Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/eA9hdjYTwO5lNK3NbbS59sWVZWQ.roa
File: eA9hdjYTwO5lNK3NbbS59sWVZWQ.roa (raw, json)
Hash identifier: FExRic7tUzOr3pjRMbiAftlvKQxmD3zIaVMnJhYSWDo=
Subject key identifier: 78:0F:61:76:36:13:C0:EE:65:34:AD:CD:6D:B4:B9:F6:C5:95:65:64
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 018CC6B934758AF67384550FC1C26FE4027B
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/eA9hdjYTwO5lNK3NbbS59sWVZWQ.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 164.18.96.0/21 maxlen: 21
2a07:b982:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 10:03:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:34:75:8a:f6:73:84:55:0f:c1:c2:6f:e4:02:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=780f61763613c0ee6534adcd6db4b9f6c5956564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f2:fd:cb:9b:33:92:d3:2f:65:05:10:ab:c8:
83:a1:81:4c:38:7e:d8:dd:db:b7:d1:24:dc:2d:4f:
d1:74:ba:0e:c1:ce:ec:4c:e7:b4:32:08:9f:7c:54:
9f:61:e1:b8:94:31:17:e7:88:e2:e4:00:e1:2f:84:
de:4d:d4:78:bd:18:11:ec:ee:03:d1:5e:36:e1:90:
b5:20:42:5b:a9:9b:a7:e2:a1:0e:1d:a3:26:75:2e:
cd:f0:6a:a3:1c:36:39:09:99:50:8f:6f:cc:3f:fb:
29:38:27:72:c9:71:df:9a:97:f9:2b:83:b2:77:cd:
cf:c4:56:36:cc:f5:d2:c3:6e:1e:f7:21:6c:07:9f:
2c:05:d1:b3:ce:24:5c:8d:c7:11:a6:d2:0d:ad:d4:
81:c5:7d:35:7d:7e:b1:ad:94:48:1b:6a:ac:f5:3a:
c3:83:ce:5e:7e:b5:b8:0c:9c:37:6f:ff:de:2c:b4:
70:d9:61:1d:3b:3b:0f:4d:1a:f0:38:31:ce:47:de:
a6:62:8a:9d:07:f5:55:b8:8a:7e:01:36:40:b1:b5:
e8:c6:3a:d7:ce:ce:41:f5:da:49:5f:d4:91:c8:14:
a3:4e:b5:4b:ff:02:d4:ea:be:90:fe:93:25:05:58:
96:58:20:49:4f:7c:6b:5d:eb:e7:32:b6:98:0a:85:
2c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0F:61:76:36:13:C0:EE:65:34:AD:CD:6D:B4:B9:F6:C5:95:65:64
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/eA9hdjYTwO5lNK3NbbS59sWVZWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.96.0/21
IPv6:
2a07:b982:c000::/48
Signature Algorithm: sha256WithRSAEncryption
74:92:d5:dc:b7:30:ba:da:c6:34:d8:d9:34:b4:3e:4b:b3:a5:
c4:ae:cc:92:4a:c9:e9:67:44:2d:e6:60:24:74:16:6e:3e:5f:
1b:33:15:83:87:af:ee:bf:b1:83:aa:e4:91:e1:2f:74:55:dd:
cb:c9:fe:06:3b:f1:b2:65:62:89:4d:20:fb:05:dc:d9:5d:b6:
61:10:75:0f:c0:bb:5f:27:0c:4d:b9:38:7b:57:e1:8c:2e:05:
2f:43:c3:25:cc:55:29:53:bc:47:17:d8:27:c6:19:80:e2:3c:
08:c5:85:93:f1:36:b7:01:ea:0b:c4:dd:74:42:2e:f3:c3:00:
39:0a:9b:9f:01:e3:c1:6a:be:02:30:90:36:03:8e:d5:bc:b1:
cb:44:83:97:2b:2d:49:ee:56:54:73:6f:34:00:a2:41:e5:45:
5b:5f:3b:22:a5:6f:c4:88:6e:68:0b:c8:b2:9f:5a:c7:83:ab:
40:25:59:2d:c2:a1:d9:11:8e:90:dd:b2:d8:f8:33:c1:a4:8c:
f0:ff:6a:97:0a:87:10:eb:73:e3:28:20:71:aa:62:31:92:d1:
9d:8e:c6:49:6f:b3:42:87:71:6f:c1:23:be:2b:b8:59:98:98:
03:f9:be:0c:da:1a:de:74:82:33:05:3b:99:76:42:a5:ca:4e:
38:29:5c:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuTR1ivZzhFUPwcJv5AJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBmNjE3NjM2MTNjMGVlNjUzNGFkY2Q2ZGI0YjlmNmM1OTU2NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vL9y5szktMvZQUQq8iDoYFMOH7Y
3du30STcLU/RdLoOwc7sTOe0MgiffFSfYeG4lDEX54ji5ADhL4TeTdR4vRgR7O4D
0V424ZC1IEJbqZun4qEOHaMmdS7N8GqjHDY5CZlQj2/MP/spOCdyyXHfmpf5K4Oy
d83PxFY2zPXSw24e9yFsB58sBdGzziRcjccRptINrdSBxX01fX6xrZRIG2qs9TrD
g85efrW4DJw3b//eLLRw2WEdOzsPTRrwODHOR96mYoqdB/VVuIp+ATZAsbXoxjrX
zs5B9dpJX9SRyBSjTrVL/wLU6r6Q/pMlBViWWCBJT3xrXevnMraYCoUsDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHgPYXY2E8DuZTStzW20ufbFlWVkMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvZUE5aGRqWVR3TzVsTkszTmJiUzU5c1dWWldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDpBJgMA8E
AgACMAkDBwAqB7mCwAAwDQYJKoZIhvcNAQELBQADggEBAHSS1dy3MLraxjTY2TS0
PkuzpcSuzJJKyelnRC3mYCR0Fm4+XxszFYOHr+6/sYOq5JHhL3RV3cvJ/gY78bJl
YolNIPsF3NldtmEQdQ/Au18nDE25OHtX4YwuBS9DwyXMVSlTvEcX2CfGGYDiPAjF
hZPxNrcB6gvE3XRCLvPDADkKm58B48FqvgIwkDYDjtW8sctEg5crLUnuVlRzbzQA
okHlRVtfOyKlb8SIbmgLyLKfWseDq0AlWS3CodkRjpDdstj4M8GkjPD/apcKhxDr
c+MoIHGqYjGS0Z2Oxklvs0KHcW/BI74ruFmYmAP5vgzaGt50gjMFO5l2QqXKTjgp
XKk=
-----END CERTIFICATE-----
Generated at Sun May 12 12:22:22 2024 by rpki-client on console-fra.rpki-client.org