Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZOGsopTLNxHHweQrNzHQMHE5qs.roa
File: EZOGsopTLNxHHweQrNzHQMHE5qs.roa (raw, json)
Hash identifier: ND047Xo809aDgpmUEv6F9f9sjQo+7tFfZ2FOky73uTY=
Subject key identifier: 11:93:86:B2:8A:53:2C:DC:47:1F:07:90:AC:DC:C7:40:C1:C4:E6:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D72904FA00C138B53E11ADCE7C79D6784
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZOGsopTLNxHHweQrNzHQMHE5qs.roa
Signing time: Sun 04 Feb 2024 05:21:16 +0000
ROA not before: Sun 04 Feb 2024 05:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 195.133.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Oct 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:90:4f:a0:0c:13:8b:53:e1:1a:dc:e7:c7:9d:67:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 4 05:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=119386b28a532cdc471f0790acdcc740c1c4e6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ff:1b:97:bd:84:f4:e7:8b:99:ca:56:08:1f:
68:8d:68:a9:8d:a6:71:8a:be:b3:cd:fe:be:1f:b0:
45:2f:ba:1e:a3:8c:0a:fa:f1:02:ae:4d:6b:a7:77:
b7:1e:49:4e:5f:41:14:84:bd:52:25:53:46:9c:80:
69:f0:95:7c:45:b3:0b:bc:12:fe:45:f1:90:71:43:
e4:dd:18:21:40:ee:54:16:3d:3e:ea:0c:0e:2d:d7:
4b:25:c4:4f:9d:e3:ef:58:21:f6:42:c1:c7:6c:10:
0e:b6:3f:6b:d7:86:32:db:e1:8d:9b:5f:ec:97:e5:
0c:d1:98:cb:82:47:7a:ff:ef:5b:53:b1:e1:6f:5a:
cb:81:ff:21:85:07:b5:22:43:4c:a6:08:a5:05:da:
37:60:8b:9f:9e:ed:b8:f2:f4:fd:c0:80:a1:86:5c:
87:eb:2e:55:d3:0d:87:c4:8b:a9:8c:85:6a:89:c5:
2b:61:25:4e:cc:05:59:71:34:38:05:7c:7c:ef:3d:
11:2b:31:83:1c:2f:7a:21:16:dc:1f:67:0d:73:90:
dd:65:fe:f9:8d:30:73:87:0c:58:1d:b7:a0:92:77:
a7:b6:12:09:83:87:2f:92:eb:c2:99:e8:00:43:ac:
19:d9:77:2e:96:b2:e1:f2:17:19:bb:b7:98:01:fa:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:93:86:B2:8A:53:2C:DC:47:1F:07:90:AC:DC:C7:40:C1:C4:E6:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EZOGsopTLNxHHweQrNzHQMHE5qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.37.0/24
Signature Algorithm: sha256WithRSAEncryption
95:db:8a:e3:75:ea:7b:02:86:5c:f0:25:1c:8d:27:bc:17:30:
12:0b:1e:8a:da:ba:2f:9f:09:84:7f:87:08:a2:82:c5:94:cb:
a5:05:31:c0:df:5f:8b:34:b6:72:33:d0:02:e9:1b:16:3c:0c:
4b:0a:ba:52:27:93:b9:fd:f4:23:f7:dc:61:d0:ef:88:ce:52:
a9:f6:13:04:bc:94:89:fc:c5:2c:92:64:fb:bb:b5:c7:90:05:
56:de:03:b9:07:df:77:ad:48:55:87:0e:33:52:0c:6c:52:22:
69:e6:d6:d8:d3:f8:bd:16:a1:8f:06:dd:01:b3:26:b7:d2:5d:
b4:1b:e1:a0:f1:7d:74:30:e2:7d:ca:9e:c3:ee:02:e2:36:6d:
29:60:e6:91:1b:09:aa:b3:b1:06:70:b5:e2:c4:e2:92:ae:6c:
9f:0b:c5:b7:7f:5b:a5:3f:b9:e6:21:76:f8:de:c1:94:16:57:
8c:a2:28:5f:4c:de:ef:c5:50:44:42:7f:15:33:72:29:24:41:
9c:36:bc:05:0f:a5:ca:0b:8d:c2:6a:cb:65:7c:23:70:c5:d9:
c9:e7:cf:2c:92:23:74:c8:a1:7b:d1:f1:ea:7c:f2:43:1d:d7:
94:3a:86:a4:4f:c6:16:07:8d:15:61:92:7f:f1:05:3c:ef:36:
30:b5:44:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ykE+gDBOLU+Ea3OfHnWeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA0MDUyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTkzODZiMjhhNTMyY2RjNDcxZjA3OTBhY2RjYzc0MGMxYzRlNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP8bl72E9OeLmcpWCB9ojWipjaZx
ir6zzf6+H7BFL7oeo4wK+vECrk1rp3e3HklOX0EUhL1SJVNGnIBp8JV8RbMLvBL+
RfGQcUPk3RghQO5UFj0+6gwOLddLJcRPnePvWCH2QsHHbBAOtj9r14Yy2+GNm1/s
l+UM0ZjLgkd6/+9bU7Hhb1rLgf8hhQe1IkNMpgilBdo3YIufnu248vT9wIChhlyH
6y5V0w2HxIupjIVqicUrYSVOzAVZcTQ4BXx87z0RKzGDHC96IRbcH2cNc5DdZf75
jTBzhwxYHbegknenthIJg4cvkuvCmegAQ6wZ2XculrLh8hcZu7eYAfqYYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGThrKKUyzcRx8HkKzcx0DBxOarMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRVpPR3NvcFRMTnhISHdlUXJOekhRTUhFNXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UlMA0G
CSqGSIb3DQEBCwUAA4IBAQCV24rjdep7AoZc8CUcjSe8FzASCx6K2rovnwmEf4cI
ooLFlMulBTHA31+LNLZyM9AC6RsWPAxLCrpSJ5O5/fQj99xh0O+IzlKp9hMEvJSJ
/MUskmT7u7XHkAVW3gO5B993rUhVhw4zUgxsUiJp5tbY0/i9FqGPBt0Bsya30l20
G+Gg8X10MOJ9yp7D7gLiNm0pYOaRGwmqs7EGcLXixOKSrmyfC8W3f1ulP7nmIXb4
3sGUFleMoihfTN7vxVBEQn8VM3IpJEGcNrwFD6XKC43CastlfCNwxdnJ588skiN0
yKF70fHqfPJDHdeUOoakT8YWB40VYZJ/8QU87zYwtUR7
-----END CERTIFICATE-----
Generated at Wed Oct 9 22:45:39 2024 by rpki-client on console-ams.rpki-client.org