Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/E9tGRrqzn3kxerqSfSL4FQkDUjk.roa
File: E9tGRrqzn3kxerqSfSL4FQkDUjk.roa (raw, json)
Hash identifier: KNu1yQBlDmpi2WhU+zm77dVktytu83kBZblpRr5EPQQ=
Subject key identifier: 13:DB:46:46:BA:B3:9F:79:31:7A:BA:92:7D:22:F8:15:09:03:52:39
Certificate issuer: /CN=2a0254bae699a6c6fcb67ee4ba3b01d02f18099d
Certificate serial: 018CC42469A71FF887E2E0B5E2E12F080E26
Authority key identifier: 2A:02:54:BA:E6:99:A6:C6:FC:B6:7E:E4:BA:3B:01:D0:2F:18:09:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgJUuuaZpsb8tn7kujsB0C8YCZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/E9tGRrqzn3kxerqSfSL4FQkDUjk.roa
Signing time: Mon 01 Jan 2024 08:29:29 +0000
ROA not before: Mon 01 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206668
IP address blocks: 185.179.124.0/24 maxlen: 24
185.179.125.0/24 maxlen: 24
185.179.127.0/24 maxlen: 24
185.179.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/KgJUuuaZpsb8tn7kujsB0C8YCZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/KgJUuuaZpsb8tn7kujsB0C8YCZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgJUuuaZpsb8tn7kujsB0C8YCZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:69:a7:1f:f8:87:e2:e0:b5:e2:e1:2f:08:0e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a0254bae699a6c6fcb67ee4ba3b01d02f18099d
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13db4646bab39f79317aba927d22f81509035239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:40:dd:c7:6d:07:a0:63:14:59:c7:05:e3:53:
dc:ec:52:20:85:43:87:b5:10:55:06:17:05:31:f5:
81:98:d9:7f:f4:3d:7b:a2:d0:51:a9:94:3c:b6:6c:
15:4a:c1:8d:75:77:8a:42:c5:1c:66:8d:b3:ee:8e:
55:af:15:0f:96:2e:e0:0b:0a:32:72:e1:64:0b:2a:
99:95:25:78:b5:fc:2a:b2:40:56:06:ed:e8:2d:dc:
ec:d7:a9:3f:ab:62:1f:f6:18:72:c9:f0:aa:81:ec:
9e:fb:42:2a:ad:bd:d1:0f:d5:c8:ff:dd:d8:f6:65:
c2:24:7a:a5:de:f5:8e:c6:45:c8:f4:fe:5c:32:65:
60:80:04:55:22:b8:d6:77:32:2f:14:dd:bd:47:62:
7c:c2:17:0d:ba:62:f8:75:e5:b3:55:ac:7c:bc:3b:
6c:a7:6a:d4:6a:ef:a7:c9:d1:9d:35:a4:12:60:18:
e8:92:ff:f9:0c:99:ce:f0:f3:91:3d:9d:6f:80:cf:
d8:03:67:07:2a:04:47:6d:a6:97:65:63:39:42:5a:
ba:cc:69:4c:71:c7:e9:a0:bc:ba:63:d8:4e:6c:2f:
60:8f:ba:a1:0b:0b:5e:fd:8c:a1:74:3c:d6:08:7a:
1f:5b:3b:3c:c5:58:b2:d3:3c:72:c5:33:34:94:82:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DB:46:46:BA:B3:9F:79:31:7A:BA:92:7D:22:F8:15:09:03:52:39
X509v3 Authority Key Identifier:
keyid:2A:02:54:BA:E6:99:A6:C6:FC:B6:7E:E4:BA:3B:01:D0:2F:18:09:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgJUuuaZpsb8tn7kujsB0C8YCZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/E9tGRrqzn3kxerqSfSL4FQkDUjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e4c8bc-5ba3-4fc2-bf4a-a5581b3be0ce/1/KgJUuuaZpsb8tn7kujsB0C8YCZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.124.0/22
Signature Algorithm: sha256WithRSAEncryption
61:fd:ed:b2:7d:48:02:44:8c:bf:f2:58:42:21:5f:de:25:7f:
5d:e7:61:71:69:a1:46:27:62:86:95:06:a6:81:f6:21:c5:da:
2d:c2:67:8b:b5:7d:13:22:72:bc:3a:a4:f2:70:77:25:6a:1c:
e1:51:f4:ad:3c:1f:af:54:6a:36:2c:b7:f4:b1:80:11:7f:13:
34:10:a6:00:04:7f:7d:ac:61:3d:e0:11:1a:c1:dd:b9:da:b8:
5b:30:2b:9d:d6:34:9e:42:cc:9d:a6:8a:45:a2:58:04:ec:40:
f3:a1:91:fc:15:c5:54:ca:f2:86:48:42:fc:ad:bf:59:0e:de:
b6:00:65:5f:5f:94:4a:c3:8c:79:de:fc:62:09:6e:67:fd:f9:
dc:4f:b6:2c:ee:a9:f4:64:d9:10:85:3e:88:ce:52:0d:4c:c7:
3c:5d:6d:91:fd:a9:8c:7a:73:02:63:c1:8f:50:f1:6d:9a:56:
d4:59:46:00:26:f6:88:c6:eb:db:8f:f5:e7:81:60:d0:ac:88:
17:ac:6c:5c:18:41:bd:f8:c7:2a:c0:7a:a9:b2:6d:5a:05:24:
30:09:91:12:04:47:f3:b9:10:27:7e:65:3c:36:e8:97:1d:cf:
52:44:91:20:ef:68:b2:22:b5:f6:fe:f3:da:83:97:5d:f4:63:
91:63:cf:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGmnH/iH4uC14uEvCA4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDI1NGJhZTY5OWE2YzZmY2I2N2VlNGJhM2IwMWQwMmYx
ODA5OWQwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RiNDY0NmJhYjM5Zjc5MzE3YWJhOTI3ZDIyZjgxNTA5MDM1MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkDdx20HoGMUWccF41Pc7FIghUOH
tRBVBhcFMfWBmNl/9D17otBRqZQ8tmwVSsGNdXeKQsUcZo2z7o5VrxUPli7gCwoy
cuFkCyqZlSV4tfwqskBWBu3oLdzs16k/q2If9hhyyfCqgeye+0Iqrb3RD9XI/93Y
9mXCJHql3vWOxkXI9P5cMmVggARVIrjWdzIvFN29R2J8whcNumL4deWzVax8vDts
p2rUau+nydGdNaQSYBjokv/5DJnO8PORPZ1vgM/YA2cHKgRHbaaXZWM5Qlq6zGlM
ccfpoLy6Y9hObC9gj7qhCwte/YyhdDzWCHofWzs8xViy0zxyxTM0lILJlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPbRka6s595MXq6kn0i+BUJA1I5MB8GA1UdIwQY
MBaAFCoCVLrmmabG/LZ+5Lo7AdAvGAmdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dKVXV1YVpwc2I4dG43a3Vqc0IwQzhZQ1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lNGM4YmMtNWJhMy00ZmMyLWJmNGEt
YTU1ODFiM2JlMGNlLzEvRTl0R1JycXpuM2t4ZXJxU2ZTTDRGUWtEVWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lNGM4YmMtNWJhMy00ZmMyLWJmNGEtYTU1ODFiM2JlMGNl
LzEvS2dKVXV1YVpwc2I4dG43a3Vqc0IwQzhZQ1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubN8MA0G
CSqGSIb3DQEBCwUAA4IBAQBh/e2yfUgCRIy/8lhCIV/eJX9d52FxaaFGJ2KGlQam
gfYhxdotwmeLtX0TInK8OqTycHclahzhUfStPB+vVGo2LLf0sYARfxM0EKYABH99
rGE94BEawd252rhbMCud1jSeQsydpopFolgE7EDzoZH8FcVUyvKGSEL8rb9ZDt62
AGVfX5RKw4x53vxiCW5n/fncT7Ys7qn0ZNkQhT6IzlINTMc8XW2R/amMenMCY8GP
UPFtmlbUWUYAJvaIxuvbj/XngWDQrIgXrGxcGEG9+McqwHqpsm1aBSQwCZESBEfz
uRAnfmU8NuiXHc9SRJEg72iyIrX2/vPag5dd9GORY88u
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:00:29 2024 by rpki-client on console-ams.rpki-client.org