIHUHc6W2cBmvORKEkkXjas38GuQxYTcRxY
/Ad/PgCoH5UB2ifxTyJe9zhsjL893/X/mFH6OUBC+Dk8g0qNa3FAJ1Q03QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGSZl3RduAcY15FxICe17pagWxoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRVpKbVhkRjI0QnhqWGtYRWdKN1h1bHFCYkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcEMA0G
CSqGSIb3DQEBCwUAA4IBAQBkQewjqTNBTq9l3yNPTBJjAcGCDnCkB1kX0Hi8b3N8
4Qss+Uuw2e6GWND+2S+VJHUF404z4bdDTERERPAIn6S69en8vs0QeTV8mqhRtcvE
FWiUtgC5Qr/G4T1FSSLdolyNFQ0OUk0tRTHi4TNKFcA4c9SN1//gQyKtXtSDBJ0P
WttLwJJoDGFzwEiHw1qtj5fau2DondFs1HuIzQCpRZa+8Lqld+01SPK4CPVjBdEu
M2o06/WkwCZ43jcjpG56AYTMkcV/6xiLrEP6Lz6gIvzHyNE1m9iij5Ac1Rj9bWPu
QK4UNnaE8xGK6niAOc4vqY3ZbCv4XqngZ+AyZ2Q1TxZr
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:13:09 2024 by rpki-client on console-fra.rpki-client.org