Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/aew9maCaPeXrJOInZGjx5v7AyEg.roa
File: aew9maCaPeXrJOInZGjx5v7AyEg.roa (raw, json)
Hash identifier: dZTG4vhgDgo2TzOSmHhuHCnT6D+9vmmRWcP+JTpZ3iA=
Subject key identifier: 69:EC:3D:99:A0:9A:3D:E5:EB:24:E2:27:64:68:F1:E6:FE:C0:C8:48
Certificate issuer: /CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Certificate serial: 018CC8DE0849473E1E15DA96A8283C85D65A
Authority key identifier: E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/aew9maCaPeXrJOInZGjx5v7AyEg.roa
Signing time: Tue 02 Jan 2024 06:30:43 +0000
ROA not before: Tue 02 Jan 2024 06:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56403
IP address blocks: 185.194.128.0/24 maxlen: 24
46.235.16.0/22 maxlen: 22
46.235.20.0/23 maxlen: 23
46.235.22.0/24 maxlen: 24
46.235.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/5_7Cgz08jiMpA83Tr8A-zb6DsIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/5_7Cgz08jiMpA83Tr8A-zb6DsIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:08:49:47:3e:1e:15:da:96:a8:28:3c:85:d6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Validity
Not Before: Jan 2 06:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ec3d99a09a3de5eb24e2276468f1e6fec0c848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:90:53:8f:ba:c8:f1:8b:fd:94:59:4f:ea:00:
7a:28:77:73:00:39:d5:b5:9c:e7:43:5c:01:99:6a:
8b:fc:40:60:0e:ac:2e:94:42:f5:57:cc:cf:43:d7:
e9:74:f1:3e:a5:ad:03:b4:65:a4:f5:e9:3e:9f:fa:
59:4e:c9:fd:9f:57:20:a0:52:ce:6e:b5:7d:40:ac:
0a:54:38:65:d7:92:19:ca:8f:33:c4:3f:f9:a7:55:
e9:26:68:0c:99:e3:9c:36:9d:56:8f:52:0c:d6:f7:
a9:e7:1c:09:93:4a:83:ca:d0:de:98:e8:8c:bd:7e:
63:c1:8b:0c:5e:63:5c:4b:fe:d9:86:1d:1e:bf:30:
5e:09:4a:65:4a:9c:63:6f:ad:bc:4a:2d:3f:c8:26:
43:b9:e7:f4:e2:ec:df:ff:81:52:67:64:cd:5e:75:
1c:0c:3e:ca:c0:6d:23:55:2a:d6:87:bd:38:4e:4f:
5a:fd:b6:a6:cb:65:79:3b:76:3d:a1:dc:b1:b6:90:
fb:54:45:d1:d3:27:05:26:47:70:07:2c:b0:92:ec:
a2:15:2a:90:14:67:ef:72:85:85:16:e7:ef:4f:04:
60:f6:f2:35:6c:c8:9f:63:b4:2e:08:de:71:bd:bf:
87:b7:37:98:d4:98:ac:a6:2c:1c:0e:94:49:74:64:
af:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EC:3D:99:A0:9A:3D:E5:EB:24:E2:27:64:68:F1:E6:FE:C0:C8:48
X509v3 Authority Key Identifier:
keyid:E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/aew9maCaPeXrJOInZGjx5v7AyEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/5_7Cgz08jiMpA83Tr8A-zb6DsIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.16.0/21
185.194.128.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:57:a2:29:8a:f0:51:18:56:ce:76:0f:df:f0:4b:0c:9a:83:
b3:24:54:36:66:2e:3b:04:38:cb:af:f7:61:54:96:04:1e:02:
e6:95:7c:dc:4c:e9:8c:26:5a:51:13:bd:de:a6:43:e6:fd:dc:
3f:00:74:2b:7e:28:45:02:4d:db:7c:c2:b9:5b:e6:44:c6:c6:
fb:84:00:f7:4a:c0:58:fc:8b:c7:ba:ef:26:f8:bf:95:f2:2b:
0f:21:b1:41:1d:fb:36:b9:c2:b0:20:68:b2:57:6c:f6:86:f0:
fa:6e:56:bf:16:a8:c9:e8:c6:09:c9:33:88:5c:e4:18:ad:95:
96:20:da:e3:0d:68:6a:54:c9:85:cb:4a:78:b7:d2:ae:7c:c4:
8c:75:c2:19:1e:08:8b:da:67:9f:fd:f6:87:bd:82:8e:73:13:
19:ad:c6:84:95:a4:e8:e5:91:ef:a3:4a:a9:3b:a1:72:35:0b:
bd:8c:03:d1:e7:67:21:57:df:fb:ed:d9:7e:95:4f:a8:9b:1c:
29:98:43:7d:3a:04:57:25:db:f4:f0:8a:2f:25:69:cf:28:0d:
92:5d:3a:97:77:9f:4c:5c:de:b9:d1:63:06:06:98:01:ea:74:
a4:30:dc:31:f6:68:dd:38:08:74:86:03:b8:d2:fc:f1:85:fe:
d2:e3:69:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3ghJRz4eFdqWqCg8hdZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVjMjgzM2QzYzhlMjMyOTAzY2RkM2FmYzAzZWNkYmU4
M2IwODUwHhcNMjQwMTAyMDYzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVjM2Q5OWEwOWEzZGU1ZWIyNGUyMjc2NDY4ZjFlNmZlYzBjODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZBTj7rI8Yv9lFlP6gB6KHdzADnV
tZznQ1wBmWqL/EBgDqwulEL1V8zPQ9fpdPE+pa0DtGWk9ek+n/pZTsn9n1cgoFLO
brV9QKwKVDhl15IZyo8zxD/5p1XpJmgMmeOcNp1Wj1IM1vep5xwJk0qDytDemOiM
vX5jwYsMXmNcS/7Zhh0evzBeCUplSpxjb628Si0/yCZDuef04uzf/4FSZ2TNXnUc
DD7KwG0jVSrWh704Tk9a/bamy2V5O3Y9odyxtpD7VEXR0ycFJkdwByywkuyiFSqQ
FGfvcoWFFufvTwRg9vI1bMifY7QuCN5xvb+HtzeY1JispiwcDpRJdGSvBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGnsPZmgmj3l6yTiJ2Ro8eb+wMhIMB8GA1UdIwQY
MBaAFOf+woM9PI4jKQPN06/APs2+g7CFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgt
MzkzYTQwODBjNzQ3LzEvYWV3OW1hQ2FQZVhySk9JblpHang1djdBeUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgtMzkzYTQwODBjNzQ3
LzEvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLusQAwQA
ucKAMA0GCSqGSIb3DQEBCwUAA4IBAQCmV6IpivBRGFbOdg/f8EsMmoOzJFQ2Zi47
BDjLr/dhVJYEHgLmlXzcTOmMJlpRE73epkPm/dw/AHQrfihFAk3bfMK5W+ZExsb7
hAD3SsBY/IvHuu8m+L+V8isPIbFBHfs2ucKwIGiyV2z2hvD6bla/FqjJ6MYJyTOI
XOQYrZWWINrjDWhqVMmFy0p4t9KufMSMdcIZHgiL2mef/faHvYKOcxMZrcaElaTo
5ZHvo0qpO6FyNQu9jAPR52chV9/77dl+lU+omxwpmEN9OgRXJdv08IovJWnPKA2S
XTqXd59MXN650WMGBpgB6nSkMNwx9mjdOAh0hgO40vzxhf7S42m1
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:39:34 2024 by rpki-client on console-ams.rpki-client.org