Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/ge8gIbwTZ0yGs5kexWg3JeEqYMY.roa
File: ge8gIbwTZ0yGs5kexWg3JeEqYMY.roa (raw, json)
Hash identifier: YMvVUpCZ8sVmDDYcTKxh/cug1jc+eYVRE0NQnI0M9Uc=
Subject key identifier: 81:EF:20:21:BC:13:67:4C:86:B3:99:1E:C5:68:37:25:E1:2A:60:C6
Certificate issuer: /CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Certificate serial: 019078D6C155CF2542900CC1D6E7899103E1
Authority key identifier: B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/ge8gIbwTZ0yGs5kexWg3JeEqYMY.roa
Signing time: Wed 03 Jul 2024 13:44:18 +0000
ROA not before: Wed 03 Jul 2024 13:44:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42073
IP address blocks: 185.64.92.0/22 maxlen: 22
194.39.240.0/24 maxlen: 24
194.102.202.0/24 maxlen: 24
194.169.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/sV49wOv7EOu5QZdFRzLveGrHW3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/sV49wOv7EOu5QZdFRzLveGrHW3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:d6:c1:55:cf:25:42:90:0c:c1:d6:e7:89:91:03:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Validity
Not Before: Jul 3 13:44:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ef2021bc13674c86b3991ec5683725e12a60c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:b4:a5:aa:09:82:f8:88:67:c3:00:b9:85:
41:e2:79:c7:dc:95:2a:31:00:13:cf:ac:7f:4c:0e:
df:7a:c1:0f:ed:04:39:de:e7:30:07:41:ab:6c:bb:
37:52:11:20:09:30:2d:23:8c:21:54:79:f9:a2:91:
27:8e:9d:fc:ba:c4:8f:4e:bc:45:13:f7:e8:d0:9d:
e0:32:a7:7a:8b:e6:50:a6:5f:a6:a2:7b:64:34:4f:
dd:49:ca:37:eb:6a:9b:f5:13:38:b9:ca:33:fc:5b:
5a:98:9a:df:3e:e1:de:1f:5d:86:c3:b8:4c:dd:3b:
e3:a0:96:3b:62:79:0c:e3:90:0f:ac:ee:4d:93:b5:
2b:01:77:31:6c:df:d7:ca:54:68:c5:8f:3f:86:77:
57:3e:20:60:92:e4:00:9e:ce:e4:37:31:5e:47:31:
8b:15:85:ee:01:ee:89:63:ed:46:d9:fe:dd:a9:25:
01:ed:50:f1:b6:df:34:54:4b:73:68:6b:31:64:66:
fd:b6:fc:4e:62:3a:42:5a:9a:a8:38:83:16:f4:ad:
a2:18:b4:63:a7:ea:50:a3:67:51:b3:6d:d3:a5:1b:
22:5c:64:3e:e8:95:ca:27:71:c6:b8:8d:c5:cf:ca:
2d:29:92:c7:b7:07:6a:57:43:27:85:36:bd:8a:9b:
3e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EF:20:21:BC:13:67:4C:86:B3:99:1E:C5:68:37:25:E1:2A:60:C6
X509v3 Authority Key Identifier:
keyid:B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/ge8gIbwTZ0yGs5kexWg3JeEqYMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/sV49wOv7EOu5QZdFRzLveGrHW3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.92.0/22
194.39.240.0/24
194.102.202.0/24
194.169.233.0/24
Signature Algorithm: sha256WithRSAEncryption
43:18:4c:64:bc:74:39:70:29:d4:1b:7a:2a:d4:de:99:4d:d0:
af:f1:88:53:5f:20:84:a8:e6:14:c8:cb:df:95:55:ad:b1:91:
59:41:c6:f1:12:5c:07:61:ca:c0:fe:db:d4:0d:7e:b3:77:d5:
48:d8:8c:e6:7b:2b:c6:04:21:50:7f:c3:fe:d5:54:16:98:c6:
98:9c:ba:a5:cf:7c:00:07:8f:66:2c:d6:7a:1a:8f:d8:4e:5c:
a9:a5:13:f5:4a:39:41:88:07:e0:f8:8a:cd:e2:fa:1c:c5:ad:
ff:a1:29:79:be:7b:83:06:c1:80:46:f5:04:4c:b9:ae:b4:92:
ab:8d:85:39:76:cd:42:9a:00:0d:45:67:09:b8:64:e0:9f:c0:
8b:9b:75:f1:29:07:08:00:6d:a9:24:87:9c:74:5a:39:47:cc:
4d:32:89:54:1f:97:1e:f5:eb:0f:b4:e8:31:d6:78:c7:3a:04:
65:4d:20:1d:d4:58:6c:ec:df:5c:6d:8d:ef:71:57:ea:0c:e7:
e3:b8:89:3d:1d:9d:a7:ee:b2:d4:8e:76:f0:2e:3a:0d:1c:3d:
f1:40:8d:0f:a0:2a:c9:ae:16:a0:5a:7f:8b:3a:4b:67:12:fa:
ef:a0:df:a1:d1:ae:64:cc:40:eb:35:e4:87:df:3f:82:e8:c9:
62:d1:63:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB41sFVzyVCkAzB1ueJkQPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNWUzZGMwZWJmYjEwZWJiOTQxOTc0NTQ3MzJlZjc4NmFj
NzViNzAwHhcNMjQwNzAzMTM0NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVmMjAyMWJjMTM2NzRjODZiMzk5MWVjNTY4MzcyNWUxMmE2MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL+0paoJgviIZ8MAuYVB4nnH3JUq
MQATz6x/TA7fesEP7QQ53ucwB0GrbLs3UhEgCTAtI4whVHn5opEnjp38usSPTrxF
E/fo0J3gMqd6i+ZQpl+montkNE/dSco362qb9RM4ucoz/FtamJrfPuHeH12Gw7hM
3TvjoJY7YnkM45APrO5Nk7UrAXcxbN/XylRoxY8/hndXPiBgkuQAns7kNzFeRzGL
FYXuAe6JY+1G2f7dqSUB7VDxtt80VEtzaGsxZGb9tvxOYjpCWpqoOIMW9K2iGLRj
p+pQo2dRs23TpRsiXGQ+6JXKJ3HGuI3Fz8otKZLHtwdqV0MnhTa9ips+1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIHvICG8E2dMhrOZHsVoNyXhKmDGMB8GA1UdIwQY
MBaAFLFePcDr+xDruUGXRUcy73hqx1twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYt
MWQwMDdiZTljZGQ4LzEvZ2U4Z0lid1RaMHlHczVrZXhXZzNKZUVxWU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYtMWQwMDdiZTljZGQ4
LzEvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuUBcAwQA
wifwAwQAwmbKAwQAwqnpMA0GCSqGSIb3DQEBCwUAA4IBAQBDGExkvHQ5cCnUG3oq
1N6ZTdCv8YhTXyCEqOYUyMvflVWtsZFZQcbxElwHYcrA/tvUDX6zd9VI2IzmeyvG
BCFQf8P+1VQWmMaYnLqlz3wAB49mLNZ6Go/YTlyppRP1SjlBiAfg+IrN4vocxa3/
oSl5vnuDBsGARvUETLmutJKrjYU5ds1CmgANRWcJuGTgn8CLm3XxKQcIAG2pJIec
dFo5R8xNMolUH5ce9esPtOgx1njHOgRlTSAd1Fhs7N9cbY3vcVfqDOfjuIk9HZ2n
7rLUjnbwLjoNHD3xQI0PoCrJrhagWn+LOktnEvrvoN+h0a5kzEDrNeSH3z+C6Mli
0WOi
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:18 2024 by rpki-client on console-ams.rpki-client.org