Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/eX0XUZtz1cUpy8Q4r1cMYUSzDZk.roa
File: eX0XUZtz1cUpy8Q4r1cMYUSzDZk.roa (raw, json)
Hash identifier: TfwGK/NU5dmgisFcFHYsvg8QwuJ1yxhI3QZXpqovYSM=
Subject key identifier: 79:7D:17:51:9B:73:D5:C5:29:CB:C4:38:AF:57:0C:61:44:B3:0D:99
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 018D8D465DDE66F980545AB61CB825D197AD
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/eX0XUZtz1cUpy8Q4r1cMYUSzDZk.roa
Signing time: Fri 09 Feb 2024 09:50:15 +0000
ROA not before: Fri 09 Feb 2024 09:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208988
IP address blocks: 31.214.150.0/23 maxlen: 23
37.10.68.0/23 maxlen: 23
37.10.110.0/23 maxlen: 23
62.221.228.0/22 maxlen: 22
85.190.184.0/21 maxlen: 21
85.222.208.0/20 maxlen: 20
91.208.17.0/24 maxlen: 24
94.126.36.0/22 maxlen: 22
109.169.120.0/21 maxlen: 21
128.0.120.0/23 maxlen: 23
185.44.4.0/22 maxlen: 22
185.50.108.0/22 maxlen: 22
185.68.240.0/22 maxlen: 22
185.123.4.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
185.195.120.0/22 maxlen: 22
2a01:71a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:46:5d:de:66:f9:80:54:5a:b6:1c:b8:25:d1:97:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Feb 9 09:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=797d17519b73d5c529cbc438af570c6144b30d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bb:a1:6b:ad:c5:38:7f:92:76:b4:cf:cd:92:
ae:10:19:ef:a3:72:f6:f8:6a:88:0a:50:0c:31:bb:
19:80:06:f5:85:d0:b0:ed:2a:a5:6f:4f:65:e6:15:
ce:8a:62:7c:f7:52:f1:d6:0b:f2:90:e6:f3:c8:64:
51:3d:b3:d2:a2:12:cc:54:e6:cb:80:48:5a:0a:72:
66:0f:c3:29:77:51:a9:68:2b:5a:30:a2:64:2d:08:
f9:37:b6:93:b8:1d:4f:04:e2:0d:bd:d1:86:56:2c:
7e:1f:2a:58:5c:57:00:44:a8:06:61:62:0c:17:3f:
d6:e3:4d:8f:ac:d3:07:56:86:61:7b:7e:7b:d6:77:
4b:a6:a3:20:1f:ee:c2:17:5d:5b:c7:88:1a:a5:45:
d6:03:a1:ce:6f:1f:33:dc:7d:56:d5:d8:e3:7a:5b:
1b:cf:51:ea:91:3e:89:ce:d9:e8:66:e7:c2:46:c8:
be:5e:c1:12:9e:b7:63:bb:16:57:70:c4:25:43:35:
25:5b:93:6e:47:c0:4c:5d:85:44:fa:a0:25:33:15:
8f:6f:5e:85:7f:43:6d:5a:12:12:fc:cb:85:67:f7:
05:02:2a:75:44:5b:12:55:34:f0:20:0b:2f:9b:02:
a9:75:a3:e2:a9:25:cd:74:6b:6b:e2:6e:63:32:48:
1d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7D:17:51:9B:73:D5:C5:29:CB:C4:38:AF:57:0C:61:44:B3:0D:99
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/eX0XUZtz1cUpy8Q4r1cMYUSzDZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
109.169.120.0/21
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.68.240.0/22
185.123.4.0/22
185.125.232.0/22
185.195.120.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
00:4b:b8:8b:c8:44:e1:1b:46:72:59:59:a4:45:24:45:9a:c8:
b3:18:e8:2f:d7:89:a4:4c:78:52:c9:f7:b4:3c:9f:0f:52:bd:
b7:4c:17:c5:55:fd:1b:b1:ef:06:db:cf:d3:ee:7b:e0:d9:14:
76:96:10:c5:b7:23:f8:0c:55:42:93:b0:84:6b:ff:80:12:45:
f8:e3:a8:0b:72:0e:4e:3d:1e:3a:e7:02:72:ee:b9:e1:ec:c3:
ac:cd:39:e9:1f:19:14:62:2e:5c:86:96:6f:2f:23:5a:9c:27:
7e:d1:9d:72:cb:c7:de:29:d6:63:d1:51:7c:7d:06:6a:af:1a:
b5:7c:aa:d1:95:ad:90:1c:f8:e2:4d:8e:ca:c1:16:68:01:27:
06:9c:ea:55:97:7f:2d:49:b1:a7:8e:ed:d3:78:6a:10:66:0f:
85:00:8d:9b:98:a6:65:85:9f:00:72:4f:de:b7:31:af:1b:dc:
87:5a:85:27:7d:4b:63:c9:42:f1:3e:46:d8:96:1b:dc:67:c7:
b8:72:97:9c:68:be:b3:6a:5a:7d:1f:d1:ed:e8:49:c3:33:0e:
1d:4a:0e:0f:56:72:38:e4:af:33:71:fc:d0:c8:e3:91:9b:4e:
b2:d8:5c:0c:b1:0c:13:f0:75:b0:b6:16:29:1e:5a:a1:dc:3a:
2a:f7:9b:3a
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY2NRl3eZvmAVFq2HLgl0ZetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjQwMjA5MDk1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTdkMTc1MTliNzNkNWM1MjljYmM0MzhhZjU3MGM2MTQ0YjMwZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbuha63FOH+SdrTPzZKuEBnvo3L2
+GqIClAMMbsZgAb1hdCw7Sqlb09l5hXOimJ891Lx1gvykObzyGRRPbPSohLMVObL
gEhaCnJmD8Mpd1GpaCtaMKJkLQj5N7aTuB1PBOINvdGGVix+HypYXFcARKgGYWIM
Fz/W402PrNMHVoZhe3571ndLpqMgH+7CF11bx4gapUXWA6HObx8z3H1W1djjelsb
z1HqkT6JztnoZufCRsi+XsESnrdjuxZXcMQlQzUlW5NuR8BMXYVE+qAlMxWPb16F
f0NtWhIS/MuFZ/cFAip1RFsSVTTwIAsvmwKpdaPiqSXNdGtr4m5jMkgdfQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFHl9F1Gbc9XFKcvEOK9XDGFEsw2ZMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvZVgwWFVadHoxY1VweThRNHIxY01ZVVN6RFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAR/WlgME
ASUKRAMEASUKbgMEAj7d5AMEA1W+uAMEBFXe0AMEAFvQEQMEAl5+JAMEA22peAME
AYAAeAMEArksBAMEArkybAMEArlE8AMEArl7BAMEArl96AMEArnDeDANBAIAAjAH
AwUAKgFxoDANBgkqhkiG9w0BAQsFAAOCAQEAAEu4i8hE4RtGcllZpEUkRZrIsxjo
L9eJpEx4Usn3tDyfD1K9t0wXxVX9G7HvBtvP0+574NkUdpYQxbcj+AxVQpOwhGv/
gBJF+OOoC3IOTj0eOucCcu654ezDrM056R8ZFGIuXIaWby8jWpwnftGdcsvH3inW
Y9FRfH0Gaq8atXyq0ZWtkBz44k2OysEWaAEnBpzqVZd/LUmxp47t03hqEGYPhQCN
m5imZYWfAHJP3rcxrxvch1qFJ31LY8lC8T5G2JYb3GfHuHKXnGi+s2pafR/R7ehJ
wzMOHUoOD1ZyOOSvM3H80MjjkZtOsthcDLEME/B1sLYWKR5aodw6KvebOg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:07:05 2024 by rpki-client on console-fra.rpki-client.org