Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/4NhSO1Srxh0QcIIGOuBW4cCsKW4.roa
File: 4NhSO1Srxh0QcIIGOuBW4cCsKW4.roa (raw, json)
Hash identifier: ITHCxWRTKGTR4zuwSDSYP7BoIl187hbmaw3D/uOqBXw=
Subject key identifier: E0:D8:52:3B:54:AB:C6:1D:10:70:82:06:3A:E0:56:E1:C0:AC:29:6E
Certificate issuer: /CN=eb0d53c87071484971aedfd90ca6ecc656a96e4c
Certificate serial: 018CC56E05FFA94B514C443C5B726C398861
Authority key identifier: EB:0D:53:C8:70:71:48:49:71:AE:DF:D9:0C:A6:EC:C6:56:A9:6E:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6w1TyHBxSElxrt_ZDKbsxlapbkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/4NhSO1Srxh0QcIIGOuBW4cCsKW4.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203215
IP address blocks: 192.166.11.0/24 maxlen: 24
192.166.10.0/24 maxlen: 24
192.166.9.0/24 maxlen: 24
192.166.8.0/22 maxlen: 22
192.166.8.0/24 maxlen: 24
2a0c:7ac0::/29 maxlen: 29
2a0c:7ac0:9000::/36 maxlen: 48
2a0c:7ac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/6w1TyHBxSElxrt_ZDKbsxlapbkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/6w1TyHBxSElxrt_ZDKbsxlapbkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6w1TyHBxSElxrt_ZDKbsxlapbkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:05:ff:a9:4b:51:4c:44:3c:5b:72:6c:39:88:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb0d53c87071484971aedfd90ca6ecc656a96e4c
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0d8523b54abc61d107082063ae056e1c0ac296e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:13:5f:75:cd:7c:0d:97:55:26:9b:d7:fd:e1:
7f:99:5a:e1:d5:4c:46:00:0d:48:83:04:15:8c:30:
39:58:11:74:a7:83:14:06:f7:ff:2a:ae:f1:5d:a9:
27:b5:25:4d:a6:13:15:90:03:c3:dd:ac:ef:ee:22:
43:79:51:25:78:f7:66:33:d9:a1:1a:d6:46:18:a6:
c3:c3:26:4f:ad:01:e9:be:68:48:35:dc:4d:de:8e:
ad:42:ce:bf:8a:26:7a:a0:4f:2a:a0:f9:2d:e3:1d:
04:fc:1c:a9:30:a1:52:d9:20:81:c8:ac:c3:5c:87:
9c:90:c5:ad:90:b2:42:7f:dd:2a:26:c1:57:f8:74:
1a:c9:bc:8c:cf:c6:c6:7e:23:aa:df:e1:27:81:49:
3c:9f:d0:0d:f9:25:e1:23:34:15:02:3b:34:8a:5c:
5e:fc:c5:45:e7:30:ea:ab:f9:8d:6e:ec:51:47:37:
84:53:3c:cf:76:d7:9b:7c:d8:1b:91:89:7c:c6:94:
bb:b8:72:04:b4:86:07:30:dc:c5:9f:f7:f9:b6:91:
78:dc:d4:23:35:eb:26:7a:fc:79:a8:be:cc:34:da:
1c:ea:2c:bc:fb:71:f1:5f:98:8b:8b:e4:63:32:ad:
38:35:42:75:72:b8:5f:63:c7:70:05:01:1c:5d:2f:
33:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D8:52:3B:54:AB:C6:1D:10:70:82:06:3A:E0:56:E1:C0:AC:29:6E
X509v3 Authority Key Identifier:
keyid:EB:0D:53:C8:70:71:48:49:71:AE:DF:D9:0C:A6:EC:C6:56:A9:6E:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6w1TyHBxSElxrt_ZDKbsxlapbkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/4NhSO1Srxh0QcIIGOuBW4cCsKW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/6w1TyHBxSElxrt_ZDKbsxlapbkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.8.0/22
IPv6:
2a0c:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:23:7e:c4:8d:82:43:6b:fb:46:76:63:99:d3:75:21:dd:52:
8d:c3:2b:e1:99:bd:0f:2f:61:b3:6a:4b:f6:9f:bc:3a:2b:15:
be:9c:49:01:45:9c:f6:a0:04:ff:51:58:5d:3a:d9:71:d0:bc:
bd:92:a5:ee:8a:3b:c9:83:b4:50:d0:0b:e4:1d:e8:d4:2a:25:
28:7d:46:f2:8a:7c:8e:cf:52:09:93:f1:03:a3:2b:7a:2f:73:
49:46:b9:b4:42:40:25:46:00:5e:57:e8:47:1f:7f:36:ff:6b:
34:91:fe:29:7c:42:ca:2d:e4:5b:e2:93:57:72:f6:b1:ad:15:
3e:cf:91:5e:74:3e:71:b0:9d:d4:2e:25:1e:08:6a:d1:8b:ca:
55:d9:45:f4:a7:ca:0a:4c:b7:70:a7:61:cb:db:b5:81:f3:2b:
0d:9e:64:b6:0b:05:83:fd:75:0c:aa:2f:67:76:40:a9:ea:11:
50:27:36:24:a0:52:19:a0:be:b9:71:95:10:85:21:ad:b6:a9:
fa:d8:80:ae:93:65:b1:8a:62:6d:98:91:2c:a3:42:9c:32:ac:
f6:a9:e3:f8:83:d1:48:d2:78:73:7e:5a:46:c5:6a:a6:c4:ed:
74:f7:c3:e1:c5:e2:d0:75:5d:06:ce:8f:55:2f:01:29:bb:c9:
94:fc:e8:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbgX/qUtRTEQ8W3JsOYhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMGQ1M2M4NzA3MTQ4NDk3MWFlZGZkOTBjYTZlY2M2NTZh
OTZlNGMwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ4NTIzYjU0YWJjNjFkMTA3MDgyMDYzYWUwNTZlMWMwYWMyOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBNfdc18DZdVJpvX/eF/mVrh1UxG
AA1IgwQVjDA5WBF0p4MUBvf/Kq7xXakntSVNphMVkAPD3azv7iJDeVElePdmM9mh
GtZGGKbDwyZPrQHpvmhINdxN3o6tQs6/iiZ6oE8qoPkt4x0E/BypMKFS2SCByKzD
XIeckMWtkLJCf90qJsFX+HQaybyMz8bGfiOq3+EngUk8n9AN+SXhIzQVAjs0ilxe
/MVF5zDqq/mNbuxRRzeEUzzPdtebfNgbkYl8xpS7uHIEtIYHMNzFn/f5tpF43NQj
Nesmevx5qL7MNNoc6iy8+3HxX5iLi+RjMq04NUJ1crhfY8dwBQEcXS8ztQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFODYUjtUq8YdEHCCBjrgVuHArCluMB8GA1UdIwQY
MBaAFOsNU8hwcUhJca7f2Qym7MZWqW5MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNncxVHlIQnhTRWx4cnRfWkRLYnN4bGFwYmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81MDM0NTgtMWRjNC00MTAyLTk0Mjct
ZDYzOTgxODM1MjVkLzEvNE5oU08xU3J4aDBRY0lJR091Qlc0Y0NzS1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81MDM0NTgtMWRjNC00MTAyLTk0MjctZDYzOTgxODM1MjVk
LzEvNncxVHlIQnhTRWx4cnRfWkRLYnN4bGFwYmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwKYIMA0E
AgACMAcDBQMqDHrAMA0GCSqGSIb3DQEBCwUAA4IBAQCsI37EjYJDa/tGdmOZ03Uh
3VKNwyvhmb0PL2Gzakv2n7w6KxW+nEkBRZz2oAT/UVhdOtlx0Ly9kqXuijvJg7RQ
0AvkHejUKiUofUbyinyOz1IJk/EDoyt6L3NJRrm0QkAlRgBeV+hHH382/2s0kf4p
fELKLeRb4pNXcvaxrRU+z5FedD5xsJ3ULiUeCGrRi8pV2UX0p8oKTLdwp2HL27WB
8ysNnmS2CwWD/XUMqi9ndkCp6hFQJzYkoFIZoL65cZUQhSGttqn62ICuk2WximJt
mJEso0KcMqz2qeP4g9FI0nhzflpGxWqmxO1098PhxeLQdV0Gzo9VLwEpu8mU/OiV
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:45:12 2024 by rpki-client on console-fra.rpki-client.org