Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-EbYyYVCvILZeyHtEcWQtNLUYT0.roa
File: 1-EbYyYVCvILZeyHtEcWQtNLUYT0.roa (raw, json)
Hash identifier: evU/6mzOSoDSbf9gAICrAAru3xbqNMyYIjgClh0VNr4=
Subject key identifier: F8:46:D8:C9:85:42:BC:82:D9:7B:21:ED:11:C5:90:B4:D2:D4:61:3D
Certificate issuer: /CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Certificate serial: 018CC4246464F5CD37FEE6FA9DC8D0A024CA
Authority key identifier: D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-EbYyYVCvILZeyHtEcWQtNLUYT0.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33987
IP address blocks: 84.21.224.0/21 maxlen: 21
84.21.232.0/23 maxlen: 23
84.21.234.0/23 maxlen: 23
84.21.238.0/23 maxlen: 23
84.21.236.0/23 maxlen: 23
84.21.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-q6U9bfurTpdhIMHiAmi7_ooOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-q6U9bfurTpdhIMHiAmi7_ooOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:64:64:f5:cd:37:fe:e6:fa:9d:c8:d0:a0:24:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f846d8c98542bc82d97b21ed11c590b4d2d4613d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:54:fa:f0:4a:e3:32:81:3a:c3:50:f0:74:92:
5b:ae:ca:2d:37:62:9a:ed:17:e3:34:63:25:a9:f7:
fc:67:18:f5:41:47:01:7a:88:94:e4:dc:f6:c6:35:
43:76:fb:12:c1:ff:1b:db:b1:c9:7a:44:b0:07:69:
fb:40:98:20:20:78:01:c2:36:5d:06:7e:0e:70:4d:
12:cc:13:9e:db:db:b3:75:51:f5:bd:c5:cd:e4:ff:
dc:de:ba:70:dc:83:6c:93:fb:02:a7:3e:53:a3:ef:
53:0d:ca:4d:ab:c2:29:87:f0:71:b2:6b:c0:d0:c6:
d9:bd:b1:80:de:ae:4d:ef:05:2a:20:ef:77:c8:57:
c7:27:a2:df:4b:e4:80:d3:54:49:99:91:14:b0:2b:
4f:61:21:23:38:13:9b:2f:50:a7:15:2f:39:5b:e2:
e4:a5:b3:52:10:88:2a:7a:00:a0:96:53:cb:65:21:
67:5d:09:84:1a:b5:b7:3a:08:07:39:54:2b:c6:01:
3c:d1:6f:b9:5a:9c:e5:5a:17:e3:5d:a1:dd:a0:1d:
21:01:ed:9c:e9:7c:a3:5c:37:cc:1b:71:86:b0:04:
a7:eb:65:f4:a5:e9:46:30:87:73:8a:42:26:e6:ad:
08:88:e4:20:ff:cf:21:a5:2a:12:2c:dc:a2:62:08:
53:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:46:D8:C9:85:42:BC:82:D9:7B:21:ED:11:C5:90:B4:D2:D4:61:3D
X509v3 Authority Key Identifier:
keyid:D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-EbYyYVCvILZeyHtEcWQtNLUYT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-q6U9bfurTpdhIMHiAmi7_ooOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.224.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:28:13:ea:50:bb:47:29:c8:30:ec:43:be:4e:35:25:04:82:
5d:f1:7d:8a:ad:c1:62:93:71:75:d2:73:dc:ed:a1:6f:7b:28:
47:33:3a:a0:5c:8e:dc:2c:e7:d1:d9:bd:25:1b:70:74:1d:70:
e1:8b:01:f6:26:bc:f5:77:38:23:1a:47:4e:f6:3c:8f:cb:34:
7b:a1:0a:c7:bd:e6:93:8f:a1:95:d3:a0:39:fb:e0:33:19:37:
27:f5:d0:62:f5:28:b0:6b:36:17:e5:14:39:3b:b2:2e:86:e6:
5b:03:94:06:5e:72:50:6e:5d:40:84:fd:36:56:26:e1:14:35:
8d:9b:f3:b9:50:28:1f:54:7e:e8:27:c5:9e:03:01:2e:5a:a6:
18:56:ae:bd:6e:e1:7f:db:6d:73:96:10:11:89:40:8d:f7:a4:
8e:13:84:2e:03:1d:e4:86:b9:34:7f:44:da:af:96:fc:dd:e0:
90:ed:bc:ea:fb:33:1d:15:5d:d5:7e:de:df:96:6d:d6:4a:ce:
90:c4:07:03:bc:72:83:a2:f0:2f:95:40:ab:58:fb:c3:0a:a9:
24:98:9a:e4:65:8d:ae:1c:32:ec:5d:81:21:fc:dd:4b:d2:ae:
e6:9f:6f:83:af:71:4d:2e:6a:27:d5:46:53:77:83:ec:38:7d:
60:a9:86:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJGRk9c03/ub6ncjQoCTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZWFiYTUzZDZkZmJhYjRlOTc2MTIwYzFlMjAyNjhiYmZl
OGEwZTAwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQ2ZDhjOTg1NDJiYzgyZDk3YjIxZWQxMWM1OTBiNGQyZDQ2MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVT68ErjMoE6w1DwdJJbrsotN2Ka
7RfjNGMlqff8Zxj1QUcBeoiU5Nz2xjVDdvsSwf8b27HJekSwB2n7QJggIHgBwjZd
Bn4OcE0SzBOe29uzdVH1vcXN5P/c3rpw3INsk/sCpz5To+9TDcpNq8Iph/BxsmvA
0MbZvbGA3q5N7wUqIO93yFfHJ6LfS+SA01RJmZEUsCtPYSEjOBObL1CnFS85W+Lk
pbNSEIgqegCgllPLZSFnXQmEGrW3OggHOVQrxgE80W+5WpzlWhfjXaHdoB0hAe2c
6XyjXDfMG3GGsASn62X0pelGMIdzikIm5q0IiOQg/88hpSoSLNyiYghT2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhG2MmFQryC2Xsh7RHFkLTS1GE9MB8GA1UdIwQY
MBaAFNfqulPW37q06XYSDB4gJou/6KDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xNlU5YmZ1clRwZGhJTUhpQW1pN19vb09BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85YWZlMzUtMGUzZi00ZDcwLWIxYTQt
MmFlNzkzZGE0NzcwLzEvMS1FYll5WVZDdklMWmV5SHRFY1dRdE5MVVlUMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOWFmZTM1LTBlM2YtNGQ3MC1iMWE0LTJhZTc5M2RhNDc3
MC8xLzEtcTZVOWJmdXJUcGRoSU1IaUFtaTdfb29PQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVQV4DAN
BgkqhkiG9w0BAQsFAAOCAQEAWigT6lC7RynIMOxDvk41JQSCXfF9iq3BYpNxddJz
3O2hb3soRzM6oFyO3Czn0dm9JRtwdB1w4YsB9ia89Xc4IxpHTvY8j8s0e6EKx73m
k4+hldOgOfvgMxk3J/XQYvUosGs2F+UUOTuyLobmWwOUBl5yUG5dQIT9NlYm4RQ1
jZvzuVAoH1R+6CfFngMBLlqmGFauvW7hf9ttc5YQEYlAjfekjhOELgMd5Ia5NH9E
2q+W/N3gkO286vszHRVd1X7e35Zt1krOkMQHA7xyg6LwL5VAq1j7wwqpJJia5GWN
rhwy7F2BIfzdS9Ku5p9vg69xTS5qJ9VGU3eD7Dh9YKmGlg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:00:20 2024 by rpki-client on console-ams.rpki-client.org