Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/eJOUnn-q7xPjRi_IbORt9LLD9Zo.roa
File: eJOUnn-q7xPjRi_IbORt9LLD9Zo.roa (raw, json)
Hash identifier: 62o0jVcYAo0g8+xO4Ge4twN264ZFta9AWXIuUVPvp2w=
Subject key identifier: 78:93:94:9E:7F:AA:EF:13:E3:46:2F:C8:6C:E4:6D:F4:B2:C3:F5:9A
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018ECA3703FE10E1E97C3CD4CA8889FEFF79
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/eJOUnn-q7xPjRi_IbORt9LLD9Zo.roa
Signing time: Wed 10 Apr 2024 22:53:06 +0000
ROA not before: Wed 10 Apr 2024 22:53:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 13:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ca:37:03:fe:10:e1:e9:7c:3c:d4:ca:88:89:fe:ff:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Apr 10 22:53:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7893949e7faaef13e3462fc86ce46df4b2c3f59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a6:4e:ee:86:e1:36:a6:00:30:41:38:83:f8:
30:9d:4c:19:5a:37:db:8c:a2:05:90:85:8b:be:d7:
95:d2:95:3d:49:e5:5e:88:41:e9:45:eb:88:f0:5a:
b2:3d:5a:d3:fa:fb:06:a2:0f:74:97:6b:4a:98:1b:
af:b0:16:c9:4f:fc:63:86:15:91:18:53:17:4d:69:
14:1d:7f:4f:31:58:52:98:38:a7:49:e8:94:f9:23:
0e:fa:6e:dc:f0:fe:f2:0c:11:32:79:64:01:8a:4c:
c5:24:7d:96:c0:44:8a:73:00:e7:b4:0a:ea:54:83:
12:2a:8f:7d:66:9b:07:e1:79:07:06:5d:b4:94:24:
20:5b:2d:e7:0a:fb:8b:8d:18:50:e7:9e:47:38:4b:
44:a9:19:af:d3:48:14:3c:d8:72:49:75:a7:37:a4:
cf:79:90:46:31:e5:f5:03:07:e1:21:04:65:42:a0:
6f:d0:4a:52:bb:df:3c:1f:65:d1:0a:14:8d:34:db:
c3:e4:0a:ab:9f:61:70:3e:23:9e:99:cb:93:4f:36:
d9:94:a2:90:f7:e8:04:2b:6b:ca:4f:20:8a:d5:b0:
48:42:52:6a:75:55:c2:d1:fe:f5:01:18:2a:b9:9e:
f4:44:9f:eb:d5:59:8c:52:fc:34:89:14:fa:a3:48:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:93:94:9E:7F:AA:EF:13:E3:46:2F:C8:6C:E4:6D:F4:B2:C3:F5:9A
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/eJOUnn-q7xPjRi_IbORt9LLD9Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
91.247.178.0/24
178.23.188.0/24
213.232.252.0/24
Signature Algorithm: sha256WithRSAEncryption
01:de:cc:ac:08:b4:31:0d:25:37:ae:ac:9a:a8:3a:fe:b8:cd:
1c:26:97:e5:b5:6c:5a:83:1f:3e:e1:42:aa:8d:ab:1b:22:40:
99:c6:3d:93:be:94:65:8c:af:ef:aa:51:c5:59:d4:20:2a:06:
8c:18:b3:d6:1a:2a:99:c6:5c:8d:e1:45:a3:00:a6:19:33:71:
5f:9d:ea:d7:4b:1b:10:4d:e8:f7:c9:c5:63:28:59:1b:00:b6:
20:21:d6:a8:29:43:45:d3:d2:37:27:6c:19:8f:ed:02:3c:08:
a0:aa:f9:34:d9:8d:13:a9:04:b9:fb:8e:e7:6e:4c:46:86:b1:
f1:d0:bf:dc:c0:55:4a:25:38:10:44:e7:de:ee:a3:0c:f1:9b:
ef:86:e1:63:2b:3e:5e:0c:23:3f:a4:0d:45:a4:ce:66:1d:04:
73:f7:03:3a:fc:bd:c2:2e:b2:55:6d:4c:0b:e7:88:40:57:56:
f1:c4:2e:6a:a5:bf:da:7a:d8:98:eb:6c:b7:6e:cc:12:2a:88:
8f:3d:6a:1a:e5:ab:4a:fb:08:fb:01:fc:cb:fc:72:86:61:f8:
fe:78:17:dd:39:e8:43:cf:6a:2c:72:ba:6b:26:6d:a0:28:6d:
29:a7:53:1d:f1:a4:0d:0a:ee:0b:48:4c:64:e7:42:e1:30:80:
51:1e:1e:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7KNwP+EOHpfDzUyoiJ/v95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwNDEwMjI1MzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODkzOTQ5ZTdmYWFlZjEzZTM0NjJmYzg2Y2U0NmRmNGIyYzNmNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKZO7obhNqYAMEE4g/gwnUwZWjfb
jKIFkIWLvteV0pU9SeVeiEHpReuI8FqyPVrT+vsGog90l2tKmBuvsBbJT/xjhhWR
GFMXTWkUHX9PMVhSmDinSeiU+SMO+m7c8P7yDBEyeWQBikzFJH2WwESKcwDntArq
VIMSKo99ZpsH4XkHBl20lCQgWy3nCvuLjRhQ555HOEtEqRmv00gUPNhySXWnN6TP
eZBGMeX1AwfhIQRlQqBv0EpSu988H2XRChSNNNvD5Aqrn2FwPiOemcuTTzbZlKKQ
9+gEK2vKTyCK1bBIQlJqdVXC0f71ARgquZ70RJ/r1VmMUvw0iRT6o0iNFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHiTlJ5/qu8T40YvyGzkbfSyw/WaMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvZUpPVW5uLXE3eFBqUmlfSWJPUnQ5TExEOVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVPZvAwQA
W/eyAwQAshe8AwQA1ej8MA0GCSqGSIb3DQEBCwUAA4IBAQAB3sysCLQxDSU3rqya
qDr+uM0cJpfltWxagx8+4UKqjasbIkCZxj2TvpRljK/vqlHFWdQgKgaMGLPWGiqZ
xlyN4UWjAKYZM3FfnerXSxsQTej3ycVjKFkbALYgIdaoKUNF09I3J2wZj+0CPAig
qvk02Y0TqQS5+47nbkxGhrHx0L/cwFVKJTgQROfe7qMM8ZvvhuFjKz5eDCM/pA1F
pM5mHQRz9wM6/L3CLrJVbUwL54hAV1bxxC5qpb/aetiY62y3bswSKoiPPWoa5atK
+wj7AfzL/HKGYfj+eBfdOehDz2oscrprJm2gKG0pp1Md8aQNCu4LSExk50LhMIBR
Hh5p
-----END CERTIFICATE-----
Generated at Mon May 13 17:18:59 2024 by rpki-client on console-ams.rpki-client.org