Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EevN-NjEM9sOBIAk9RnSxxtaun4.roa
File: EevN-NjEM9sOBIAk9RnSxxtaun4.roa (raw, json)
Hash identifier: 0JEYmYwym8P3W12FPl16Rf0vIGfGPGe2DDBTPChEAJM=
Subject key identifier: 11:EB:CD:F8:D8:C4:33:DB:0E:04:80:24:F5:19:D2:C7:1B:5A:BA:7E
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649EB6EBD4E9FC05D89ABE763D94FCF
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EevN-NjEM9sOBIAk9RnSxxtaun4.roa
Signing time: Mon 01 Jan 2024 18:29:42 +0000
ROA not before: Mon 01 Jan 2024 18:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201642
IP address blocks: 85.196.128.0/23 maxlen: 23
85.196.131.0/24 maxlen: 24
85.196.128.0/24 maxlen: 24
85.196.129.0/24 maxlen: 24
85.196.130.0/23 maxlen: 23
85.196.130.0/24 maxlen: 24
2a01:288:4005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:eb:6e:bd:4e:9f:c0:5d:89:ab:e7:63:d9:4f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11ebcdf8d8c433db0e048024f519d2c71b5aba7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ff:02:66:8b:b7:a9:d7:47:70:e6:51:1c:4f:
1b:c6:e5:ae:27:9a:37:ab:a6:db:ae:1d:2b:cc:46:
30:49:76:ed:0c:ad:b9:18:a4:2e:d8:f3:f3:32:07:
5b:40:6b:df:1f:7f:68:4e:80:23:bc:8d:4d:c2:21:
a5:9c:7f:19:3d:2c:9d:9a:57:ca:5a:26:c4:33:ae:
ce:0d:be:4e:e1:d7:49:78:33:fd:63:68:7c:46:66:
4e:a8:75:60:0a:6f:9d:6f:6c:39:77:f7:26:15:cc:
7c:08:a4:58:fd:31:ac:a3:00:ad:ac:e2:c6:6c:e0:
3f:d7:17:40:39:7b:ee:61:74:f8:7d:b5:c7:a9:d0:
d7:7d:2c:d5:d8:04:44:c9:3f:ca:50:94:76:a9:83:
84:26:8a:75:17:d3:08:87:f9:f5:be:90:83:d6:05:
9c:28:cc:db:92:4d:8f:03:4a:70:be:18:a7:c4:5a:
75:6a:a3:2e:85:e6:a6:c8:d4:46:b6:43:8a:1d:32:
1c:16:be:f5:3a:f4:2b:ec:eb:67:87:04:01:91:8b:
0c:ae:05:d0:d4:8b:34:db:1f:f0:97:ae:90:0e:3c:
61:2c:4d:f1:f9:f4:56:0b:23:17:99:27:7a:7f:24:
f5:29:c0:d2:89:88:1e:5f:ca:d9:1f:a7:bb:6d:bb:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:EB:CD:F8:D8:C4:33:DB:0E:04:80:24:F5:19:D2:C7:1B:5A:BA:7E
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/EevN-NjEM9sOBIAk9RnSxxtaun4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.196.128.0/22
IPv6:
2a01:288:4005::/48
Signature Algorithm: sha256WithRSAEncryption
15:1d:e6:99:3f:67:f4:8b:ea:a3:16:7b:67:9d:5e:d2:ba:e0:
bb:80:5f:c3:2a:61:0b:ef:c8:17:45:a4:ec:7e:f9:66:fb:66:
ee:ee:c3:c4:17:fe:f1:75:d2:c0:5a:78:30:d8:99:42:00:48:
47:23:16:68:f2:28:01:fe:a2:02:86:c5:7a:84:6d:55:d7:aa:
de:98:dd:74:d4:86:90:5d:d9:4a:3b:dc:45:f1:25:95:bb:12:
59:b1:a9:f0:bc:d5:7d:68:be:87:cd:db:a1:a0:63:b3:b0:eb:
d6:b0:3e:9b:25:90:fb:ee:ec:45:f2:95:8b:66:45:cf:7f:ba:
25:d1:b2:3c:07:c7:4b:5f:49:05:ce:c4:f1:fc:2e:ab:84:7b:
7d:e5:0e:32:b9:fd:ec:19:49:cb:e5:1f:57:4b:60:55:8b:04:
79:6e:d4:01:38:a3:ab:fb:ae:51:99:61:bf:5a:5b:d8:5c:de:
8f:a6:91:7b:6b:a8:68:9a:94:9f:fd:ff:ae:14:3d:ab:a2:0d:
04:7d:c2:e6:24:d0:57:42:60:bd:bb:9c:d2:80:4c:f5:22:57:
73:64:7e:cc:d2:35:f2:56:91:d4:47:06:8e:8b:8e:20:11:d2:
f9:a7:33:c4:e2:09:29:1f:fc:ff:19:e5:95:e7:30:c6:91:18:
9f:f0:5c:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSetuvU6fwF2Jq+dj2U/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWViY2RmOGQ4YzQzM2RiMGUwNDgwMjRmNTE5ZDJjNzFiNWFiYTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP8CZou3qddHcOZRHE8bxuWuJ5o3
q6bbrh0rzEYwSXbtDK25GKQu2PPzMgdbQGvfH39oToAjvI1NwiGlnH8ZPSydmlfK
WibEM67ODb5O4ddJeDP9Y2h8RmZOqHVgCm+db2w5d/cmFcx8CKRY/TGsowCtrOLG
bOA/1xdAOXvuYXT4fbXHqdDXfSzV2AREyT/KUJR2qYOEJop1F9MIh/n1vpCD1gWc
KMzbkk2PA0pwvhinxFp1aqMuheamyNRGtkOKHTIcFr71OvQr7OtnhwQBkYsMrgXQ
1Is02x/wl66QDjxhLE3x+fRWCyMXmSd6fyT1KcDSiYgeX8rZH6e7bbs3OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBHrzfjYxDPbDgSAJPUZ0scbWrp+MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvRWV2Ti1OakVNOXNPQklBazlSblN4eHRhdW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCVcSAMA8E
AgACMAkDBwAqAQKIQAUwDQYJKoZIhvcNAQELBQADggEBABUd5pk/Z/SL6qMWe2ed
XtK64LuAX8MqYQvvyBdFpOx++Wb7Zu7uw8QX/vF10sBaeDDYmUIASEcjFmjyKAH+
ogKGxXqEbVXXqt6Y3XTUhpBd2Uo73EXxJZW7ElmxqfC81X1ovofN26GgY7Ow69aw
PpslkPvu7EXylYtmRc9/uiXRsjwHx0tfSQXOxPH8LquEe33lDjK5/ewZScvlH1dL
YFWLBHlu1AE4o6v7rlGZYb9aW9hc3o+mkXtrqGialJ/9/64UPauiDQR9wuYk0FdC
YL27nNKATPUiV3NkfszSNfJWkdRHBo6LjiAR0vmnM8TiCSkf/P8Z5ZXnMMaRGJ/w
XGk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:49 2024 by rpki-client on console-ams.rpki-client.org